Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/sHi9cUnVHH4Npn5mkCy-J9LGz7k.roa
File: sHi9cUnVHH4Npn5mkCy-J9LGz7k.roa (raw, json)
Hash identifier: BBRxmAlTQmzRzg8lpGHxZOkB6Z5i2uGrzNL2AkTFVng=
Subject key identifier: B0:78:BD:71:49:D5:1C:7E:0D:A6:7E:66:90:2C:BE:27:D2:C6:CF:B9
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018B9187793A73B7DC2100B07632739AEC0E
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/sHi9cUnVHH4Npn5mkCy-J9LGz7k.roa
Signing time: Thu 02 Nov 2023 19:34:16 +0000
ROA not before: Thu 02 Nov 2023 19:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205432
IP address blocks: 2a05:b0c6::/31 maxlen: 31
2a05:b0c6::/32 maxlen: 32
2a05:b0c6:400::/40 maxlen: 40
2a05:b0c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:87:79:3a:73:b7:dc:21:00:b0:76:32:73:9a:ec:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Nov 2 19:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b078bd7149d51c7e0da67e66902cbe27d2c6cfb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0d:38:74:e5:f2:67:70:71:4f:70:12:3f:85:
1e:18:e2:77:64:b7:0c:b1:f3:ab:0c:05:84:51:20:
10:52:8b:61:07:6a:21:2e:2d:53:d1:81:69:db:0e:
70:62:fa:1c:67:69:b0:c6:3d:97:79:00:50:98:e6:
95:00:98:28:08:d5:06:83:3c:cc:00:e0:44:c3:29:
d4:c4:e2:f6:59:56:84:00:6d:a0:d0:ee:e9:d9:a7:
a8:bf:cc:31:ec:de:ed:8a:58:b4:79:bf:a5:d6:96:
84:b7:75:b2:f0:a4:a4:3d:f5:f4:95:81:29:2a:48:
28:db:2e:a7:51:a8:9e:44:0b:12:6a:fc:03:83:9f:
8d:45:19:ef:0c:dd:2d:2c:c8:33:1e:d9:eb:e1:da:
68:64:59:da:61:61:94:8c:20:55:ef:df:94:74:dc:
7c:fc:2b:1f:f0:29:0e:40:3e:88:fc:a1:90:c7:aa:
ab:40:51:e8:8d:a3:a2:72:46:12:d2:13:a2:14:bd:
29:01:fb:51:bc:83:65:72:5c:24:34:f4:96:1d:20:
2b:b3:50:ed:cb:a1:3d:56:12:94:8a:40:4f:e4:27:
2b:a3:0d:4b:bb:83:d1:f3:13:cc:c3:f8:9b:ba:2e:
6c:bf:9e:30:e3:ca:7f:60:23:41:84:f0:10:8e:48:
1d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:78:BD:71:49:D5:1C:7E:0D:A6:7E:66:90:2C:BE:27:D2:C6:CF:B9
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/sHi9cUnVHH4Npn5mkCy-J9LGz7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6::/31
Signature Algorithm: sha256WithRSAEncryption
8a:c4:cd:a6:58:05:f6:2f:9b:65:d2:b8:d2:19:01:30:45:92:
24:e6:66:7b:c8:41:88:4a:e7:35:ff:cf:ef:51:a3:b5:37:19:
0f:8f:76:3c:19:6d:78:07:02:19:5d:63:3e:12:cf:af:b0:f2:
7c:06:43:d4:96:9d:bc:8b:6e:4e:db:10:af:c1:9a:f7:e0:41:
d6:ac:ed:0d:6f:10:29:e0:7d:06:e7:26:fb:1f:2d:da:64:93:
57:dd:68:94:45:e2:47:4d:48:80:51:9a:4d:9b:a9:86:7b:42:
3a:98:ca:34:c6:74:72:5a:af:bd:d7:cd:0e:ff:4e:9b:51:be:
29:7d:e6:70:88:f0:04:fc:67:13:b8:97:99:68:ce:e2:91:6b:
31:16:44:7e:71:44:46:0e:c3:6d:a2:88:3a:c5:a8:69:49:92:
84:f3:4f:c1:7e:2b:45:bd:5a:43:99:32:10:d9:68:a5:22:c3:
66:ed:d8:06:68:97:ee:34:49:cb:df:5f:3b:ad:e8:e8:9e:ac:
89:53:3c:c1:77:be:82:05:92:01:b6:34:27:a8:fe:a5:75:2a:
28:5b:ef:8d:72:86:a9:8e:46:18:c1:48:15:84:7a:81:c6:fb:
46:80:ac:a6:28:b6:6f:77:a5:ed:e4:71:28:f5:11:2d:ee:e1:
3d:d4:a9:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuRh3k6c7fcIQCwdjJzmuwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMxMTAyMTkzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc4YmQ3MTQ5ZDUxYzdlMGRhNjdlNjY5MDJjYmUyN2QyYzZjZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw04dOXyZ3BxT3ASP4UeGOJ3ZLcM
sfOrDAWEUSAQUothB2ohLi1T0YFp2w5wYvocZ2mwxj2XeQBQmOaVAJgoCNUGgzzM
AOBEwynUxOL2WVaEAG2g0O7p2aeov8wx7N7tili0eb+l1paEt3Wy8KSkPfX0lYEp
Kkgo2y6nUaieRAsSavwDg5+NRRnvDN0tLMgzHtnr4dpoZFnaYWGUjCBV79+UdNx8
/Csf8CkOQD6I/KGQx6qrQFHojaOickYS0hOiFL0pAftRvINlclwkNPSWHSArs1Dt
y6E9VhKUikBP5Ccrow1Lu4PR8xPMw/ibui5sv54w48p/YCNBhPAQjkgdoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLB4vXFJ1Rx+DaZ+ZpAsvifSxs+5MB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvc0hpOWNVblZISDROcG41bWtDeS1KOUxHejdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgWwxjAN
BgkqhkiG9w0BAQsFAAOCAQEAisTNplgF9i+bZdK40hkBMEWSJOZme8hBiErnNf/P
71GjtTcZD492PBlteAcCGV1jPhLPr7DyfAZD1JadvItuTtsQr8Ga9+BB1qztDW8Q
KeB9Bucm+x8t2mSTV91olEXiR01IgFGaTZuphntCOpjKNMZ0clqvvdfNDv9Om1G+
KX3mcIjwBPxnE7iXmWjO4pFrMRZEfnFERg7DbaKIOsWoaUmShPNPwX4rRb1aQ5ky
ENlopSLDZu3YBmiX7jRJy99fO63o6J6siVM8wXe+ggWSAbY0J6j+pXUqKFvvjXKG
qY5GGMFIFYR6gcb7RoCspii2b3el7eRxKPURLe7hPdSpmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:21 2024 by rpki-client on console-fra.rpki-client.org