Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/dvrUtpKOlkVI7AyHpY-fHS9Rl-Q.roa
File: dvrUtpKOlkVI7AyHpY-fHS9Rl-Q.roa (raw, json)
Hash identifier: 4a3XPMVrhsBNR7P0hkL4j5kg0413H75AFH+5rZJIp5c=
Subject key identifier: 76:FA:D4:B6:92:8E:96:45:48:EC:0C:87:A5:8F:9F:1D:2F:51:97:E4
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 018A08DE5B17B471537FFCE98972A43BD069
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/dvrUtpKOlkVI7AyHpY-fHS9Rl-Q.roa
Signing time: Fri 18 Aug 2023 13:38:24 +0000
ROA not before: Fri 18 Aug 2023 13:38:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25542
IP address blocks: 2001:16e8::/32 maxlen: 48
2a02:728::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Sep 2023 11:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:de:5b:17:b4:71:53:7f:fc:e9:89:72:a4:3b:d0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Aug 18 13:38:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76fad4b6928e964548ec0c87a58f9f1d2f5197e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:74:e8:ab:08:56:18:4b:db:ca:ec:10:76:f3:
be:ae:7e:44:5c:35:a1:d9:59:fe:a3:08:c4:bf:dc:
dc:34:70:92:55:d4:3e:31:1d:1a:32:6d:53:fa:e1:
d6:66:d8:39:e4:33:60:b3:53:10:7f:61:30:0c:67:
10:fd:68:cf:07:ea:5f:7b:b2:2a:9e:d3:45:fb:db:
7e:d1:4f:f3:a2:50:5e:22:68:f7:16:2f:5f:21:43:
86:75:67:40:00:b3:b6:65:8e:b4:71:4d:59:3a:30:
57:a3:15:0c:4d:85:67:2f:fc:f7:6b:0a:5e:c4:81:
e6:41:92:1d:fc:2b:3b:2e:5e:dd:81:48:44:42:ce:
4a:76:b5:23:87:07:1f:ca:da:34:c2:df:32:c8:85:
09:b2:3e:26:52:43:f9:c7:6c:2c:b9:d9:27:5c:ab:
e8:10:03:38:e2:2f:33:fe:c2:f1:ca:b0:56:79:8c:
e3:1a:30:92:d9:1a:ac:f6:62:94:29:7d:28:49:63:
b8:ff:37:ee:72:9a:1c:2b:f6:fa:21:79:1a:e8:85:
ad:db:c4:07:55:bf:09:eb:98:97:49:72:ba:e9:82:
0b:fb:1c:40:03:f7:7e:15:b9:d1:d0:c6:19:25:82:
24:1e:f6:45:70:08:23:8e:e0:69:9c:0e:55:74:2f:
5f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FA:D4:B6:92:8E:96:45:48:EC:0C:87:A5:8F:9F:1D:2F:51:97:E4
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/dvrUtpKOlkVI7AyHpY-fHS9Rl-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:16e8::/32
2a02:728::/32
Signature Algorithm: sha256WithRSAEncryption
a9:7d:6d:0b:e3:1b:6e:b2:fa:44:b7:4a:c0:85:98:e0:a7:20:
d7:90:43:c9:ab:2d:bb:2f:4b:31:de:56:ff:8a:dc:65:df:fd:
0b:a0:36:2c:97:ee:62:d2:d1:d2:e2:b7:58:b6:43:97:c2:a2:
a8:f0:fb:e0:d5:a1:91:cb:66:cd:05:78:13:70:6d:62:b1:ed:
b1:ad:86:81:06:4f:dc:b2:0b:05:9c:75:26:47:d0:7e:00:d4:
c0:b6:ca:01:3a:27:35:88:10:76:16:d9:11:60:8b:50:03:f5:
06:07:9e:7c:06:59:ce:fb:4c:80:4d:70:f1:1c:c8:13:eb:e3:
e8:be:f5:11:ac:fe:12:82:d4:e5:56:ec:40:53:79:42:ef:90:
1a:d9:fd:93:95:77:d2:4b:05:99:4f:91:95:c0:c8:fe:21:8b:
a5:41:d3:25:be:75:2b:62:67:85:34:0e:33:08:99:0a:da:b0:
95:ce:f6:03:ec:6a:0e:f0:c9:5d:90:70:12:b5:a6:49:94:d0:
ab:de:f9:a7:8f:f1:85:ea:bb:57:35:c1:85:fd:e8:31:07:94:
d7:6d:0c:0e:9c:b6:a7:40:ef:a0:bd:72:d2:9b:ed:07:e4:05:
b5:40:c6:ce:a4:cf:d0:ee:c7:2d:b5:5a:17:8c:be:c0:3b:c6:
7c:4a:10:db
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYoI3lsXtHFTf/zpiXKkO9BpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwODE4MTMzODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmZhZDRiNjkyOGU5NjQ1NDhlYzBjODdhNThmOWYxZDJmNTE5N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHToqwhWGEvbyuwQdvO+rn5EXDWh
2Vn+owjEv9zcNHCSVdQ+MR0aMm1T+uHWZtg55DNgs1MQf2EwDGcQ/WjPB+pfe7Iq
ntNF+9t+0U/zolBeImj3Fi9fIUOGdWdAALO2ZY60cU1ZOjBXoxUMTYVnL/z3awpe
xIHmQZId/Cs7Ll7dgUhEQs5KdrUjhwcfyto0wt8yyIUJsj4mUkP5x2wsudknXKvo
EAM44i8z/sLxyrBWeYzjGjCS2Rqs9mKUKX0oSWO4/zfucpocK/b6IXka6IWt28QH
Vb8J65iXSXK66YIL+xxAA/d+FbnR0MYZJYIkHvZFcAgjjuBpnA5VdC9fDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHb61LaSjpZFSOwMh6WPnx0vUZfkMB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvZHZyVXRwS09sa1ZJN0F5SHBZLWZIUzlSbC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAEW6AMF
ACoCBygwDQYJKoZIhvcNAQELBQADggEBAKl9bQvjG26y+kS3SsCFmOCnINeQQ8mr
LbsvSzHeVv+K3GXf/QugNiyX7mLS0dLit1i2Q5fCoqjw++DVoZHLZs0FeBNwbWKx
7bGthoEGT9yyCwWcdSZH0H4A1MC2ygE6JzWIEHYW2RFgi1AD9QYHnnwGWc77TIBN
cPEcyBPr4+i+9RGs/hKC1OVW7EBTeULvkBrZ/ZOVd9JLBZlPkZXAyP4hi6VB0yW+
dStiZ4U0DjMImQrasJXO9gPsag7wyV2QcBK1pkmU0Kve+aeP8YXqu1c1wYX96DEH
lNdtDA6ctqdA76C9ctKb7QfkBbVAxs6kz9Duxy21WheMvsA7xnxKENs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:11 2024 by rpki-client on console-fra.rpki-client.org