Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/DUg86X53W5I0aRWgjGQvpUlloBk.roa
File: DUg86X53W5I0aRWgjGQvpUlloBk.roa (raw, json)
Hash identifier: Z3UdH2oJK3lNhCNuEzrqCPRZTELj7sP2OmPoW4mWmcs=
Subject key identifier: 0D:48:3C:E9:7E:77:5B:92:34:69:15:A0:8C:64:2F:A5:49:65:A0:19
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 01857283748E5FA834A3A34717C6AB5C7FFF
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/DUg86X53W5I0aRWgjGQvpUlloBk.roa
Signing time: Mon 02 Jan 2023 12:44:55 +0000
ROA not before: Mon 02 Jan 2023 12:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60993
IP address blocks: 128.0.57.0/24 maxlen: 24
128.0.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:74:8e:5f:a8:34:a3:a3:47:17:c6:ab:5c:7f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Jan 2 12:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d483ce97e775b92346915a08c642fa54965a019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3f:00:a6:5f:b6:46:ff:4e:a3:b6:e7:21:6b:
b5:a1:ad:c1:37:5f:82:36:ad:79:e6:b9:07:6f:e5:
fa:df:ed:fb:1e:f8:d4:86:76:04:16:00:5e:5f:52:
13:c7:da:94:6a:15:ea:00:9d:3c:b9:d0:dc:d3:fb:
f5:a5:df:42:5a:5e:79:ab:58:06:88:19:96:cc:f3:
e8:ec:25:96:12:5c:d9:84:f1:48:dc:ae:03:96:b5:
2d:e0:ed:56:27:d6:75:43:b5:cc:05:c3:e7:21:20:
2e:70:83:9a:ce:6b:15:17:92:e6:af:dd:bc:70:90:
04:0d:00:4b:4a:75:23:48:01:bb:34:b9:32:7b:39:
94:32:36:0e:7a:07:22:ca:3c:bc:25:84:b8:70:03:
23:57:2b:16:e1:33:13:78:fb:98:e4:b7:8a:1c:97:
a1:ca:0c:3c:32:e8:ee:e4:70:a2:83:d9:78:77:e1:
7c:d4:89:08:33:79:ac:6b:5a:86:8a:f0:59:05:df:
3e:af:cb:e1:4f:81:75:30:27:3d:dd:ae:8d:68:6c:
b1:74:cf:9e:9b:8e:91:6e:03:9d:2e:29:be:9c:43:
c9:2c:5d:97:f3:b2:4b:e6:8d:ae:a4:f6:d8:2d:3e:
33:1f:7f:38:b1:2e:24:6f:c7:fb:90:23:6e:72:9e:
d6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:48:3C:E9:7E:77:5B:92:34:69:15:A0:8C:64:2F:A5:49:65:A0:19
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/DUg86X53W5I0aRWgjGQvpUlloBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.53.0/24
128.0.57.0/24
Signature Algorithm: sha256WithRSAEncryption
69:44:bb:62:bf:16:a7:f7:58:94:be:7b:25:94:d9:90:d8:4f:
1f:66:c1:41:e2:bd:d2:20:54:ed:0f:a4:a3:be:48:32:40:23:
b4:0f:f5:03:da:c3:f5:c2:46:e9:36:7c:f0:0f:d1:a8:22:3e:
c6:d5:59:2d:38:9c:b0:70:e5:93:19:84:e4:29:7f:c2:92:81:
17:cb:1a:dd:c2:33:71:c7:47:fb:bd:52:26:b7:c8:d3:91:8e:
09:34:ac:f0:17:d6:2e:0e:4a:4d:b8:8b:2e:55:52:b0:d1:8b:
9a:38:72:79:33:07:73:7b:a7:05:2d:e5:da:ed:c0:f2:d9:8d:
77:7f:6d:bf:38:e4:62:81:3b:cf:3e:b1:ee:1b:25:60:f8:4e:
9e:e7:50:f4:4e:2f:9b:40:e5:ff:3c:45:13:7b:0a:c6:eb:2a:
e9:76:83:f5:40:fe:f4:7d:39:d5:3f:5c:74:ea:e7:b7:80:34:
33:fb:63:05:17:44:ec:e6:4a:81:5d:61:49:6e:2e:ac:6c:9d:
99:7e:a7:f9:f1:b4:9c:f0:b6:ce:8e:81:ed:4e:05:af:31:48:
17:19:c2:2c:1b:2a:ca:29:e0:f6:7c:ef:7d:92:46:e9:08:fb:
ec:1a:43:8f:d5:bb:77:b3:2b:29:a5:1b:1e:10:70:d8:6b:40:
c3:2e:e3:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg3SOX6g0o6NHF8arXH//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOGM2YzU4YjYwN2ZmMjNhZTcxNzVhNjE2ODJjNzU0ODBm
MWUyMTQwHhcNMjMwMTAyMTI0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ4M2NlOTdlNzc1YjkyMzQ2OTE1YTA4YzY0MmZhNTQ5NjVhMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz8Apl+2Rv9Oo7bnIWu1oa3BN1+C
Nq155rkHb+X63+37HvjUhnYEFgBeX1ITx9qUahXqAJ08udDc0/v1pd9CWl55q1gG
iBmWzPPo7CWWElzZhPFI3K4DlrUt4O1WJ9Z1Q7XMBcPnISAucIOazmsVF5Lmr928
cJAEDQBLSnUjSAG7NLkyezmUMjYOegciyjy8JYS4cAMjVysW4TMTePuY5LeKHJeh
ygw8Muju5HCig9l4d+F81IkIM3msa1qGivBZBd8+r8vhT4F1MCc93a6NaGyxdM+e
m46RbgOdLim+nEPJLF2X87JL5o2upPbYLT4zH384sS4kb8f7kCNucp7WbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA1IPOl+d1uSNGkVoIxkL6VJZaAZMB8GA1UdIwQY
MBaAFKuMbFi2B/8jrnF1phaCx1SA8eIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2Mt
ODhhM2M0MWZhZWUyLzEvRFVnODZYNTNXNUkwYVJXZ2pHUXZwVWxsb0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZmI4ZWUtYzVjNC00NDY3LWEwY2MtODhhM2M0MWZhZWUy
LzEvcTR4c1dMWUhfeU91Y1hXbUZvTEhWSUR4NGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgAA1AwQA
gAA5MA0GCSqGSIb3DQEBCwUAA4IBAQBpRLtivxan91iUvnsllNmQ2E8fZsFB4r3S
IFTtD6SjvkgyQCO0D/UD2sP1wkbpNnzwD9GoIj7G1VktOJywcOWTGYTkKX/CkoEX
yxrdwjNxx0f7vVImt8jTkY4JNKzwF9YuDkpNuIsuVVKw0YuaOHJ5Mwdze6cFLeXa
7cDy2Y13f22/OORigTvPPrHuGyVg+E6e51D0Ti+bQOX/PEUTewrG6yrpdoP1QP70
fTnVP1x06ue3gDQz+2MFF0Ts5kqBXWFJbi6sbJ2Zfqf58bSc8LbOjoHtTgWvMUgX
GcIsGyrKKeD2fO99kkbpCPvsGkOP1bt3sysppRseEHDYa0DDLuOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:35 2024 by rpki-client on console-ams.rpki-client.org