Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oKoWgTdkpr_dw6hkGbceMr3wHOE.roa
File: oKoWgTdkpr_dw6hkGbceMr3wHOE.roa (raw, json)
Hash identifier: kb0CwUGSyqxv7Qte1kqS+xZB4ZzbdFFHsXHFQqclK1g=
Subject key identifier: A0:AA:16:81:37:64:A6:BF:DD:C3:A8:64:19:B7:1E:32:BD:F0:1C:E1
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018782CEC51B3DF743FF02CA879398532262
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oKoWgTdkpr_dw6hkGbceMr3wHOE.roa
Signing time: Sat 15 Apr 2023 02:46:41 +0000
ROA not before: Sat 15 Apr 2023 02:46:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210090
IP address blocks: 2a06:e881:5100::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:82:ce:c5:1b:3d:f7:43:ff:02:ca:87:93:98:53:22:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Apr 15 02:46:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0aa16813764a6bfddc3a86419b71e32bdf01ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:1e:e5:89:b4:c3:e8:7f:58:95:c7:51:a6:
b4:2c:c0:16:24:43:03:57:49:17:b3:cb:26:13:22:
2f:06:26:37:15:4d:53:9f:7a:a7:57:1d:e5:1e:07:
4d:8c:7f:d7:ab:48:35:7d:e3:75:f8:02:85:3b:08:
27:b7:61:9e:39:20:cd:2c:8c:9e:bf:28:f2:d2:37:
5c:9f:4b:61:4e:97:e6:e6:71:45:55:2b:11:b9:d0:
dd:55:b8:90:10:8a:1d:53:ec:38:ab:5a:d7:5c:6c:
9c:64:0e:a7:f4:03:c9:3f:06:e0:c9:a5:aa:2e:99:
53:31:91:6f:f8:07:bb:0b:ec:1c:b2:21:35:86:92:
d9:84:b7:f8:81:d1:d3:34:f5:4f:6d:89:9f:50:ff:
7a:66:a4:e0:d2:8f:3c:c2:ec:64:e7:54:4b:b1:d5:
8f:ad:df:4e:cc:be:a9:30:ce:fa:1a:eb:8b:06:da:
1c:1f:e9:85:21:07:3b:3a:e1:81:b5:7e:98:58:45:
d9:de:0f:e4:35:02:11:03:98:6c:fc:ea:ef:18:06:
de:71:d5:e9:62:30:34:e9:71:57:5c:f8:b2:24:fb:
e8:25:26:ab:2a:37:65:11:d4:e2:dc:5d:76:b7:36:
fb:02:52:a6:e6:4d:f4:ea:77:97:64:98:c7:7b:bf:
83:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AA:16:81:37:64:A6:BF:DD:C3:A8:64:19:B7:1E:32:BD:F0:1C:E1
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/oKoWgTdkpr_dw6hkGbceMr3wHOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:5100::/44
Signature Algorithm: sha256WithRSAEncryption
72:1f:06:e5:6e:b8:b3:f7:94:6f:bf:1d:06:ed:15:09:76:cb:
86:2c:22:58:6b:87:1c:dd:6c:3f:37:81:81:f5:b0:93:19:2e:
5d:cb:b4:6e:7a:57:e2:56:56:8a:b5:e5:6f:c1:2b:08:f2:fa:
5e:3d:f0:29:fa:04:c5:72:34:8f:9b:22:7d:b5:e5:f8:34:a2:
b7:89:0c:20:cf:6d:b1:7f:f3:63:a5:91:41:ac:a8:18:67:97:
0e:2d:e1:e4:cb:f1:9b:3c:31:c2:c2:4e:fd:ed:4d:6c:bd:28:
e6:df:ef:e1:c4:9e:fb:3c:19:fc:ca:e1:10:5f:86:cc:72:4b:
a1:8f:13:0d:a8:ba:c3:3b:44:13:c1:fd:6b:98:ef:a3:51:69:
e7:3b:06:5a:82:c3:02:5a:89:73:0c:14:b2:bc:5a:84:c2:ff:
d1:d5:77:1d:f1:a0:4b:8f:31:5e:a6:0f:3d:0e:a4:1b:96:37:
55:95:5a:e9:92:da:ec:70:ee:dd:2c:9e:11:f3:99:0b:06:d0:
5f:8e:5c:62:fb:0b:1e:19:8a:c2:b7:ea:ae:8a:e7:45:31:a2:
e8:20:5e:67:00:76:50:0f:a3:0c:79:a0:41:db:54:17:43:4e:
ae:8f:99:66:0f:87:e3:fb:5f:6e:b1:8d:e4:df:97:ca:b0:20:
5e:04:fb:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeCzsUbPfdD/wLKh5OYUyJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwNDE1MDI0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGFhMTY4MTM3NjRhNmJmZGRjM2E4NjQxOWI3MWUzMmJkZjAxY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqoe5Ym0w+h/WJXHUaa0LMAWJEMD
V0kXs8smEyIvBiY3FU1Tn3qnVx3lHgdNjH/Xq0g1feN1+AKFOwgnt2GeOSDNLIye
vyjy0jdcn0thTpfm5nFFVSsRudDdVbiQEIodU+w4q1rXXGycZA6n9APJPwbgyaWq
LplTMZFv+Ae7C+wcsiE1hpLZhLf4gdHTNPVPbYmfUP96ZqTg0o88wuxk51RLsdWP
rd9OzL6pMM76GuuLBtocH+mFIQc7OuGBtX6YWEXZ3g/kNQIRA5hs/OrvGAbecdXp
YjA06XFXXPiyJPvoJSarKjdlEdTi3F12tzb7AlKm5k306neXZJjHe7+DlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKCqFoE3ZKa/3cOoZBm3HjK98BzhMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvb0tvV2dUZGtwcl9kdzZoa0diY2VNcjN3SE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbogVEA
MA0GCSqGSIb3DQEBCwUAA4IBAQByHwblbriz95Rvvx0G7RUJdsuGLCJYa4cc3Ww/
N4GB9bCTGS5dy7RuelfiVlaKteVvwSsI8vpePfAp+gTFcjSPmyJ9teX4NKK3iQwg
z22xf/NjpZFBrKgYZ5cOLeHky/GbPDHCwk797U1svSjm3+/hxJ77PBn8yuEQX4bM
ckuhjxMNqLrDO0QTwf1rmO+jUWnnOwZagsMCWolzDBSyvFqEwv/R1Xcd8aBLjzFe
pg89DqQbljdVlVrpktrscO7dLJ4R85kLBtBfjlxi+wseGYrCt+quiudFMaLoIF5n
AHZQD6MMeaBB21QXQ06uj5lmD4fj+19usY3k35fKsCBeBPv9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org