Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/3T0I08nbSoi7msAQyz3r7q1eOOQ.roa
File: 3T0I08nbSoi7msAQyz3r7q1eOOQ.roa (raw, json)
Hash identifier: lMjb3AOo6/0V5dUqGt2oOKhAROtlMhA3mRZ/Qu9ccg8=
Subject key identifier: DD:3D:08:D3:C9:DB:4A:88:BB:9A:C0:10:CB:3D:EB:EE:AD:5E:38:E4
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 018CC8DE39FE0EE221E219C5E66B75068E94
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/3T0I08nbSoi7msAQyz3r7q1eOOQ.roa
Signing time: Tue 02 Jan 2024 06:30:56 +0000
ROA not before: Tue 02 Jan 2024 06:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a04:5b81:2010::/44 maxlen: 48
2a04:5b81:2060::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 11:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:39:fe:0e:e2:21:e2:19:c5:e6:6b:75:06:8e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 06:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3d08d3c9db4a88bb9ac010cb3debeead5e38e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d7:f5:ff:a4:4d:de:b0:c5:be:74:fd:30:17:
45:df:73:43:59:b7:fc:1e:f8:9b:0d:b7:33:72:93:
4d:69:87:f6:40:2c:e4:12:39:5c:20:3c:ed:e3:8e:
00:81:81:48:bb:29:c6:e9:2f:49:4c:94:fd:80:e8:
e4:9e:84:6d:77:13:c9:0b:21:01:bb:7b:cb:16:20:
7d:10:d6:96:2e:dd:8e:a3:b0:b0:be:f4:e7:9e:cb:
07:57:eb:37:1d:7f:65:a2:bc:23:fb:68:9d:a3:8a:
51:ce:85:5e:68:2e:c7:a3:1e:15:ba:11:aa:ed:2c:
5c:f8:7f:50:98:ef:0d:cf:90:d9:6f:1d:c5:86:3c:
bf:5a:27:a4:e2:1d:6f:b8:4f:07:be:d5:68:58:d1:
21:7f:35:66:e6:b7:80:e8:ef:c5:06:05:83:24:01:
86:03:f6:18:6d:5c:10:68:95:85:71:33:d1:81:f1:
12:13:90:28:ee:68:07:61:ad:9a:5a:8e:4f:26:ed:
9e:70:92:2d:50:ec:49:95:3b:0a:79:9f:bb:3d:84:
91:10:83:10:6f:18:25:d3:c0:ef:12:57:ef:9f:cf:
43:99:a3:15:e1:91:51:6e:d3:6c:bf:05:56:2f:a9:
b5:7c:04:b3:96:a8:8f:ae:fb:17:34:52:c4:68:d4:
7e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3D:08:D3:C9:DB:4A:88:BB:9A:C0:10:CB:3D:EB:EE:AD:5E:38:E4
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/3T0I08nbSoi7msAQyz3r7q1eOOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:2010::/44
2a04:5b81:2060::/44
Signature Algorithm: sha256WithRSAEncryption
72:6f:17:11:d2:f2:26:8b:93:d1:e4:de:1a:4e:52:8b:57:cc:
b9:7f:38:f2:15:5c:a4:68:d9:c1:7b:15:4b:4d:74:14:f4:c3:
ec:dc:93:96:82:eb:e8:8c:38:2b:58:7d:48:a0:2a:a1:6b:f9:
f8:14:fa:bc:a8:61:42:5a:20:75:1e:5d:98:d7:5a:cb:ed:1b:
26:62:0f:3a:57:9d:27:4a:53:50:ca:e6:cf:7a:b8:ee:fb:c1:
04:97:42:8d:26:0b:35:cc:7b:2a:19:81:c8:22:55:ef:37:79:
55:b1:d9:58:8f:ab:7e:3a:d4:3a:a0:c7:63:67:76:12:e2:37:
48:8d:37:81:86:11:70:fb:e0:0d:2a:33:0a:97:02:91:4e:69:
a5:3a:75:0d:96:07:b6:0b:2d:99:9d:71:36:75:4a:f5:07:10:
4e:2b:54:c3:03:11:d7:88:8e:f5:e7:a9:1a:74:3a:3a:39:36:
71:a6:f5:95:f5:8e:74:da:7a:ce:65:78:27:d4:b1:0a:ab:0e:
84:cf:6b:d5:6e:d3:82:48:ec:80:72:0b:15:5c:3c:e5:3a:3f:
4a:58:cf:35:c7:57:54:a7:87:b3:0f:ad:5a:5d:f1:11:00:02:
69:46:55:e1:97:10:4a:34:e8:59:2a:7a:82:9e:dc:12:64:05:
e8:db:1f:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3jn+DuIh4hnF5mt1Bo6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNkMDhkM2M5ZGI0YTg4YmI5YWMwMTBjYjNkZWJlZWFkNWUzOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltf1/6RN3rDFvnT9MBdF33NDWbf8
HvibDbczcpNNaYf2QCzkEjlcIDzt444AgYFIuynG6S9JTJT9gOjknoRtdxPJCyEB
u3vLFiB9ENaWLt2Oo7CwvvTnnssHV+s3HX9lorwj+2ido4pRzoVeaC7Hox4VuhGq
7Sxc+H9QmO8Nz5DZbx3Fhjy/Wiek4h1vuE8HvtVoWNEhfzVm5reA6O/FBgWDJAGG
A/YYbVwQaJWFcTPRgfESE5Ao7mgHYa2aWo5PJu2ecJItUOxJlTsKeZ+7PYSREIMQ
bxgl08DvElfvn89DmaMV4ZFRbtNsvwVWL6m1fASzlqiPrvsXNFLEaNR+/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN09CNPJ20qIu5rAEMs96+6tXjjkMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvM1QwSTA4bmJTb2k3bXNBUXl6M3I3cTFlT09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgRbgSAQ
AwcEKgRbgSBgMA0GCSqGSIb3DQEBCwUAA4IBAQBybxcR0vImi5PR5N4aTlKLV8y5
fzjyFVykaNnBexVLTXQU9MPs3JOWguvojDgrWH1IoCqha/n4FPq8qGFCWiB1Hl2Y
11rL7RsmYg86V50nSlNQyubPerju+8EEl0KNJgs1zHsqGYHIIlXvN3lVsdlYj6t+
OtQ6oMdjZ3YS4jdIjTeBhhFw++ANKjMKlwKRTmmlOnUNlge2Cy2ZnXE2dUr1BxBO
K1TDAxHXiI7156kadDo6OTZxpvWV9Y502nrOZXgn1LEKqw6Ez2vVbtOCSOyAcgsV
XDzlOj9KWM81x1dUp4ezD61aXfERAAJpRlXhlxBKNOhZKnqCntwSZAXo2x8A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:54 2025 by rpki-client