Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1-tiAvThJ7fnaFLaukKs-lrGEH_o.roa
File: 1-tiAvThJ7fnaFLaukKs-lrGEH_o.roa (raw, json)
Hash identifier: aBCwzvYTN6Ao8JT5ywhLA/wehWZCXt4pIldSqgnWEr8=
Subject key identifier: FA:D8:80:BD:38:49:ED:F9:DA:14:B6:AE:90:AB:3E:96:B1:84:1F:FA
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F90E195E91A1E5AFFC2D98D1C761B4C
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1-tiAvThJ7fnaFLaukKs-lrGEH_o.roa
Signing time: Wed 27 Mar 2024 10:59:45 +0000
ROA not before: Wed 27 Mar 2024 10:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7303
IP address blocks: 2.18.56.0/22 maxlen: 22
2.23.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 02 Oct 2024 09:20:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:90:e1:95:e9:1a:1e:5a:ff:c2:d9:8d:1c:76:1b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 10:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad880bd3849edf9da14b6ae90ab3e96b1841ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:56:99:46:8a:b6:bf:e5:81:d8:0b:e3:63:da:
9f:dc:34:4d:1d:ef:77:9c:5b:8b:4c:62:c7:2c:0e:
ad:27:8f:a0:ea:e5:2e:fa:a0:1a:81:6a:11:23:f2:
4b:b0:59:8f:5e:30:fe:a2:bf:40:73:ba:2c:a3:08:
f0:8d:f0:6a:23:f0:f0:64:62:a2:3d:1a:ff:21:94:
c5:c3:d0:ca:d5:08:64:47:a7:3c:1f:da:05:5c:23:
7d:d2:29:03:d2:68:93:0a:25:93:5e:ad:95:3a:f4:
ec:4d:d4:14:26:3c:a5:89:94:a9:f7:b8:1c:56:60:
97:99:43:cc:79:b8:f0:78:17:60:7b:f9:d0:02:02:
13:bd:86:01:50:06:0a:f4:8c:c6:0d:22:bc:43:d4:
2e:a9:b8:7e:17:1d:32:47:89:62:b1:05:01:c6:07:
ac:37:98:01:b4:4a:30:ec:83:be:73:61:24:5f:74:
a3:0e:4a:2f:2b:e2:48:4a:bd:d1:c7:77:b8:39:88:
55:32:15:7d:77:07:b0:2f:58:70:a4:90:ea:6c:fb:
48:c4:c2:c9:63:16:af:32:eb:12:c2:3d:1d:28:c9:
da:42:ff:d6:87:de:4f:f4:60:78:82:5e:0e:20:08:
48:a0:95:65:a8:ab:34:91:c2:bb:27:fd:6c:0d:cd:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D8:80:BD:38:49:ED:F9:DA:14:B6:AE:90:AB:3E:96:B1:84:1F:FA
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1-tiAvThJ7fnaFLaukKs-lrGEH_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.56.0/22
2.23.102.0/23
Signature Algorithm: sha256WithRSAEncryption
84:19:04:ff:d6:1e:12:f7:e8:66:63:16:f1:a8:e4:c7:6d:16:
ef:2b:8e:09:b5:aa:ed:89:9a:4c:3d:df:c8:78:f0:4e:77:53:
33:bf:f3:af:b2:46:77:34:4e:83:22:d3:59:93:0d:be:cb:8b:
02:ff:2e:dc:ae:14:24:7a:05:5c:54:3e:c9:c9:1d:d9:d7:7e:
46:8f:86:d9:c5:74:69:c9:46:42:c0:36:04:67:67:e9:bc:f5:
1d:08:1a:7f:70:81:cf:c7:26:d8:44:85:4b:ed:4a:db:a7:a0:
8c:8f:15:f2:d7:91:d7:e1:ed:62:2d:be:17:81:07:fd:8e:bf:
0e:7a:36:53:15:40:2d:74:05:7c:41:da:75:fc:3b:41:f7:23:
a3:85:62:d7:c6:4c:c0:7e:7f:6a:31:a0:12:fc:ca:d9:a8:f8:
03:d8:89:39:de:4b:4d:44:63:d3:cb:b5:90:92:35:26:c7:ff:
76:d1:57:d3:ec:a0:56:d1:50:ee:97:80:43:03:05:cc:b6:fc:
b3:83:db:79:19:42:e0:5a:7a:2c:89:77:db:65:62:51:95:fa:
08:0f:d5:0e:1d:4b:00:86:9b:23:34:cf:03:55:e9:81:f3:10:
a4:43:c5:02:1d:e8:a4:41:c8:ba:5a:5b:cf:df:fa:1f:84:7c:
93:fc:c3:58
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY5/kOGV6RoeWv/C2Y0cdhtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTA1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ4ODBiZDM4NDllZGY5ZGExNGI2YWU5MGFiM2U5NmIxODQxZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFaZRoq2v+WB2AvjY9qf3DRNHe93
nFuLTGLHLA6tJ4+g6uUu+qAagWoRI/JLsFmPXjD+or9Ac7osowjwjfBqI/DwZGKi
PRr/IZTFw9DK1QhkR6c8H9oFXCN90ikD0miTCiWTXq2VOvTsTdQUJjyliZSp97gc
VmCXmUPMebjweBdge/nQAgITvYYBUAYK9IzGDSK8Q9Quqbh+Fx0yR4lisQUBxges
N5gBtEow7IO+c2EkX3SjDkovK+JISr3Rx3e4OYhVMhV9dwewL1hwpJDqbPtIxMLJ
YxavMusSwj0dKMnaQv/Wh95P9GB4gl4OIAhIoJVlqKs0kcK7J/1sDc2dNQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrYgL04Se352hS2rpCrPpaxhB/6MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMS10aUF2VGhKN2ZuYUZMYXVrS3MtbHJHRUhfby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzAvMDQyMTg4LWRmYjYtNGFkNC05MWE0LTg4ZDFjYWM5ZTRm
MS8xL2ExX0x2cVNKTjZSQ3VyMnpNQ0V5eEx5YjFxby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgISOAME
AQIXZjANBgkqhkiG9w0BAQsFAAOCAQEAhBkE/9YeEvfoZmMW8ajkx20W7yuOCbWq
7YmaTD3fyHjwTndTM7/zr7JGdzROgyLTWZMNvsuLAv8u3K4UJHoFXFQ+yckd2dd+
Ro+G2cV0aclGQsA2BGdn6bz1HQgaf3CBz8cm2ESFS+1K26egjI8V8teR1+HtYi2+
F4EH/Y6/Dno2UxVALXQFfEHadfw7Qfcjo4Vi18ZMwH5/ajGgEvzK2aj4A9iJOd5L
TURj08u1kJI1Jsf/dtFX0+ygVtFQ7peAQwMFzLb8s4PbeRlC4Fp6LIl322ViUZX6
CA/VDh1LAIabIzTPA1XpgfMQpEPFAh3opEHIulpbz9/6H4R8k/zDWA==
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:53:38 2024 by rpki-client on console-ams.rpki-client.org