Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/x0soZqyvSB13L0Ra4kaGq5LkCCs.roa
File: x0soZqyvSB13L0Ra4kaGq5LkCCs.roa (raw, json)
Hash identifier: nGAmwrChzaQJPhTM1gkuR69MFaX3VOqX/0S2gE8Bghg=
Subject key identifier: C7:4B:28:66:AC:AF:48:1D:77:2F:44:5A:E2:46:86:AB:92:E4:08:2B
Certificate issuer: /CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
Certificate serial: 0186A70F922FF17755AC06627E352706640D
Authority key identifier: BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/x0soZqyvSB13L0Ra4kaGq5LkCCs.roa
Signing time: Fri 03 Mar 2023 10:41:00 +0000
ROA not before: Fri 03 Mar 2023 10:41:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2001:678:934::/48 maxlen: 48
2001:67c:bf0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:0f:92:2f:f1:77:55:ac:06:62:7e:35:27:06:64:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
Validity
Not Before: Mar 3 10:41:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c74b2866acaf481d772f445ae24686ab92e4082b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5d:dc:0a:17:32:30:77:b0:a1:a8:5b:a0:77:
12:86:7e:b6:80:bc:b3:70:45:6f:ae:27:11:7a:54:
39:ff:63:55:2f:81:20:d0:0a:29:46:26:e6:cd:8f:
28:5c:bc:d7:0d:d3:ec:5a:77:b1:ce:3a:b9:26:94:
0c:d1:28:ce:82:85:89:ba:5d:d8:01:cc:60:ee:d4:
de:92:f1:8f:5f:13:cb:71:22:47:12:65:e4:b9:47:
d3:f7:82:c7:21:8e:f2:6f:f5:2e:8a:56:7e:e1:7d:
24:e3:11:dd:e5:c9:41:76:df:22:f7:05:af:5a:8f:
9c:2c:b4:99:39:41:01:e5:b8:24:97:a9:1a:ba:d0:
28:38:fb:50:db:c5:65:65:7e:b9:bb:e8:7c:39:2c:
ad:ca:5f:b0:25:bd:9d:40:e4:40:83:da:53:38:34:
ca:7c:6b:ba:59:f5:75:c3:32:ad:27:34:03:f1:db:
e5:a7:27:2f:57:0f:25:f7:25:f0:40:ec:42:23:24:
09:fa:91:71:75:bc:53:fe:c7:4f:9f:fa:fb:c8:6c:
7e:e2:1f:a8:db:96:cc:3f:ee:d6:58:9b:91:cd:3c:
ba:01:03:f6:d1:a9:7f:d6:3e:1b:62:e9:f6:d5:8b:
ef:9b:26:49:ac:51:11:42:6c:40:83:53:25:61:50:
ac:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4B:28:66:AC:AF:48:1D:77:2F:44:5A:E2:46:86:AB:92:E4:08:2B
X509v3 Authority Key Identifier:
keyid:BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/x0soZqyvSB13L0Ra4kaGq5LkCCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/vj908rbk4o6f9so8yjpdeMosrWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:934::/48
2001:67c:bf0::/48
Signature Algorithm: sha256WithRSAEncryption
6c:f3:00:99:70:12:7c:c9:12:0d:df:a3:fe:d7:00:4a:8b:67:
02:09:85:5d:6c:97:b4:93:58:85:3d:b9:64:97:b8:a4:f4:93:
02:e5:ac:33:34:06:7f:76:8a:28:9e:8b:3b:a4:d6:80:d4:02:
2f:bf:67:ad:fe:44:49:71:db:ed:d1:d1:79:f5:47:57:0f:23:
86:40:68:e4:7f:9d:21:bb:28:cc:7f:cb:36:6b:08:13:21:47:
b6:01:2f:3d:84:9b:33:98:a7:4d:f3:31:b7:1b:5a:6b:77:1c:
77:df:21:8a:e4:4a:30:81:a3:27:e7:e2:f4:18:20:3b:ef:54:
cd:a8:0d:6d:20:23:1b:0a:d5:1d:ca:ac:ee:16:1a:79:20:92:
93:90:4b:d6:a5:98:68:af:b2:c3:6a:f4:6b:eb:1c:c3:59:da:
66:e8:09:25:be:73:a7:d8:77:26:13:3f:11:78:ea:f9:2d:71:
f2:f0:d6:c9:c2:26:81:c9:0f:b3:f5:6b:f6:14:c8:5f:9c:d0:
3c:5f:be:85:8f:da:d5:a8:56:97:05:65:ad:68:bb:35:05:03:
3c:2e:0b:9d:82:0b:67:41:f5:8d:20:7a:07:2b:5d:36:cd:89:
47:14:f8:41:65:57:1f:35:8b:12:ad:08:ef:de:94:58:c1:39:
d6:08:a1:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYanD5Iv8XdVrAZifjUnBmQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlM2Y3NGYyYjZlNGUyOGU5ZmY2Y2EzY2NhM2E1ZDc4Y2Ey
Y2FkNmEwHhcNMjMwMzAzMTA0MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzRiMjg2NmFjYWY0ODFkNzcyZjQ0NWFlMjQ2ODZhYjkyZTQwODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF3cChcyMHewoahboHcShn62gLyz
cEVvricRelQ5/2NVL4Eg0AopRibmzY8oXLzXDdPsWnexzjq5JpQM0SjOgoWJul3Y
Acxg7tTekvGPXxPLcSJHEmXkuUfT94LHIY7yb/UuilZ+4X0k4xHd5clBdt8i9wWv
Wo+cLLSZOUEB5bgkl6kautAoOPtQ28VlZX65u+h8OSytyl+wJb2dQORAg9pTODTK
fGu6WfV1wzKtJzQD8dvlpycvVw8l9yXwQOxCIyQJ+pFxdbxT/sdPn/r7yGx+4h+o
25bMP+7WWJuRzTy6AQP20al/1j4bYun21YvvmyZJrFERQmxAg1MlYVCsoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMdLKGasr0gddy9EWuJGhquS5AgrMB8GA1UdIwQY
MBaAFL4/dPK25OKOn/bKPMo6XXjKLK1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzIt
ZDA5OTYxN2JlYjU2LzEveDBzb1pxeXZTQjEzTDBSYTRrYUdxNUxrQ0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzItZDA5OTYxN2JlYjU2
LzEvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAk0
AwcAIAEGfAvwMA0GCSqGSIb3DQEBCwUAA4IBAQBs8wCZcBJ8yRIN36P+1wBKi2cC
CYVdbJe0k1iFPblkl7ik9JMC5awzNAZ/dooonos7pNaA1AIvv2et/kRJcdvt0dF5
9UdXDyOGQGjkf50huyjMf8s2awgTIUe2AS89hJszmKdN8zG3G1prdxx33yGK5Eow
gaMn5+L0GCA771TNqA1tICMbCtUdyqzuFhp5IJKTkEvWpZhor7LDavRr6xzDWdpm
6AklvnOn2HcmEz8ReOr5LXHy8NbJwiaByQ+z9Wv2FMhfnNA8X76Fj9rVqFaXBWWt
aLs1BQM8LgudggtnQfWNIHoHK102zYlHFPhBZVcfNYsSrQjv3pRYwTnWCKF+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:01 2024 by rpki-client on console-ams.rpki-client.org