Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/SKiuxPovUJfP5b7TJT1g_9xQ_ps.roa
File: SKiuxPovUJfP5b7TJT1g_9xQ_ps.roa (raw, json)
Hash identifier: MuJMasMJJVzKEQymJMU3QPm0BcgsBVA5GOe8f5ZSlJc=
Subject key identifier: 48:A8:AE:C4:FA:2F:50:97:CF:E5:BE:D3:25:3D:60:FF:DC:50:FE:9B
Certificate issuer: /CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Certificate serial: 01856E78D0F5115EA9EAFA27F771F71B9625
Authority key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/SKiuxPovUJfP5b7TJT1g_9xQ_ps.roa
Signing time: Sun 01 Jan 2023 17:54:49 +0000
ROA not before: Sun 01 Jan 2023 17:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41289
IP address blocks: 141.38.0.0/16 maxlen: 16
141.38.12.0/24 maxlen: 24
2001:67c:1364::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d0:f5:11:5e:a9:ea:fa:27:f7:71:f7:1b:96:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Validity
Not Before: Jan 1 17:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48a8aec4fa2f5097cfe5bed3253d60ffdc50fe9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:af:1f:e8:3b:d4:bd:4e:ec:ba:e5:ca:3f:52:
4f:fb:19:60:4f:a9:7d:95:a2:13:54:78:a8:d8:03:
fa:35:4d:76:d1:64:04:81:69:6b:5f:70:11:84:50:
e3:87:90:d8:c1:d7:59:38:fe:de:19:03:cc:0c:c7:
d2:28:5b:ab:2a:86:c2:21:38:81:d1:17:1a:a6:12:
eb:50:92:33:86:40:eb:da:1d:8a:e2:ea:a3:b1:6b:
52:54:be:67:f6:94:90:10:50:7b:f9:4e:93:0e:78:
ea:26:8c:4c:d5:c3:7f:dd:1c:72:b7:c4:48:a0:91:
14:cc:60:cb:b4:5a:b9:b6:2b:99:3c:8f:b7:12:68:
51:0f:21:73:90:53:a4:2f:22:87:45:48:83:0c:e2:
86:92:cf:49:7a:3e:c1:78:90:8c:df:48:2d:3e:82:
2c:75:70:d2:c1:26:4b:6d:40:f6:00:c9:64:9d:d6:
41:70:f1:a7:25:d6:42:ef:6f:14:ca:4f:af:25:f6:
b0:fb:bd:07:5d:22:52:eb:9d:b9:79:cf:b8:44:8e:
f4:86:b5:3f:88:c2:bd:e6:2d:32:90:56:5f:aa:8a:
6e:76:4a:ff:86:e2:d4:d0:e9:50:0d:c1:99:0c:41:
26:c4:d0:bd:fb:9b:25:49:a0:cd:b0:c5:a6:5d:83:
1f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A8:AE:C4:FA:2F:50:97:CF:E5:BE:D3:25:3D:60:FF:DC:50:FE:9B
X509v3 Authority Key Identifier:
keyid:42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/SKiuxPovUJfP5b7TJT1g_9xQ_ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.38.0.0/16
IPv6:
2001:67c:1364::/48
Signature Algorithm: sha256WithRSAEncryption
7f:b4:96:43:cd:53:fd:64:34:b8:ba:38:9f:5a:89:81:13:dd:
6b:3e:b6:42:da:34:35:e5:6a:63:c0:e4:47:94:6c:e6:02:f2:
6f:2f:34:58:9d:eb:2b:05:69:70:69:3e:84:43:92:c3:8c:e6:
e6:c1:86:14:a5:2c:75:4c:f3:fc:61:2c:81:96:3f:79:c5:a3:
94:34:7b:a6:78:b8:50:af:ed:c7:05:d1:27:99:40:76:18:0d:
ae:3c:0a:9d:d2:8e:ee:6a:14:bc:78:93:73:c6:2d:5b:00:11:
4a:86:58:52:c7:e4:de:b6:d9:c9:55:f7:30:f6:93:f9:a1:8a:
aa:76:4e:af:47:72:92:45:30:a2:a2:b9:ae:a2:c1:fe:b4:cd:
5d:41:e7:e9:38:33:7c:b5:cf:c0:f2:e1:56:13:55:09:89:37:
c2:9f:22:ee:de:41:be:d0:77:54:f4:b2:40:23:5a:b6:ed:2d:
aa:d7:9e:a1:2e:4d:b3:94:82:3f:c9:c5:d4:8e:cc:ba:28:62:
2c:ff:16:45:1b:35:c0:ac:34:33:20:a0:b4:7e:f5:e9:8f:be:
2a:09:da:e7:b7:43:37:b1:52:5c:dc:9f:70:d9:a7:a0:82:0b:
2b:df:21:e3:1a:2b:75:47:35:4d:9f:81:db:28:d0:e6:b1:f8:
b9:40:e3:bc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVueND1EV6p6von93H3G5YlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZkMWEzYTAyNThkY2NhNjdmYzlkZGRiZjRlMzYxNTdl
NmE3MTYwHhcNMjMwMTAxMTc1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE4YWVjNGZhMmY1MDk3Y2ZlNWJlZDMyNTNkNjBmZmRjNTBmZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK8f6DvUvU7suuXKP1JP+xlgT6l9
laITVHio2AP6NU120WQEgWlrX3ARhFDjh5DYwddZOP7eGQPMDMfSKFurKobCITiB
0RcaphLrUJIzhkDr2h2K4uqjsWtSVL5n9pSQEFB7+U6TDnjqJoxM1cN/3Rxyt8RI
oJEUzGDLtFq5tiuZPI+3EmhRDyFzkFOkLyKHRUiDDOKGks9Jej7BeJCM30gtPoIs
dXDSwSZLbUD2AMlkndZBcPGnJdZC728Uyk+vJfaw+70HXSJS6525ec+4RI70hrU/
iMK95i0ykFZfqopudkr/huLU0OlQDcGZDEEmxNC9+5slSaDNsMWmXYMf7wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEiorsT6L1CXz+W+0yU9YP/cUP6bMB8GA1UdIwQY
MBaAFEJP0aOgJY3Mpn/J3dv042FX5qcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2Njct
NzQ3YjBlNTdhYjVlLzEvU0tpdXhQb3ZVSmZQNWI3VEpUMWdfOXhRX3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2NjctNzQ3YjBlNTdhYjVl
LzEvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAjSYwDwQC
AAIwCQMHACABBnwTZDANBgkqhkiG9w0BAQsFAAOCAQEAf7SWQ81T/WQ0uLo4n1qJ
gRPdaz62Qto0NeVqY8DkR5Rs5gLyby80WJ3rKwVpcGk+hEOSw4zm5sGGFKUsdUzz
/GEsgZY/ecWjlDR7pni4UK/txwXRJ5lAdhgNrjwKndKO7moUvHiTc8YtWwARSoZY
Usfk3rbZyVX3MPaT+aGKqnZOr0dykkUwoqK5rqLB/rTNXUHn6TgzfLXPwPLhVhNV
CYk3wp8i7t5BvtB3VPSyQCNatu0tqteeoS5Ns5SCP8nF1I7MuihiLP8WRRs1wKw0
MyCgtH716Y++Kgna57dDN7FSXNyfcNmnoIILK98h4xordUc1TZ+B2yjQ5rH4uUDj
vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:47 2024 by rpki-client on console-fra.rpki-client.org