Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/0-AO4cyvSO9Obz_1Efqioxl0WNc.roa
File: 0-AO4cyvSO9Obz_1Efqioxl0WNc.roa (raw, json)
Hash identifier: yd29vtEiBdGeoupFGEiC0gS0tUhWfwPL3tQOF1Vwtqw=
Subject key identifier: D3:E0:0E:E1:CC:AF:48:EF:4E:6F:3F:F5:11:FA:A2:A3:19:74:58:D7
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 018571B0ED3AADA7845AE1F2F0F78621E83C
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/0-AO4cyvSO9Obz_1Efqioxl0WNc.roa
Signing time: Mon 02 Jan 2023 08:54:58 +0000
ROA not before: Mon 02 Jan 2023 08:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395747
IP address blocks: 2a06:98c0:1c0b::/48 maxlen: 48
2a06:98c0:1c01::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ed:3a:ad:a7:84:5a:e1:f2:f0:f7:86:21:e8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jan 2 08:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3e00ee1ccaf48ef4e6f3ff511faa2a3197458d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b3:9b:8a:33:fa:ed:d6:a1:8d:78:eb:88:cf:
e3:29:3f:c9:ca:00:52:d2:d9:cd:66:ad:89:8e:c0:
4b:7c:bb:9f:38:41:a7:49:15:a9:2d:d4:3b:75:d8:
1a:b5:4f:df:1c:9b:0a:a1:be:5e:65:56:27:f2:d6:
7c:b0:f0:c3:10:f7:2e:df:2c:1f:11:1c:9e:d8:cb:
28:89:02:2c:c7:18:1b:5d:3a:7b:6b:8b:d8:93:d2:
b5:9d:92:7c:45:28:6b:14:a9:08:6d:03:f9:ac:5c:
17:c2:0e:f3:be:1c:ea:9e:55:c8:d1:0e:d7:07:b4:
21:d3:95:b5:37:fc:57:ea:db:de:f9:c3:00:21:c5:
60:a9:19:8a:5f:d5:d4:9f:1f:71:67:b1:a2:e0:60:
67:a5:55:e6:3d:2d:27:73:d6:4b:e7:ed:de:6d:18:
f1:b4:eb:c6:a2:e1:8d:7d:86:a1:4c:30:23:3f:7d:
3f:7c:c9:c7:65:43:04:27:e6:f3:f4:13:94:b9:24:
6b:a7:2b:8b:1b:f5:dc:87:8c:51:96:55:04:6f:9d:
82:a8:0b:09:67:ee:6e:80:68:13:e6:45:38:16:b9:
fd:0f:fc:98:6e:14:9c:18:1d:9d:d2:ca:0b:23:77:
b0:9a:cb:fa:11:ab:07:55:30:56:6b:e2:6e:3f:8d:
a8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E0:0E:E1:CC:AF:48:EF:4E:6F:3F:F5:11:FA:A2:A3:19:74:58:D7
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/0-AO4cyvSO9Obz_1Efqioxl0WNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:98c0:1c01::/48
2a06:98c0:1c0b::/48
Signature Algorithm: sha256WithRSAEncryption
1b:67:59:fe:8e:67:45:dd:98:8c:b9:83:83:c7:5b:e5:62:94:
a4:45:9c:a0:9e:ae:62:d7:9e:df:31:af:ac:56:bc:09:c1:5d:
e4:26:85:89:db:dd:d0:af:72:66:33:3f:69:ec:91:43:ec:79:
e1:6a:c4:8b:c2:69:a3:3d:c8:b9:62:e0:3a:c1:1a:e4:52:1e:
72:76:7d:92:d2:2f:34:8c:c7:65:f3:96:1d:50:ce:96:b2:4d:
b6:b0:ea:d2:e7:6d:c2:2d:db:23:7b:fa:b8:22:54:04:24:06:
93:74:25:55:97:63:d7:52:39:e5:a1:3b:4a:de:73:19:d6:84:
aa:d5:c0:d5:86:9c:a1:14:0d:bc:40:bd:7b:fa:84:ae:09:df:
cd:f9:88:a2:b0:ef:53:1c:4b:35:e9:5e:68:5f:fa:8d:0d:77:
bb:3e:52:11:ae:a3:a0:af:99:34:d2:e3:b7:ff:33:80:d4:b6:
3a:9e:f5:1c:a8:ef:c8:f6:3a:99:4d:94:96:5f:e0:0d:26:11:
da:28:b2:5c:96:fb:17:79:99:ad:e5:a1:bd:e2:29:f8:88:b2:
50:8d:eb:5d:79:09:85:9c:3f:2a:de:51:e9:84:fa:d0:9c:f2:
cb:96:29:78:d1:ce:76:d4:cc:fc:32:1a:0d:74:70:78:34:e0:
66:29:5a:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxsO06raeEWuHy8PeGIeg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjMwMTAyMDg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2UwMGVlMWNjYWY0OGVmNGU2ZjNmZjUxMWZhYTJhMzE5NzQ1OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LObijP67dahjXjriM/jKT/JygBS
0tnNZq2JjsBLfLufOEGnSRWpLdQ7ddgatU/fHJsKob5eZVYn8tZ8sPDDEPcu3ywf
ERye2MsoiQIsxxgbXTp7a4vYk9K1nZJ8RShrFKkIbQP5rFwXwg7zvhzqnlXI0Q7X
B7Qh05W1N/xX6tve+cMAIcVgqRmKX9XUnx9xZ7Gi4GBnpVXmPS0nc9ZL5+3ebRjx
tOvGouGNfYahTDAjP30/fMnHZUMEJ+bz9BOUuSRrpyuLG/Xch4xRllUEb52CqAsJ
Z+5ugGgT5kU4Frn9D/yYbhScGB2d0soLI3ewmsv6EasHVTBWa+JuP42o7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNPgDuHMr0jvTm8/9RH6oqMZdFjXMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvMC1BTzRjeXZTTzlPYnpfMUVmcWlveGwwV05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgaYwBwB
AwcAKgaYwBwLMA0GCSqGSIb3DQEBCwUAA4IBAQAbZ1n+jmdF3ZiMuYODx1vlYpSk
RZygnq5i157fMa+sVrwJwV3kJoWJ293Qr3JmMz9p7JFD7HnhasSLwmmjPci5YuA6
wRrkUh5ydn2S0i80jMdl85YdUM6Wsk22sOrS523CLdsje/q4IlQEJAaTdCVVl2PX
UjnloTtK3nMZ1oSq1cDVhpyhFA28QL17+oSuCd/N+YiisO9THEs16V5oX/qNDXe7
PlIRrqOgr5k00uO3/zOA1LY6nvUcqO/I9jqZTZSWX+ANJhHaKLJclvsXeZmt5aG9
4in4iLJQjetdeQmFnD8q3lHphPrQnPLLlil40c521Mz8MhoNdHB4NOBmKVqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:15 2024 by rpki-client on console-fra.rpki-client.org