Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/01c7c0-e700-418e-9207-91160bb4c659/1/IhHM0We0RXruI1RvZ0Bb71D5rNA.roa
File: IhHM0We0RXruI1RvZ0Bb71D5rNA.roa (raw, json)
Hash identifier: rBLf2bOfZl0rnE81N8ggjGnaTgqf2TtOIbcxj5UKBsY=
Subject key identifier: 22:11:CC:D1:67:B4:45:7A:EE:23:54:6F:67:40:5B:EF:50:F9:AC:D0
Certificate issuer: /CN=8e7aee3559fcc31bfed77eece8b7479c8e856a5b
Certificate serial: 01856EAFE0E2E91BB1855F21FBF660D743AF
Authority key identifier: 8E:7A:EE:35:59:FC:C3:1B:FE:D7:7E:EC:E8:B7:47:9C:8E:85:6A:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnruNVn8wxv-137s6LdHnI6Fals.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/01c7c0-e700-418e-9207-91160bb4c659/1/IhHM0We0RXruI1RvZ0Bb71D5rNA.roa
Signing time: Sun 01 Jan 2023 18:54:58 +0000
ROA not before: Sun 01 Jan 2023 18:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57166
IP address blocks: 2001:678:918::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:e0:e2:e9:1b:b1:85:5f:21:fb:f6:60:d7:43:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e7aee3559fcc31bfed77eece8b7479c8e856a5b
Validity
Not Before: Jan 1 18:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2211ccd167b4457aee23546f67405bef50f9acd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b8:f0:90:2d:0b:14:34:dd:5a:39:a9:50:46:
77:87:51:e6:96:f9:b9:0a:7f:32:0b:cf:3c:6a:79:
b0:28:1c:aa:04:78:4f:fc:5e:30:a3:5e:34:45:ce:
c7:c2:b3:fe:10:53:a4:25:41:42:c6:6c:08:07:ae:
08:f1:32:9c:1d:53:d1:ee:3f:40:f0:16:99:b5:07:
59:f5:d3:53:ee:36:03:98:a3:cd:92:3f:c4:9a:bc:
67:64:33:bb:f5:17:1b:61:0a:e0:8d:a0:d5:f8:ae:
e5:cc:e8:e9:0d:a5:8e:49:62:96:83:cc:09:77:e0:
a6:97:6b:ad:75:b0:2a:dd:7d:3e:ec:40:30:47:eb:
94:bb:a8:45:c5:bf:23:3d:74:a8:a4:f4:70:2f:27:
ea:2f:a4:be:58:89:91:f8:cc:e9:3f:9f:66:be:21:
40:ab:24:59:8d:82:9f:8e:d9:1a:09:a6:3c:9e:68:
8b:ad:90:01:1e:18:d1:11:07:47:22:8d:3b:b1:ae:
a5:72:5f:80:f8:84:43:ae:a6:f6:41:2a:03:d1:b0:
bb:de:c4:22:8c:17:94:df:a4:24:5a:53:0b:a1:df:
ef:b7:70:68:cf:e4:33:e5:ba:5b:21:7b:4e:e1:0f:
25:06:28:d3:33:14:8c:fb:c5:17:4f:46:03:67:74:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:11:CC:D1:67:B4:45:7A:EE:23:54:6F:67:40:5B:EF:50:F9:AC:D0
X509v3 Authority Key Identifier:
keyid:8E:7A:EE:35:59:FC:C3:1B:FE:D7:7E:EC:E8:B7:47:9C:8E:85:6A:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnruNVn8wxv-137s6LdHnI6Fals.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/01c7c0-e700-418e-9207-91160bb4c659/1/IhHM0We0RXruI1RvZ0Bb71D5rNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/01c7c0-e700-418e-9207-91160bb4c659/1/jnruNVn8wxv-137s6LdHnI6Fals.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:918::/48
Signature Algorithm: sha256WithRSAEncryption
79:7f:85:37:f8:51:14:72:82:65:53:5a:c4:43:6b:fc:e3:02:
df:0f:60:15:39:18:eb:f6:b9:a7:4f:1a:4b:72:07:96:08:1c:
6d:5a:9d:0a:dc:38:60:3b:a1:b8:59:59:23:8d:3b:fe:8a:6f:
ad:8e:f4:60:dc:3d:c0:78:f1:f9:ae:e7:7d:fd:31:09:8a:22:
2d:89:00:b7:22:4e:d8:2f:1b:45:3c:14:a8:a5:b9:51:58:46:
49:c8:bb:0a:50:a6:97:1c:6a:6f:7a:45:d3:e8:62:b7:9b:5e:
0e:1e:93:97:14:ea:59:2a:2e:2b:c0:2b:2e:ab:cd:b9:f6:41:
9e:c1:55:e0:3b:3a:41:59:42:cb:4f:f7:36:a0:c2:6b:af:ce:
c5:5f:6d:82:ba:ed:61:3a:0a:66:34:7d:2b:15:c0:02:df:97:
94:a8:72:2f:ad:a4:93:15:80:0c:b5:3c:13:6c:fc:b7:a8:a2:
c6:9f:08:06:58:07:1e:c4:0d:28:0e:dd:17:ad:e3:86:4d:07:
0b:89:05:f9:03:72:2f:b0:e2:59:bc:42:bc:8c:d4:e9:91:ca:
1a:0a:44:00:29:fa:80:31:4b:39:5a:cd:d2:6d:22:2e:27:f0:
bf:9d:90:0f:3d:ea:0d:c7:a4:9f:85:aa:33:34:4f:13:b4:3f:
b2:96:a3:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVur+Di6RuxhV8h+/Zg10OvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlN2FlZTM1NTlmY2MzMWJmZWQ3N2VlY2U4Yjc0NzljOGU4
NTZhNWIwHhcNMjMwMTAxMTg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjExY2NkMTY3YjQ0NTdhZWUyMzU0NmY2NzQwNWJlZjUwZjlhY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLjwkC0LFDTdWjmpUEZ3h1Hmlvm5
Cn8yC888anmwKByqBHhP/F4wo140Rc7HwrP+EFOkJUFCxmwIB64I8TKcHVPR7j9A
8BaZtQdZ9dNT7jYDmKPNkj/EmrxnZDO79RcbYQrgjaDV+K7lzOjpDaWOSWKWg8wJ
d+Cml2utdbAq3X0+7EAwR+uUu6hFxb8jPXSopPRwLyfqL6S+WImR+MzpP59mviFA
qyRZjYKfjtkaCaY8nmiLrZABHhjREQdHIo07sa6lcl+A+IRDrqb2QSoD0bC73sQi
jBeU36QkWlMLod/vt3Boz+Qz5bpbIXtO4Q8lBijTMxSM+8UXT0YDZ3TRUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCIRzNFntEV67iNUb2dAW+9Q+azQMB8GA1UdIwQY
MBaAFI567jVZ/MMb/td+7Oi3R5yOhWpbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5ydU5Wbjh3eHYtMTM3czZMZEhuSTZGYWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wMWM3YzAtZTcwMC00MThlLTkyMDct
OTExNjBiYjRjNjU5LzEvSWhITTBXZTBSWHJ1STFSdlowQmI3MUQ1ck5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wMWM3YzAtZTcwMC00MThlLTkyMDctOTExNjBiYjRjNjU5
LzEvam5ydU5Wbjh3eHYtMTM3czZMZEhuSTZGYWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAkY
MA0GCSqGSIb3DQEBCwUAA4IBAQB5f4U3+FEUcoJlU1rEQ2v84wLfD2AVORjr9rmn
TxpLcgeWCBxtWp0K3DhgO6G4WVkjjTv+im+tjvRg3D3AePH5rud9/TEJiiItiQC3
Ik7YLxtFPBSopblRWEZJyLsKUKaXHGpvekXT6GK3m14OHpOXFOpZKi4rwCsuq825
9kGewVXgOzpBWULLT/c2oMJrr87FX22Cuu1hOgpmNH0rFcAC35eUqHIvraSTFYAM
tTwTbPy3qKLGnwgGWAcexA0oDt0XreOGTQcLiQX5A3IvsOJZvEK8jNTpkcoaCkQA
KfqAMUs5Ws3SbSIuJ/C/nZAPPeoNx6SfhaozNE8TtD+ylqMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:21 2024 by rpki-client on console-ams.rpki-client.org