Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dbT0yLWJ2ToBUzCbM3orKDwziOo.roa
File: dbT0yLWJ2ToBUzCbM3orKDwziOo.roa (raw, json)
Hash identifier: PbJZneolKVHKl6OKDc/Q+CJ0V5aEdVt0OSSqCkT1k1E=
Subject key identifier: 75:B4:F4:C8:B5:89:D9:3A:01:53:30:9B:33:7A:2B:28:3C:33:88:EA
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018570B0680EE3FAB08F5364A4F1899BFD3D
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dbT0yLWJ2ToBUzCbM3orKDwziOo.roa
Signing time: Mon 02 Jan 2023 04:14:47 +0000
ROA not before: Mon 02 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210842
IP address blocks: 2a05:b0c2::/36 maxlen: 36
2a05:b0c2:1000::/36 maxlen: 36
2a05:b0c2::/35 maxlen: 35
Validation: Failed, certificate revoked on Thu 02 Nov 2023 19:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:68:0e:e3:fa:b0:8f:53:64:a4:f1:89:9b:fd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b4f4c8b589d93a0153309b337a2b283c3388ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6d:fd:33:14:0c:6e:92:cc:9a:d4:12:ec:af:
71:62:bd:d0:17:3c:09:ef:44:a9:e7:c7:0b:f9:83:
46:c1:cd:fd:99:7b:67:4f:4c:a1:d5:19:8a:ad:eb:
a7:5e:05:6c:de:72:da:2e:3a:70:ad:fc:b3:18:37:
03:09:69:52:4f:db:ec:60:c0:0b:76:74:c8:06:a7:
0d:07:c6:5f:b7:06:b5:16:cc:00:87:4c:34:c0:6d:
40:94:b3:34:78:8f:09:8a:82:ea:31:ff:5e:c9:74:
4c:b6:34:24:28:be:57:cf:fd:f0:01:ba:aa:ae:4c:
7a:df:af:39:7a:53:4b:8c:f8:d2:d4:2c:b1:2d:70:
2f:fe:3e:71:dc:96:e8:40:69:12:eb:5a:63:49:87:
c9:a9:52:e7:bc:51:86:8c:36:f2:8a:cb:2f:b5:1f:
27:dd:e4:89:ce:ac:04:44:eb:c1:59:d6:93:6f:af:
5c:ef:30:64:27:11:24:d0:7b:4e:c8:d6:2b:35:aa:
7c:ae:2f:44:43:96:17:54:f3:68:53:08:da:56:75:
15:58:c4:2b:88:34:59:e7:c5:7a:a1:da:cc:c0:b3:
02:d0:23:5e:75:c7:15:d3:4b:12:36:68:52:68:f3:
d5:f5:e0:73:a5:27:ed:43:5b:86:7f:58:fb:9b:d9:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B4:F4:C8:B5:89:D9:3A:01:53:30:9B:33:7A:2B:28:3C:33:88:EA
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/dbT0yLWJ2ToBUzCbM3orKDwziOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c2::/35
Signature Algorithm: sha256WithRSAEncryption
93:52:4c:90:0d:fd:dc:3f:99:b4:ee:ff:1d:a3:65:0c:7c:47:
47:de:9f:81:8f:0a:1b:82:57:eb:34:dd:0b:4b:89:b3:e1:c4:
5a:fc:41:8e:c2:9a:1c:7d:8a:bb:9d:33:28:27:93:50:56:5b:
37:38:60:8d:0d:83:56:12:ca:7e:81:2f:07:ef:07:d9:9f:b7:
be:51:ea:6c:14:83:49:22:de:65:4d:e5:ad:fe:15:59:ae:00:
33:51:c5:2a:1c:ed:e8:2a:4f:80:84:78:95:bd:ba:04:9b:f5:
9d:69:ad:fb:33:98:ba:15:ed:28:f0:8d:90:8e:a3:07:da:42:
b2:b1:b5:17:a8:b4:29:26:5a:94:f7:23:a8:2d:c3:ab:7d:18:
9d:27:ba:64:73:63:92:d0:7d:a1:8a:d2:47:a8:a3:06:52:c9:
4f:c7:e1:4d:e5:8b:27:82:3c:f8:6d:3c:82:41:19:20:46:59:
d5:b0:4f:39:8d:4f:c2:48:64:57:6d:32:1e:b2:e0:3a:15:42:
7a:bf:c8:66:19:62:c6:ec:bd:87:b7:cd:1e:c6:0d:06:b5:48:
d0:92:ee:f9:d3:e4:ce:b7:0b:cc:b0:b0:79:d8:b8:ff:b0:89:
06:0a:66:98:e9:9d:f2:73:b3:4c:bd:f5:96:16:c1:6f:9d:8a:
c7:22:36:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwsGgO4/qwj1NkpPGJm/09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI0ZjRjOGI1ODlkOTNhMDE1MzMwOWIzMzdhMmIyODNjMzM4OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW39MxQMbpLMmtQS7K9xYr3QFzwJ
70Sp58cL+YNGwc39mXtnT0yh1RmKreunXgVs3nLaLjpwrfyzGDcDCWlST9vsYMAL
dnTIBqcNB8Zftwa1FswAh0w0wG1AlLM0eI8JioLqMf9eyXRMtjQkKL5Xz/3wAbqq
rkx63685elNLjPjS1CyxLXAv/j5x3JboQGkS61pjSYfJqVLnvFGGjDbyissvtR8n
3eSJzqwEROvBWdaTb69c7zBkJxEk0HtOyNYrNap8ri9EQ5YXVPNoUwjaVnUVWMQr
iDRZ58V6odrMwLMC0CNedccV00sSNmhSaPPV9eBzpSftQ1uGf1j7m9lEUQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHW09Mi1idk6AVMwmzN6Kyg8M4jqMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvZGJUMHlMV0oyVG9CVXpDYk0zb3JLRHd6aU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgWwwgAw
DQYJKoZIhvcNAQELBQADggEBAJNSTJAN/dw/mbTu/x2jZQx8R0fen4GPChuCV+s0
3QtLibPhxFr8QY7Cmhx9irudMygnk1BWWzc4YI0Ng1YSyn6BLwfvB9mft75R6mwU
g0ki3mVN5a3+FVmuADNRxSoc7egqT4CEeJW9ugSb9Z1prfszmLoV7SjwjZCOowfa
QrKxtReotCkmWpT3I6gtw6t9GJ0numRzY5LQfaGK0keoowZSyU/H4U3liyeCPPht
PIJBGSBGWdWwTzmNT8JIZFdtMh6y4DoVQnq/yGYZYsbsvYe3zR7GDQa1SNCS7vnT
5M63C8ywsHnYuP+wiQYKZpjpnfJzs0y99ZYWwW+disciNn0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:17 2024 by rpki-client on console-ams.rpki-client.org