Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/oXTdroaBYTLo1RbL9xBRSSnLuUI.roa
File: oXTdroaBYTLo1RbL9xBRSSnLuUI.roa (raw, json)
Hash identifier: ybEdPtWokHTU6SOSfW1JE9dVldl5wppNRbVll1qtwZI=
Subject key identifier: A1:74:DD:AE:86:81:61:32:E8:D5:16:CB:F7:10:51:49:29:CB:B9:42
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F91EF504E654E2CF5E90BCBE70F0433
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/oXTdroaBYTLo1RbL9xBRSSnLuUI.roa
Signing time: Wed 27 Mar 2024 11:00:54 +0000
ROA not before: Wed 27 Mar 2024 11:00:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 2.17.116.0/22 maxlen: 22
2.20.96.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 02 Oct 2024 09:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:91:ef:50:4e:65:4e:2c:f5:e9:0b:cb:e7:0f:04:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:00:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a174ddae86816132e8d516cbf710514929cbb942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:39:d2:af:96:54:d1:29:89:c7:39:be:12:6f:
16:6a:72:d7:e3:73:5c:8f:52:99:e1:96:89:6f:a9:
7d:f0:b8:dd:d6:97:85:63:5b:03:8e:c3:c3:ae:f4:
6f:b0:ca:e5:c6:81:c3:a9:53:fc:0a:54:f6:1d:33:
f3:20:64:2a:a3:0e:7d:af:dc:82:b0:75:4a:ce:88:
68:d4:57:15:12:5a:43:c5:9f:09:66:eb:d5:39:8a:
cc:7a:49:f1:10:a0:f0:c6:00:1a:0d:61:cb:57:92:
5e:81:83:60:ee:29:ac:a8:34:5d:58:b5:41:cc:f6:
29:92:88:63:bf:d4:8d:f3:af:69:6d:ed:17:c8:88:
17:b4:fc:cc:75:f2:3d:d0:03:cd:9f:22:b9:74:c3:
a0:b5:9b:07:08:60:cc:9b:c4:e5:74:cc:fb:23:0b:
4c:01:06:27:09:2e:3a:d7:e8:c7:fa:06:6d:e2:5b:
ea:9f:d5:5f:c4:86:68:1f:89:4a:e2:ff:9b:46:8c:
94:9c:cd:c0:71:fc:85:fd:70:9e:7c:2a:50:e7:80:
4d:cb:33:fa:a6:a1:81:3b:83:8b:0c:71:5f:f5:ad:
65:2b:51:ca:9b:e7:6a:4f:ab:ec:24:b9:50:81:5d:
3a:e2:ec:62:35:4c:ed:30:1e:4a:ee:9a:b5:35:64:
92:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:74:DD:AE:86:81:61:32:E8:D5:16:CB:F7:10:51:49:29:CB:B9:42
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/oXTdroaBYTLo1RbL9xBRSSnLuUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.116.0/22
2.20.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:c2:ec:d2:b4:1c:e1:5b:aa:b0:41:13:89:dc:1a:9c:5a:e3:
23:ac:23:b7:08:9e:bf:10:56:43:37:df:cb:1c:4f:96:27:bc:
e5:0b:33:c9:d5:66:79:9b:88:0c:0b:cf:b7:e9:8b:41:38:c1:
8c:49:21:e3:06:5d:c9:ea:a6:d0:ff:0b:1d:cb:e7:46:a7:85:
d3:d4:61:be:5b:48:da:74:6c:23:00:54:71:96:56:23:e8:bc:
74:e5:ad:5a:9c:47:de:ee:df:56:1d:2a:e0:d0:06:ed:63:39:
a6:16:b1:f2:c1:70:81:1a:17:27:3f:4f:08:cf:cb:0d:96:f2:
84:c4:ed:d7:1d:47:df:e5:89:24:00:cf:06:8c:d1:c8:e5:a6:
71:aa:b4:35:9c:79:ce:7c:c3:fc:21:2f:40:35:65:d9:d6:57:
c6:7b:dd:99:6e:2e:7d:15:74:54:b5:bf:c7:23:d6:dc:32:0d:
30:0d:11:08:dd:5c:c3:52:47:fd:71:e5:7e:6c:05:49:1d:d8:
28:6d:b7:a2:a1:76:72:d8:03:f1:eb:59:4a:82:02:f3:5d:9a:
65:32:c2:e3:b5:02:46:2d:ae:83:ce:d4:fc:03:a3:c0:e9:a5:
e5:86:89:76:db:52:6d:21:eb:60:ad:87:3c:fc:7b:cb:44:d4:
39:35:06:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5/ke9QTmVOLPXpC8vnDwQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEwMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc0ZGRhZTg2ODE2MTMyZThkNTE2Y2JmNzEwNTE0OTI5Y2JiOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjnSr5ZU0SmJxzm+Em8WanLX43Nc
j1KZ4ZaJb6l98Ljd1peFY1sDjsPDrvRvsMrlxoHDqVP8ClT2HTPzIGQqow59r9yC
sHVKzoho1FcVElpDxZ8JZuvVOYrMeknxEKDwxgAaDWHLV5JegYNg7imsqDRdWLVB
zPYpkohjv9SN869pbe0XyIgXtPzMdfI90APNnyK5dMOgtZsHCGDMm8TldMz7IwtM
AQYnCS461+jH+gZt4lvqn9VfxIZoH4lK4v+bRoyUnM3AcfyF/XCefCpQ54BNyzP6
pqGBO4OLDHFf9a1lK1HKm+dqT6vsJLlQgV064uxiNUztMB5K7pq1NWSSPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKF03a6GgWEy6NUWy/cQUUkpy7lCMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvb1hUZHJvYUJZVExvMVJiTDl4QlJTU25MdVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAhF0AwQF
AhRgMA0GCSqGSIb3DQEBCwUAA4IBAQB8wuzStBzhW6qwQROJ3BqcWuMjrCO3CJ6/
EFZDN9/LHE+WJ7zlCzPJ1WZ5m4gMC8+36YtBOMGMSSHjBl3J6qbQ/wsdy+dGp4XT
1GG+W0jadGwjAFRxllYj6Lx05a1anEfe7t9WHSrg0AbtYzmmFrHywXCBGhcnP08I
z8sNlvKExO3XHUff5YkkAM8GjNHI5aZxqrQ1nHnOfMP8IS9ANWXZ1lfGe92Zbi59
FXRUtb/HI9bcMg0wDREI3VzDUkf9ceV+bAVJHdgobbeioXZy2APx61lKggLzXZpl
MsLjtQJGLa6DztT8A6PA6aXlhol221JtIetgrYc8/HvLRNQ5NQal
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:53:38 2024 by rpki-client on console-ams.rpki-client.org