Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/05COF5RY0bnmCii0uX8oZQTQENI.roa
File: 05COF5RY0bnmCii0uX8oZQTQENI.roa (raw, json)
Hash identifier: sHVtTdGXMJCrT96bdy6a3fg7xNtbKYjBEHUCzFpiiuI=
Subject key identifier: D3:90:8E:17:94:58:D1:B9:E6:0A:28:B4:B9:7F:28:65:04:D0:10:D2
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01856C9CA8A937F4D4D0B9540A569BE162F1
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/05COF5RY0bnmCii0uX8oZQTQENI.roa
Signing time: Sun 01 Jan 2023 09:14:44 +0000
ROA not before: Sun 01 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44628
IP address blocks: 2a00:1908:faca::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:a8:a9:37:f4:d4:d0:b9:54:0a:56:9b:e1:62:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3908e179458d1b9e60a28b4b97f286504d010d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:84:3e:67:53:0c:c2:2e:6e:d9:e0:99:5b:
02:7c:21:2c:5a:ff:d1:90:ed:dc:e3:1a:fd:91:d2:
46:3f:ea:d4:ff:4d:a1:86:11:72:93:c1:af:d7:74:
3f:76:d5:87:40:e9:b8:0d:23:69:61:08:a1:b9:7e:
25:42:df:62:37:b3:4b:60:37:cc:d1:ee:36:bd:06:
85:84:c9:d0:89:1d:c0:ff:da:9d:99:89:e1:0c:b9:
f8:cc:29:97:b7:d4:71:7a:4e:7c:34:06:58:68:e5:
83:9c:88:8d:3f:14:9b:86:f4:70:78:c7:9a:6f:13:
94:db:37:66:31:44:a7:bf:49:35:50:3b:96:d6:94:
9b:49:c4:67:b5:88:53:2c:4b:85:f0:2d:d1:e2:cc:
23:d4:1a:e9:0d:8c:22:13:1a:8f:bf:c9:45:cf:e1:
ee:eb:f7:e9:fb:6c:a9:d7:9a:ff:a2:4f:08:3d:15:
ff:8f:47:2e:94:bd:ea:92:ae:20:58:12:13:c8:96:
7a:4a:44:4c:78:cf:0f:c0:33:bc:20:c8:58:71:bb:
52:6c:62:93:31:51:0e:e0:35:c0:a4:86:da:e7:b5:
36:05:e6:5a:18:01:30:17:3d:64:80:e4:05:29:ab:
c4:92:dd:d9:42:09:4a:8e:0e:12:1e:ff:c5:39:cd:
07:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:8E:17:94:58:D1:B9:E6:0A:28:B4:B9:7F:28:65:04:D0:10:D2
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/05COF5RY0bnmCii0uX8oZQTQENI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:faca::/48
Signature Algorithm: sha256WithRSAEncryption
9d:8f:45:d7:77:4d:c3:0a:0a:f6:ef:9a:b6:f5:f4:81:de:d4:
b7:8f:bd:1b:f4:2e:cd:c0:7c:60:7a:ff:a5:8d:25:a0:bf:44:
f1:0e:ac:82:51:f4:00:fb:03:66:03:cd:bd:b7:4e:3c:53:94:
52:48:4b:a0:e0:e7:bc:74:24:29:67:b1:8e:57:1a:83:ed:59:
e7:b3:e9:07:9c:75:7e:17:20:4c:71:29:d3:f8:17:6d:c0:d6:
72:93:66:11:9e:38:74:da:42:0e:ac:d6:69:f0:ce:14:c7:42:
ff:bb:4b:fd:81:9c:4f:f0:28:ae:63:2a:76:1f:43:d7:a0:1d:
01:f0:09:51:07:ef:c2:0b:76:9c:89:58:fe:44:66:43:4f:34:
4b:43:e0:b1:be:31:f7:34:47:98:fe:17:49:1b:30:7a:21:b0:
df:70:d7:fd:c2:09:77:25:c9:40:4e:4a:47:30:e5:b5:f6:6b:
b2:37:cd:16:28:22:8a:f9:cd:1f:2c:cb:a7:a0:c7:19:15:34:
57:2d:e2:e5:3c:51:b4:94:76:d0:63:a4:ec:f3:ff:c4:0a:29:
64:0b:ff:99:3c:b5:ee:c0:1a:41:a0:8b:c3:65:28:1c:48:46:
87:28:03:43:d1:8c:1a:ed:33:c9:ac:85:e0:e3:37:f3:20:ac:
49:b9:6a:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsnKipN/TU0LlUClab4WLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwMTAxMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzkwOGUxNzk0NThkMWI5ZTYwYTI4YjRiOTdmMjg2NTA0ZDAxMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOSEPmdTDMIubtngmVsCfCEsWv/R
kO3c4xr9kdJGP+rU/02hhhFyk8Gv13Q/dtWHQOm4DSNpYQihuX4lQt9iN7NLYDfM
0e42vQaFhMnQiR3A/9qdmYnhDLn4zCmXt9Rxek58NAZYaOWDnIiNPxSbhvRweMea
bxOU2zdmMUSnv0k1UDuW1pSbScRntYhTLEuF8C3R4swj1BrpDYwiExqPv8lFz+Hu
6/fp+2yp15r/ok8IPRX/j0culL3qkq4gWBITyJZ6SkRMeM8PwDO8IMhYcbtSbGKT
MVEO4DXApIba57U2BeZaGAEwFz1kgOQFKavEkt3ZQglKjg4SHv/FOc0H+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNOQjheUWNG55gootLl/KGUE0BDSMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvMDVDT0Y1UlkwYm5tQ2lpMHVYOG9aUVRRRU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAZCPrK
MA0GCSqGSIb3DQEBCwUAA4IBAQCdj0XXd03DCgr275q29fSB3tS3j70b9C7NwHxg
ev+ljSWgv0TxDqyCUfQA+wNmA829t048U5RSSEug4Oe8dCQpZ7GOVxqD7Vnns+kH
nHV+FyBMcSnT+BdtwNZyk2YRnjh02kIOrNZp8M4Ux0L/u0v9gZxP8CiuYyp2H0PX
oB0B8AlRB+/CC3aciVj+RGZDTzRLQ+CxvjH3NEeY/hdJGzB6IbDfcNf9wgl3JclA
TkpHMOW19muyN80WKCKK+c0fLMunoMcZFTRXLeLlPFG0lHbQY6Ts8//ECilkC/+Z
PLXuwBpBoIvDZSgcSEaHKAND0Ywa7TPJrIXg4zfzIKxJuWq7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org