Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_5QqtTPH0akU277OVwSyokA_Opk.roa
File: _5QqtTPH0akU277OVwSyokA_Opk.roa (raw, json)
Hash identifier: IvWdxPMPBi3c7dACnljJLZ9ozCbWJNNsoVrpaLuXUUU=
Subject key identifier: FF:94:2A:B5:33:C7:D1:A9:14:DB:BE:CE:57:04:B2:A2:40:3F:3A:99
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018CC348974CA6F8DD1E2E0DBC2168660FC8
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_5QqtTPH0akU277OVwSyokA_Opk.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31004
IP address blocks: 2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2100::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 14:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:97:4c:a6:f8:dd:1e:2e:0d:bc:21:68:66:0f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff942ab533c7d1a914dbbece5704b2a2403f3a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3a:a6:c1:21:56:63:8c:80:c0:d7:93:7d:77:
53:f9:f0:c3:60:c3:18:ce:35:ad:86:08:93:a7:91:
01:11:a2:24:75:65:a5:ca:8c:58:99:90:06:20:50:
8f:19:db:c0:89:d0:ba:e3:05:dc:d5:52:9c:e5:83:
e7:8c:07:52:fd:d3:d9:07:23:8d:ac:ad:ac:74:3e:
86:9b:aa:18:b7:91:e9:8b:f2:78:5c:15:1c:6a:7d:
bd:f9:14:89:ea:42:e8:40:6f:66:b4:81:cb:19:c4:
bc:b9:27:1f:1d:b1:8f:58:81:75:27:1c:b3:16:6b:
81:64:6c:57:e4:46:b3:a4:26:cc:cf:9f:e7:b3:db:
39:0d:9b:d0:25:fa:39:77:c1:88:77:4b:03:95:4a:
21:c9:e4:5b:97:ce:83:ab:37:bc:d7:c0:8e:43:a9:
72:7d:41:f4:7f:29:ab:b7:1e:13:a3:74:28:16:8c:
07:41:a3:84:03:ec:8a:07:2f:67:c1:eb:8e:90:34:
c2:f5:72:c8:8d:5e:68:c0:81:a7:a9:28:29:e9:c7:
13:0f:0f:81:1c:9f:21:2e:94:45:7b:5a:76:23:46:
1b:3e:0b:52:70:37:8b:4b:73:d6:89:3d:d0:70:c7:
be:1a:d5:11:32:a5:b0:64:3b:04:f3:84:44:65:83:
51:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:94:2A:B5:33:C7:D1:A9:14:DB:BE:CE:57:04:B2:A2:40:3F:3A:99
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/_5QqtTPH0akU277OVwSyokA_Opk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:9d:bf:7a:ea:bc:10:45:74:93:00:86:de:73:b5:d8:7b:a2:
46:b2:28:32:6f:05:3e:1a:17:1d:00:37:0c:db:d5:6d:fb:16:
a7:a4:41:8c:7d:7a:36:c4:4d:f3:9b:1e:ac:6f:30:4c:3a:37:
b0:3a:20:29:72:44:cc:e4:83:73:21:d8:80:d5:84:f9:3c:db:
0d:b3:d9:f1:86:4e:36:1d:55:ec:43:2d:36:fd:fe:72:9d:be:
e1:7c:84:54:04:ae:fd:8a:cb:5f:ef:94:ad:9b:98:c9:9a:44:
cc:24:1b:a2:1f:d0:58:b0:4c:cd:f7:43:3b:bb:87:2c:73:dc:
b5:cc:ec:7e:ea:22:7a:22:b9:8a:9e:99:2f:ea:7b:24:a6:c3:
83:19:eb:83:ec:80:96:8c:93:60:3c:b6:13:4d:f1:e5:ac:16:
2c:f6:59:0b:57:64:3c:e7:0f:16:8d:d3:7b:85:92:ce:db:90:
d8:f8:ec:3f:28:87:f8:af:b2:c6:39:1d:57:a6:9b:0a:cd:9b:
b2:43:6d:a6:a6:c9:dc:df:02:1c:a5:8d:66:46:46:14:35:e6:
ec:16:e4:27:64:e5:80:8c:84:ef:f9:45:5b:fb:a4:a8:bc:75:
1d:ef:54:b0:51:ce:03:2f:74:d9:a8:51:de:2d:b2:94:5b:8e:
7c:b0:4a:9f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDSJdMpvjdHi4NvCFoZg/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjk0MmFiNTMzYzdkMWE5MTRkYmJlY2U1NzA0YjJhMjQwM2YzYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTqmwSFWY4yAwNeTfXdT+fDDYMMY
zjWthgiTp5EBEaIkdWWlyoxYmZAGIFCPGdvAidC64wXc1VKc5YPnjAdS/dPZByON
rK2sdD6Gm6oYt5Hpi/J4XBUcan29+RSJ6kLoQG9mtIHLGcS8uScfHbGPWIF1Jxyz
FmuBZGxX5EazpCbMz5/ns9s5DZvQJfo5d8GId0sDlUohyeRbl86Dqze818COQ6ly
fUH0fymrtx4To3QoFowHQaOEA+yKBy9nweuOkDTC9XLIjV5owIGnqSgp6ccTDw+B
HJ8hLpRFe1p2I0YbPgtScDeLS3PWiT3QcMe+GtURMqWwZDsE84REZYNRuwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFP+UKrUzx9GpFNu+zlcEsqJAPzqZMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvXzVRcXRUUEgwYWtVMjc3T1Z3U3lva0FfT3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcEKgBLwCAA
AwYAKgBLwCEwEAMGACoAS8AjAwYAKgBLwCQwDQYJKoZIhvcNAQELBQADggEBAGKd
v3rqvBBFdJMAht5ztdh7okayKDJvBT4aFx0ANwzb1W37FqekQYx9ejbETfObHqxv
MEw6N7A6IClyRMzkg3Mh2IDVhPk82w2z2fGGTjYdVexDLTb9/nKdvuF8hFQErv2K
y1/vlK2bmMmaRMwkG6If0FiwTM33Qzu7hyxz3LXM7H7qInoiuYqemS/qeySmw4MZ
64PsgJaMk2A8thNN8eWsFiz2WQtXZDznDxaN03uFks7bkNj47D8oh/ivssY5HVem
mwrNm7JDbaamydzfAhyljWZGRhQ15uwW5Cdk5YCMhO/5RVv7pKi8dR3vVLBRzgMv
dNmoUd4tspRbjnywSp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org