Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/bPogjoWJxtsZahn1WjuJgOQdm3w.roa
File: bPogjoWJxtsZahn1WjuJgOQdm3w.roa (raw, json)
Hash identifier: MWKqCtz6hKg3aGI3IUuJM6ls3Lx/R5uC01iwU6fByqQ=
Subject key identifier: 6C:FA:20:8E:85:89:C6:DB:19:6A:19:F5:5A:3B:89:80:E4:1D:9B:7C
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0188DFAADE7E4BDBFC4E19892A0DA3403E92
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/bPogjoWJxtsZahn1WjuJgOQdm3w.roa
Signing time: Wed 21 Jun 2023 20:34:57 +0000
ROA not before: Wed 21 Jun 2023 20:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62651
IP address blocks: 2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 19 Oct 2023 23:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:df:aa:de:7e:4b:db:fc:4e:19:89:2a:0d:a3:40:3e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jun 21 20:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cfa208e8589c6db196a19f55a3b8980e41d9b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:2f:50:af:e9:b2:60:d3:22:76:8a:ab:96:
67:7f:41:5a:7e:74:82:f2:a8:65:ee:a1:8d:69:5b:
8a:68:99:44:b6:61:ad:8b:ed:83:6b:62:65:e2:0d:
4d:c5:96:16:6e:25:96:1b:11:55:35:38:05:c0:26:
4d:04:04:07:48:90:bc:6a:88:bf:bb:84:27:60:fa:
80:30:93:60:85:9a:8b:51:f3:0c:c2:a9:df:76:3c:
54:08:ee:4e:55:23:9e:c1:2e:14:2c:04:85:ab:20:
0a:ff:4f:b9:5b:20:b5:a6:f9:73:5b:13:d9:10:c0:
93:ae:21:d0:14:a2:cb:94:4c:01:86:1a:f1:df:65:
02:da:46:49:48:ee:04:df:57:bf:99:1e:45:8f:df:
99:a1:b8:90:57:81:a8:4b:0d:9c:93:b6:fd:0e:a9:
1a:d6:f8:f8:c5:2a:78:f7:4f:e3:2d:40:c5:16:7c:
38:1d:2f:6a:98:f6:d2:e2:3a:ea:63:48:0a:b3:4e:
89:e3:6e:f3:b0:d8:46:41:d6:b0:f0:14:70:2e:f4:
2e:a4:aa:52:7a:e3:b1:5d:48:6e:9c:2d:63:80:07:
37:b0:ec:e7:74:4c:0a:3a:94:41:dd:a5:63:bc:4c:
93:29:ad:a5:56:cb:f3:7c:60:cd:e9:61:e0:97:47:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FA:20:8E:85:89:C6:DB:19:6A:19:F5:5A:3B:89:80:E4:1D:9B:7C
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/bPogjoWJxtsZahn1WjuJgOQdm3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
Signature Algorithm: sha256WithRSAEncryption
b3:1c:4a:fb:32:7d:3f:1e:1a:91:b3:fe:31:ad:d7:8b:ea:cc:
78:7d:66:e3:70:e4:e3:ec:9e:51:e5:e8:74:3c:ca:6d:f7:49:
81:75:34:a4:b9:79:5f:68:c9:c7:56:76:e6:47:8f:b6:21:78:
f2:d3:bb:de:46:ab:70:33:f5:31:8c:b6:18:33:6d:7b:c4:7a:
5c:17:9c:73:1b:60:59:31:e8:b2:97:98:42:bd:e1:21:71:a9:
14:7a:8f:e8:01:1c:e2:c4:ed:a7:b1:4c:8a:6e:1c:8f:a6:6f:
e0:2c:64:1f:0e:58:f0:3a:ac:6c:99:9f:c2:57:1b:a9:54:e4:
94:c8:e3:d6:ef:ae:22:ba:1e:83:44:e0:80:2f:76:d0:2b:84:
33:11:b9:4f:f7:23:a2:8e:e6:a5:e8:35:c2:6d:11:9c:cc:40:
90:fb:92:28:67:97:f1:19:e7:91:4a:63:b8:6c:ab:00:cb:b3:
2c:1a:49:80:2f:d0:f1:01:38:08:4c:9f:eb:40:9e:15:69:5a:
d0:4a:41:ce:f7:41:d3:3c:d3:d2:7c:a9:c4:cd:48:c3:58:e0:
bc:64:3d:84:6f:5a:db:72:dd:0d:5c:a6:ff:c2:3b:97:09:c4:
6d:fb:bf:fa:b1:86:ca:48:38:99:20:dd:56:2e:5d:16:c4:6b:
82:2c:82:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjfqt5+S9v8ThmJKg2jQD6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjMwNjIxMjAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZhMjA4ZTg1ODljNmRiMTk2YTE5ZjU1YTNiODk4MGU0MWQ5YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGUvUK/psmDTInaKq5Znf0FafnSC
8qhl7qGNaVuKaJlEtmGti+2Da2Jl4g1NxZYWbiWWGxFVNTgFwCZNBAQHSJC8aoi/
u4QnYPqAMJNghZqLUfMMwqnfdjxUCO5OVSOewS4ULASFqyAK/0+5WyC1pvlzWxPZ
EMCTriHQFKLLlEwBhhrx32UC2kZJSO4E31e/mR5Fj9+ZobiQV4GoSw2ck7b9Dqka
1vj4xSp490/jLUDFFnw4HS9qmPbS4jrqY0gKs06J427zsNhGQdaw8BRwLvQupKpS
euOxXUhunC1jgAc3sOzndEwKOpRB3aVjvEyTKa2lVsvzfGDN6WHgl0d0vQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGz6II6FicbbGWoZ9Vo7iYDkHZt8MB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvYlBvZ2pvV0p4dHNaYWhuMVdqdUpnT1FkbTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKgPvwCMD
BgAqA+/AJQMGACoD78AnMA0GCSqGSIb3DQEBCwUAA4IBAQCzHEr7Mn0/HhqRs/4x
rdeL6sx4fWbjcOTj7J5R5eh0PMpt90mBdTSkuXlfaMnHVnbmR4+2IXjy07veRqtw
M/UxjLYYM217xHpcF5xzG2BZMeiyl5hCveEhcakUeo/oARzixO2nsUyKbhyPpm/g
LGQfDljwOqxsmZ/CVxupVOSUyOPW764iuh6DROCAL3bQK4QzEblP9yOijual6DXC
bRGczECQ+5IoZ5fxGeeRSmO4bKsAy7MsGkmAL9DxATgITJ/rQJ4VaVrQSkHO90HT
PNPSfKnEzUjDWOC8ZD2Eb1rbct0NXKb/wjuXCcRt+7/6sYbKSDiZIN1WLl0WxGuC
LIJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org