Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/uswJI45KgEtKktV55KfcFdLLs4E.roa
File: uswJI45KgEtKktV55KfcFdLLs4E.roa (raw, json)
Hash identifier: Gxj4iAMXvru+JXscv6BOOYg5k5S8lH6SsgEIKGjTVZc=
Subject key identifier: BA:CC:09:23:8E:4A:80:4B:4A:92:D5:79:E4:A7:DC:15:D2:CB:B3:81
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018570B0654589ABAAD5B95350D6527A6742
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/uswJI45KgEtKktV55KfcFdLLs4E.roa
Signing time: Mon 02 Jan 2023 04:14:46 +0000
ROA not before: Mon 02 Jan 2023 04:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203638
IP address blocks: 2a05:b0c6:500::/48 maxlen: 48
2a05:b0c6:5ec::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:65:45:89:ab:aa:d5:b9:53:50:d6:52:7a:67:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 04:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bacc09238e4a804b4a92d579e4a7dc15d2cbb381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4b:02:23:ac:0d:df:2d:0f:1c:1a:82:df:ef:
90:30:12:61:3d:4f:73:9b:69:c1:40:76:5a:76:b6:
ac:6e:ba:73:7e:d9:b9:ed:f0:f6:48:22:c3:92:b8:
15:1b:84:4c:87:e1:62:84:57:7e:11:5c:80:a1:36:
88:15:df:f1:0a:32:77:db:37:b5:10:2a:32:3e:0c:
8b:24:38:d7:7d:20:3b:82:bb:4a:4d:9a:88:36:89:
54:05:1e:22:ac:a2:e9:81:a1:c1:fd:0b:3d:c9:81:
77:0d:f8:e7:aa:cf:c2:27:50:f9:c8:0c:71:f6:94:
ff:a7:1f:d2:e5:8e:a7:2a:53:0a:e7:76:2d:1e:11:
49:25:77:e6:85:20:b7:92:4b:05:81:42:e4:01:57:
a9:73:83:ea:68:ad:da:af:6e:5c:ae:a4:88:ff:af:
20:da:a1:a7:1c:07:68:12:e9:9a:c7:37:96:80:d3:
53:cd:0d:03:69:3c:0b:25:8b:5f:d5:47:fe:16:84:
78:e6:3c:98:35:5c:de:d1:e1:7d:d4:e5:24:e6:ad:
ef:d1:8c:08:ee:c1:6c:26:9c:d7:c6:70:bc:74:46:
78:b3:dc:92:3d:df:1d:c0:50:b4:40:93:d6:35:00:
c7:b2:5e:c6:f5:ef:0e:87:d1:a1:1c:d1:ed:2f:23:
41:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CC:09:23:8E:4A:80:4B:4A:92:D5:79:E4:A7:DC:15:D2:CB:B3:81
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/uswJI45KgEtKktV55KfcFdLLs4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:500::/48
2a05:b0c6:5ec::/48
Signature Algorithm: sha256WithRSAEncryption
88:6a:47:23:11:6c:db:d6:70:f6:c1:b7:c1:a6:d5:80:c5:15:
2c:13:10:f0:be:a1:37:e5:8d:ce:b6:c9:e6:43:f8:e4:2e:08:
70:06:ba:0a:41:80:9a:3c:40:5a:28:25:df:ff:34:46:93:05:
b7:7f:d6:34:d0:80:3a:bd:ed:41:52:47:f6:28:a7:53:1e:78:
23:3a:ad:f4:6a:a3:db:b2:20:5f:11:5b:38:e8:6d:0c:3b:a7:
80:f7:aa:9d:02:df:d8:ba:22:f4:0f:95:92:6c:fe:55:ed:9e:
be:b0:b9:b8:40:d9:4f:41:16:38:6d:2f:fd:83:63:b3:14:10:
15:48:7f:02:0a:eb:9e:56:9c:58:4c:58:b7:c9:0a:68:f7:cc:
50:50:78:16:e3:74:f9:d0:d4:03:16:93:25:e9:a8:54:9d:dd:
8b:11:9c:91:80:08:96:e7:4f:38:b4:90:2c:03:d8:4d:4e:ce:
81:08:82:f2:c2:32:eb:f4:5c:2e:ba:5f:27:d0:9e:cf:51:71:
50:a6:f1:30:21:66:9a:75:2b:f5:be:e0:3c:35:f0:0e:cc:7c:
fc:69:60:8f:f9:c8:38:53:09:8d:20:50:f2:16:1d:3e:3b:43:
c4:5a:9f:b3:61:3a:ff:a0:20:27:13:ef:cd:2d:a7:14:8f:ab:
13:fb:6a:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwsGVFiauq1blTUNZSemdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjMwMTAyMDQxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNjMDkyMzhlNGE4MDRiNGE5MmQ1NzllNGE3ZGMxNWQyY2JiMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0sCI6wN3y0PHBqC3++QMBJhPU9z
m2nBQHZadrasbrpzftm57fD2SCLDkrgVG4RMh+FihFd+EVyAoTaIFd/xCjJ32ze1
ECoyPgyLJDjXfSA7grtKTZqINolUBR4irKLpgaHB/Qs9yYF3Dfjnqs/CJ1D5yAxx
9pT/px/S5Y6nKlMK53YtHhFJJXfmhSC3kksFgULkAVepc4PqaK3ar25crqSI/68g
2qGnHAdoEumaxzeWgNNTzQ0DaTwLJYtf1Uf+FoR45jyYNVze0eF91OUk5q3v0YwI
7sFsJpzXxnC8dEZ4s9ySPd8dwFC0QJPWNQDHsl7G9e8Oh9GhHNHtLyNBGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrMCSOOSoBLSpLVeeSn3BXSy7OBMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvdXN3Skk0NUtnRXRLa3RWNTVLZmNGZExMczRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWwxgUA
AwcAKgWwxgXsMA0GCSqGSIb3DQEBCwUAA4IBAQCIakcjEWzb1nD2wbfBptWAxRUs
ExDwvqE35Y3OtsnmQ/jkLghwBroKQYCaPEBaKCXf/zRGkwW3f9Y00IA6ve1BUkf2
KKdTHngjOq30aqPbsiBfEVs46G0MO6eA96qdAt/YuiL0D5WSbP5V7Z6+sLm4QNlP
QRY4bS/9g2OzFBAVSH8CCuueVpxYTFi3yQpo98xQUHgW43T50NQDFpMl6ahUnd2L
EZyRgAiW5084tJAsA9hNTs6BCILywjLr9Fwuul8n0J7PUXFQpvEwIWaadSv1vuA8
NfAOzHz8aWCP+cg4UwmNIFDyFh0+O0PEWp+zYTr/oCAnE+/NLacUj6sT+2pW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:17 2024 by rpki-client on console-ams.rpki-client.org