Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Om0A_Y4V93eYHEWKewTSSh66a8s.roa
File: Om0A_Y4V93eYHEWKewTSSh66a8s.roa (raw, json)
Hash identifier: VzubKu2Eca/1Pz624rupeY9xKBYmcglaDRZqv2Wly70=
Subject key identifier: 3A:6D:00:FD:8E:15:F7:77:98:1C:45:8A:7B:04:D2:4A:1E:BA:6B:CB
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 01887B466A3A65A0F70CA71A860ED5CBB78D
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Om0A_Y4V93eYHEWKewTSSh66a8s.roa
Signing time: Fri 02 Jun 2023 08:43:12 +0000
ROA not before: Fri 02 Jun 2023 08:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2000::/44 maxlen: 56
Validation: Failed, certificate revoked on Mon 26 Jun 2023 11:44:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:46:6a:3a:65:a0:f7:0c:a7:1a:86:0e:d5:cb:b7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jun 2 08:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6d00fd8e15f777981c458a7b04d24a1eba6bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:56:2f:fa:42:57:da:d1:8a:0a:e5:8d:62:fc:
9f:b1:e3:29:52:90:4d:7d:75:a4:2e:93:5b:96:47:
21:ae:86:89:5a:9c:6c:2c:3b:3c:7b:88:e2:dc:d8:
de:f6:52:d9:17:69:23:b5:16:d6:8a:b1:15:0f:bd:
10:6d:02:b0:ff:61:48:29:ca:69:15:85:fb:2b:d0:
f8:fe:a2:1c:1c:19:66:ce:60:7a:46:71:83:dd:eb:
e4:02:72:52:21:13:de:f7:e9:81:25:a0:2a:3e:37:
c7:36:b1:ff:bb:4d:3d:df:c4:7c:de:12:b3:fa:50:
9b:3d:a5:87:cf:e0:c6:27:fd:1f:e6:62:80:4b:80:
c7:13:a0:12:39:0e:d9:bc:18:97:50:8d:16:a2:a1:
88:d5:74:57:10:b9:55:39:91:2c:ec:dd:63:aa:20:
ec:f0:a4:c2:66:2e:fb:ef:b9:02:45:0c:ee:2c:c8:
e9:8d:1d:20:05:77:62:d0:d9:33:ff:63:ef:7d:2e:
92:49:88:02:1e:e4:1e:e8:f8:82:b4:4a:6b:cc:b7:
49:cc:8e:93:c5:b4:82:85:9d:c7:d1:ce:95:64:9b:
a4:b7:c1:2f:e7:fe:69:4a:21:e3:de:c1:c7:80:f8:
9a:34:10:40:d8:85:b2:5e:40:82:cc:e2:cd:e4:8e:
44:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6D:00:FD:8E:15:F7:77:98:1C:45:8A:7B:04:D2:4A:1E:BA:6B:CB
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/Om0A_Y4V93eYHEWKewTSSh66a8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2400::/40
Signature Algorithm: sha256WithRSAEncryption
15:98:ba:8b:6b:40:f6:80:05:15:6b:8f:73:52:41:d2:d3:21:
d5:80:c0:ca:c9:8c:bf:7a:68:f5:85:a0:fd:ab:c5:50:a6:15:
4c:7d:b3:25:b8:a0:23:24:fb:6a:ee:2d:38:ab:c0:03:76:36:
37:00:98:75:01:d2:10:9e:79:88:d3:e2:df:69:c3:e7:b7:cd:
9c:1e:18:d1:84:08:c8:2f:8d:88:41:16:33:3b:a5:06:0b:e1:
39:04:53:0b:bc:42:a9:99:ac:2a:57:ae:73:3e:e9:b0:a2:e5:
50:27:bc:8d:68:a0:e1:91:7a:8b:57:83:81:22:96:af:86:ba:
17:9c:79:64:4f:48:fc:c6:34:e6:50:64:7a:e2:1c:4c:7e:95:
f3:d4:b2:dd:b2:e6:5f:e7:03:cb:27:e2:62:7d:0b:1b:e1:89:
8a:82:b3:3d:57:be:67:69:6f:a0:dc:15:79:7f:29:06:3a:f9:
ad:3a:fc:f7:78:e1:1c:0e:d5:a8:a0:9c:5a:8e:d9:40:47:fe:
7d:3a:f1:ba:4b:83:f9:8d:a0:d1:ed:6c:46:4d:67:67:39:97:
f5:99:a1:00:08:a7:e5:4a:ab:1b:67:0e:96:ef:df:69:ca:11:
a0:f7:7d:c9:a5:68:1a:fe:41:93:3a:83:e0:34:73:73:61:61:
6a:61:f3:fe
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYh7Rmo6ZaD3DKcahg7Vy7eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjMwNjAyMDg0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZkMDBmZDhlMTVmNzc3OTgxYzQ1OGE3YjA0ZDI0YTFlYmE2YmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVYv+kJX2tGKCuWNYvyfseMpUpBN
fXWkLpNblkchroaJWpxsLDs8e4ji3Nje9lLZF2kjtRbWirEVD70QbQKw/2FIKcpp
FYX7K9D4/qIcHBlmzmB6RnGD3evkAnJSIRPe9+mBJaAqPjfHNrH/u00938R83hKz
+lCbPaWHz+DGJ/0f5mKAS4DHE6ASOQ7ZvBiXUI0WoqGI1XRXELlVOZEs7N1jqiDs
8KTCZi7777kCRQzuLMjpjR0gBXdi0Nkz/2PvfS6SSYgCHuQe6PiCtEprzLdJzI6T
xbSChZ3H0c6VZJukt8Ev5/5pSiHj3sHHgPiaNBBA2IWyXkCCzOLN5I5E1QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFDptAP2OFfd3mBxFinsE0koeumvLMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvT20wQV9ZNFY5M2VZSEVXS2V3VFNTaDY2YThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcEKgBLwCAA
AwYAKgBLwCEDBgAqAEvAJDANBgkqhkiG9w0BAQsFAAOCAQEAFZi6i2tA9oAFFWuP
c1JB0tMh1YDAysmMv3po9YWg/avFUKYVTH2zJbigIyT7au4tOKvAA3Y2NwCYdQHS
EJ55iNPi32nD57fNnB4Y0YQIyC+NiEEWMzulBgvhOQRTC7xCqZmsKleucz7psKLl
UCe8jWig4ZF6i1eDgSKWr4a6F5x5ZE9I/MY05lBkeuIcTH6V89Sy3bLmX+cDyyfi
Yn0LG+GJioKzPVe+Z2lvoNwVeX8pBjr5rTr893jhHA7VqKCcWo7ZQEf+fTrxukuD
+Y2g0e1sRk1nZzmX9ZmhAAin5UqrG2cOlu/facoRoPd9yaVoGv5BkzqD4DRzc2Fh
amHz/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org