Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/RfOMp-3l8uvyyfhPo3UbGcj7V4w.roa
File: RfOMp-3l8uvyyfhPo3UbGcj7V4w.roa (raw, json)
Hash identifier: 8OuzXeJJoKZbIuJiY1KrZsHtb6rPBznE08J7MBxYw4U=
Subject key identifier: 45:F3:8C:A7:ED:E5:F2:EB:F2:C9:F8:4F:A3:75:1B:19:C8:FB:57:8C
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018CC3B66EB307AA4208A66693EA079793B8
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/RfOMp-3l8uvyyfhPo3UbGcj7V4w.roa
Signing time: Mon 01 Jan 2024 06:29:22 +0000
ROA not before: Mon 01 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210107
IP address blocks: 2a06:e902::/32 maxlen: 32
2a06:e900::/32 maxlen: 32
2a06:e906::/32 maxlen: 32
2a06:e901::/32 maxlen: 32
2a06:e905::/32 maxlen: 32
2a06:e903::/32 maxlen: 32
2a06:e907::/32 maxlen: 32
2a06:e904::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:20:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:6e:b3:07:aa:42:08:a6:66:93:ea:07:97:93:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Jan 1 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45f38ca7ede5f2ebf2c9f84fa3751b19c8fb578c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:15:6d:e8:33:c5:b4:0a:bb:89:d6:ca:35:
d5:3c:e2:5f:dc:7c:d6:ba:d0:b8:ce:41:4e:27:22:
93:a5:69:ba:c8:cc:ba:00:ac:5d:8f:e8:d2:d5:4e:
50:8d:7c:45:0e:9c:55:7b:c0:0b:4c:4e:11:47:80:
0f:bb:4b:90:06:dd:6b:3b:a5:99:22:2c:5f:15:f3:
9b:8d:c5:81:00:79:1d:d8:a3:51:04:92:aa:f9:34:
66:b3:10:3f:48:31:62:ee:ab:3e:04:49:08:6c:e5:
5d:69:0b:8b:30:c0:3b:fd:a6:e1:40:ed:b9:e3:8d:
28:2d:9b:86:e4:b5:ed:7d:70:ef:62:8b:22:6c:e8:
f6:16:5d:aa:0e:c4:fa:82:cd:bc:2d:03:84:e7:81:
29:d7:4c:04:b5:b0:93:c2:7e:1f:46:1c:51:7a:cc:
fe:e9:07:ef:80:2f:af:90:8a:97:f8:fb:8d:82:13:
ff:cc:8e:9a:52:61:3b:79:69:32:b6:7b:fb:52:ce:
a7:78:cb:bb:91:6d:0a:d8:61:a7:ee:0f:de:5f:83:
eb:ec:1b:47:a0:1e:64:a8:88:47:e3:eb:cd:bd:56:
cd:9e:e0:4c:4d:10:ea:2b:e9:73:3e:a5:1e:78:1b:
73:60:5e:42:14:86:56:c3:96:a3:67:d6:a4:11:bd:
b2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F3:8C:A7:ED:E5:F2:EB:F2:C9:F8:4F:A3:75:1B:19:C8:FB:57:8C
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/RfOMp-3l8uvyyfhPo3UbGcj7V4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e900::/29
Signature Algorithm: sha256WithRSAEncryption
15:8b:ba:c5:3b:e6:3c:09:8c:69:41:a9:85:03:c3:b5:33:fa:
f1:c0:38:d3:6a:49:c7:12:29:da:d1:c8:96:8a:4b:da:b5:0a:
c5:38:9f:a6:f5:82:71:7e:45:59:fc:75:c9:54:78:fd:d3:0e:
ab:cb:41:07:7c:94:86:39:18:b9:86:79:b1:e4:dc:8c:df:0c:
e2:62:24:39:20:36:41:a7:41:ab:db:f2:4e:85:ac:9a:f1:0e:
cf:f6:cf:24:99:97:12:b6:4c:f4:f3:be:89:32:ec:89:31:55:
c3:df:96:1d:cc:c1:f4:3c:a8:2b:66:45:71:e3:df:7f:18:f0:
15:4c:82:89:72:8e:0a:26:88:e5:5e:05:2f:5f:3e:df:a9:29:
44:87:cd:39:97:c8:8b:a6:a8:92:ec:a7:d4:64:90:9c:72:cf:
1a:a5:78:6d:88:db:b0:5c:a0:e2:e7:f9:c8:8d:fb:ab:2d:e9:
77:d7:c6:3d:35:3c:ec:84:1f:66:cd:4e:dc:fa:7c:0e:1b:84:
bf:c6:a0:b2:60:1a:13:45:15:12:ce:8a:95:e3:37:14:8d:e0:
95:83:44:c0:99:54:5e:97:cb:87:7b:e1:b5:81:7b:18:4f:c6:
69:be:a9:32:4b:69:da:2e:58:61:ca:40:d9:45:84:30:2a:a3:
5e:1a:ea:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtm6zB6pCCKZmk+oHl5O4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMTAxMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYzOGNhN2VkZTVmMmViZjJjOWY4NGZhMzc1MWIxOWM4ZmI1NzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRcVbegzxbQKu4nWyjXVPOJf3HzW
utC4zkFOJyKTpWm6yMy6AKxdj+jS1U5QjXxFDpxVe8ALTE4RR4APu0uQBt1rO6WZ
IixfFfObjcWBAHkd2KNRBJKq+TRmsxA/SDFi7qs+BEkIbOVdaQuLMMA7/abhQO25
440oLZuG5LXtfXDvYosibOj2Fl2qDsT6gs28LQOE54Ep10wEtbCTwn4fRhxResz+
6QfvgC+vkIqX+PuNghP/zI6aUmE7eWkytnv7Us6neMu7kW0K2GGn7g/eX4Pr7BtH
oB5kqIhH4+vNvVbNnuBMTRDqK+lzPqUeeBtzYF5CFIZWw5ajZ9akEb2y+wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEXzjKft5fLr8sn4T6N1GxnI+1eMMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvUmZPTXAtM2w4dXZ5eWZoUG8zVWJHY2o3VjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbpADAN
BgkqhkiG9w0BAQsFAAOCAQEAFYu6xTvmPAmMaUGphQPDtTP68cA402pJxxIp2tHI
lopL2rUKxTifpvWCcX5FWfx1yVR4/dMOq8tBB3yUhjkYuYZ5seTcjN8M4mIkOSA2
QadBq9vyToWsmvEOz/bPJJmXErZM9PO+iTLsiTFVw9+WHczB9DyoK2ZFcePffxjw
FUyCiXKOCiaI5V4FL18+36kpRIfNOZfIi6aokuyn1GSQnHLPGqV4bYjbsFyg4uf5
yI37qy3pd9fGPTU87IQfZs1O3Pp8DhuEv8agsmAaE0UVEs6KleM3FI3glYNEwJlU
XpfLh3vhtYF7GE/Gab6pMktp2i5YYcpA2UWEMCqjXhrq7Q==
-----END CERTIFICATE-----
Generated at Tue Jan 9 15:36:43 2024 by rpki-client on console-fra.rpki-client.org