Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/oCi6hQrXiUzEbv9MqbWkfdnVUsY.roa
File: oCi6hQrXiUzEbv9MqbWkfdnVUsY.roa (raw, json)
Hash identifier: FwS5IYf/gAwROcuEr39ngyNaxLDp/vk1cmAcL8o0FRA=
Subject key identifier: A0:28:BA:85:0A:D7:89:4C:C4:6E:FF:4C:A9:B5:A4:7D:D9:D5:52:C6
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018BBEE2D026890D5F2EA8DCDBA805FEE692
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/oCi6hQrXiUzEbv9MqbWkfdnVUsY.roa
Signing time: Sat 11 Nov 2023 14:56:57 +0000
ROA not before: Sat 11 Nov 2023 14:56:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:f184::/32 maxlen: 32
2a0a:f583::/32 maxlen: 32
2a11:8f86::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:be:e2:d0:26:89:0d:5f:2e:a8:dc:db:a8:05:fe:e6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Nov 11 14:56:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a028ba850ad7894cc46eff4ca9b5a47dd9d552c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:6f:11:3f:66:27:cb:e7:70:a9:64:4d:f3:
32:92:49:7d:6c:79:d1:a2:4d:ec:7e:eb:3a:16:1e:
2a:63:84:fe:f0:9a:77:b7:e0:86:05:4c:a9:7c:24:
c3:c7:f7:fe:ac:dd:27:ab:71:09:f0:55:38:30:0b:
e3:0d:f6:5c:1a:b8:34:d2:55:07:c1:e3:85:a8:f5:
6a:89:17:98:d4:5f:f2:6a:19:ac:84:5d:32:de:a2:
54:89:42:9c:43:cb:73:61:bc:2d:4e:1f:f6:25:bc:
68:07:b1:b7:fc:a8:10:ce:0b:1e:ae:6c:66:64:ee:
0a:16:d0:17:f5:21:4a:4a:3a:d2:a2:25:a4:3b:74:
c2:a3:20:64:09:e7:03:f7:68:a3:ef:e0:26:45:b2:
86:b3:b5:09:b6:c1:4d:3f:55:2b:54:31:62:83:79:
15:bd:d0:c5:82:6f:28:ec:d4:38:81:82:69:04:ea:
10:14:13:5c:cd:ec:70:4f:ba:d3:67:8e:53:c8:5e:
18:9c:5b:48:56:1f:02:7e:93:a6:e5:ea:5b:05:36:
2a:1f:57:72:84:9f:a1:3f:ec:36:94:0b:1f:58:41:
0f:03:7d:3a:17:ec:b5:e9:e1:54:c2:b2:13:4d:61:
25:5d:72:0c:11:65:e3:67:77:d8:bc:ef:f2:89:6c:
c5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:28:BA:85:0A:D7:89:4C:C4:6E:FF:4C:A9:B5:A4:7D:D9:D5:52:C6
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/oCi6hQrXiUzEbv9MqbWkfdnVUsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:f583::/32
2a11:8f86::/32
2a11:f184::/32
Signature Algorithm: sha256WithRSAEncryption
47:6d:f3:fa:e3:66:68:05:db:43:0c:60:19:ad:90:81:86:46:
21:e4:e2:59:77:8c:8d:9a:a5:0e:6f:2a:6e:6d:5d:c2:18:eb:
4f:a5:47:b6:10:9e:8e:72:4e:2f:4b:09:6e:31:fa:ff:89:b5:
23:a0:73:fe:ba:6b:a1:09:51:d1:c5:2e:1d:71:d8:81:8e:21:
1c:e8:c4:ae:9d:a5:fe:6b:a9:17:ad:29:7c:c0:a7:ba:49:b5:
1d:83:00:2d:98:6e:4d:c2:80:f0:d5:76:1b:4b:16:e9:fe:21:
6e:61:88:60:59:c0:9b:97:a8:9a:23:d5:ba:47:3f:0f:54:0e:
8b:00:e5:bd:b5:ce:0e:94:e0:8c:5c:a4:02:35:c6:3e:05:3d:
a6:83:d3:80:0e:14:10:04:9e:e0:0f:06:ae:04:c6:d9:5a:31:
67:de:85:ca:05:f6:3b:8d:6b:cb:fb:c1:56:ea:f9:ea:02:6f:
82:39:00:f3:cf:af:79:95:a8:d1:b6:66:26:b3:77:90:62:ad:
7d:ae:6f:a3:ab:06:0e:d6:7d:4a:46:4f:9c:af:bb:aa:ef:cf:
87:99:8d:b3:d2:99:53:57:71:07:e3:f2:15:08:21:4b:97:31:
54:a1:5d:a3:e0:7f:cd:a0:ad:d8:e4:83:05:3e:c8:06:e8:2a:
b6:f8:e4:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu+4tAmiQ1fLqjc26gF/uaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjMxMTExMTQ1NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI4YmE4NTBhZDc4OTRjYzQ2ZWZmNGNhOWI1YTQ3ZGQ5ZDU1MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNtvET9mJ8vncKlkTfMykkl9bHnR
ok3sfus6Fh4qY4T+8Jp3t+CGBUypfCTDx/f+rN0nq3EJ8FU4MAvjDfZcGrg00lUH
weOFqPVqiReY1F/yahmshF0y3qJUiUKcQ8tzYbwtTh/2JbxoB7G3/KgQzgsermxm
ZO4KFtAX9SFKSjrSoiWkO3TCoyBkCecD92ij7+AmRbKGs7UJtsFNP1UrVDFig3kV
vdDFgm8o7NQ4gYJpBOoQFBNczexwT7rTZ45TyF4YnFtIVh8CfpOm5epbBTYqH1dy
hJ+hP+w2lAsfWEEPA306F+y16eFUwrITTWElXXIMEWXjZ3fYvO/yiWzFHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKAouoUK14lMxG7/TKm1pH3Z1VLGMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvb0NpNmhRclhpVXpFYnY5TXFiV2tmZG5WVXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgr1gwMF
ACoRj4YDBQAqEfGEMA0GCSqGSIb3DQEBCwUAA4IBAQBHbfP642ZoBdtDDGAZrZCB
hkYh5OJZd4yNmqUObypubV3CGOtPpUe2EJ6Ock4vSwluMfr/ibUjoHP+umuhCVHR
xS4dcdiBjiEc6MSunaX+a6kXrSl8wKe6SbUdgwAtmG5NwoDw1XYbSxbp/iFuYYhg
WcCbl6iaI9W6Rz8PVA6LAOW9tc4OlOCMXKQCNcY+BT2mg9OADhQQBJ7gDwauBMbZ
WjFn3oXKBfY7jWvL+8FW6vnqAm+COQDzz695lajRtmYms3eQYq19rm+jqwYO1n1K
Rk+cr7uq78+HmY2z0plTV3EH4/IVCCFLlzFUoV2j4H/NoK3Y5IMFPsgG6Cq2+OQi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org