Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/dARMCPWaHHy-PffgILMcfB7lxfY.roa
File: dARMCPWaHHy-PffgILMcfB7lxfY.roa (raw, json)
Hash identifier: 77OWy+yTEXY0TV1yAcRfBqQgivRhaUG3VGQsmp15/EM=
Subject key identifier: 74:04:4C:08:F5:9A:1C:7C:BE:3D:F7:E0:20:B3:1C:7C:1E:E5:C5:F6
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01856C9CACE25E0069CCE92BB896DF506AFC
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/dARMCPWaHHy-PffgILMcfB7lxfY.roa
Signing time: Sun 01 Jan 2023 09:14:45 +0000
ROA not before: Sun 01 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205365
IP address blocks: 2a00:1908:fffe::/48 maxlen: 48
2a00:1908:fffc::/48 maxlen: 48
2a00:1908:ffff::/48 maxlen: 48
2a00:1908:fffa::/48 maxlen: 48
2a00:1908:fffd::/48 maxlen: 48
2a00:1908:fffb::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ac:e2:5e:00:69:cc:e9:2b:b8:96:df:50:6a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74044c08f59a1c7cbe3df7e020b31c7c1ee5c5f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6a:36:74:9f:ff:b7:71:7d:a1:13:ae:d0:38:
15:d6:c7:e3:76:37:88:cf:53:2a:1f:7a:c6:c5:eb:
a9:eb:49:0b:c1:c9:0e:3c:33:80:6c:2b:86:5f:f7:
b1:5a:0e:02:20:d7:e3:9a:10:c3:03:c8:b9:66:22:
9e:4a:ca:49:d4:d4:da:15:b0:71:32:8a:5a:56:83:
88:4d:3a:38:e3:07:c8:92:e6:b7:55:c1:3f:b5:c2:
34:79:bc:82:d5:34:29:02:08:af:08:85:5f:90:e5:
0d:c0:02:72:56:7c:f9:f2:7a:98:ee:23:e4:61:20:
b8:87:12:a8:0c:d5:93:61:e3:bb:a8:70:72:0b:fd:
1a:3c:ce:0a:f9:90:eb:e0:1d:b8:e0:2b:bd:5e:45:
38:6f:b0:54:5f:91:58:fd:35:fc:16:31:96:f3:a9:
30:6a:6d:51:d4:66:ac:90:ac:2c:44:e6:6b:1d:5f:
ac:f9:64:81:97:e3:e4:19:88:90:d1:a8:82:bf:d1:
21:c5:58:76:86:06:50:df:03:68:00:db:da:9c:5a:
a7:4c:5a:16:a8:38:4f:04:5b:de:54:20:77:e2:f6:
22:4e:49:87:d4:a7:cb:b1:ac:92:ae:db:f1:b1:c2:
e5:95:91:87:0f:03:01:1e:4f:69:a4:ad:4d:95:9e:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:04:4C:08:F5:9A:1C:7C:BE:3D:F7:E0:20:B3:1C:7C:1E:E5:C5:F6
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/dARMCPWaHHy-PffgILMcfB7lxfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:fffa::-2a00:1908:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:d3:8b:25:26:41:0a:6c:b7:37:be:cb:bd:32:67:ef:aa:1f:
54:20:10:6f:b1:68:c1:71:d8:b0:23:a8:17:57:a3:18:22:9b:
ef:b3:99:17:6d:40:2a:01:91:ba:b0:41:31:a5:c1:ef:fe:bd:
da:55:99:ca:fd:ab:c5:21:25:fc:34:a5:4d:e5:3d:e3:83:6c:
da:39:f4:01:19:b4:00:fa:45:34:93:61:8e:7c:24:49:2c:aa:
97:5d:0a:44:fd:ee:f4:da:10:1b:75:c5:af:c7:44:ed:90:5b:
f1:f9:cb:cb:15:c2:d7:81:46:ba:1b:15:11:95:93:ba:05:49:
9d:c2:87:91:3b:ce:7f:1e:ab:8f:81:6e:8d:c1:8c:e0:4e:0a:
59:20:4c:07:8c:9b:d0:27:b2:36:73:5a:62:22:a4:34:61:0c:
1a:a0:c3:00:6c:47:ac:d7:f6:da:66:d3:5c:e2:5e:d8:fc:53:
d3:31:5e:5b:59:10:a7:86:67:ff:fe:f2:c3:8d:24:06:b8:ff:
16:45:8c:24:5c:96:46:e7:be:c7:88:87:0a:68:f0:1e:d7:3e:
79:84:a0:df:59:f9:9f:e7:bb:42:ad:36:ea:09:fa:c9:90:d3:
18:95:ac:32:c4:75:5f:50:cd:69:11:d4:0b:b5:54:67:6f:c9:
e8:94:d9:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsnKziXgBpzOkruJbfUGr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwMTAxMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA0NGMwOGY1OWExYzdjYmUzZGY3ZTAyMGIzMWM3YzFlZTVjNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWo2dJ//t3F9oROu0DgV1sfjdjeI
z1MqH3rGxeup60kLwckOPDOAbCuGX/exWg4CINfjmhDDA8i5ZiKeSspJ1NTaFbBx
MopaVoOITTo44wfIkua3VcE/tcI0ebyC1TQpAgivCIVfkOUNwAJyVnz58nqY7iPk
YSC4hxKoDNWTYeO7qHByC/0aPM4K+ZDr4B244Cu9XkU4b7BUX5FY/TX8FjGW86kw
am1R1GaskKwsROZrHV+s+WSBl+PkGYiQ0aiCv9EhxVh2hgZQ3wNoANvanFqnTFoW
qDhPBFveVCB34vYiTkmH1KfLsaySrtvxscLllZGHDwMBHk9ppK1NlZ7J+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHQETAj1mhx8vj334CCzHHwe5cX2MB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvZEFSTUNQV2FISHktUGZmZ0lMTWNmQjdseGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBwEqABkI
//oDBQAqABkIMA0GCSqGSIb3DQEBCwUAA4IBAQBh04slJkEKbLc3vsu9Mmfvqh9U
IBBvsWjBcdiwI6gXV6MYIpvvs5kXbUAqAZG6sEExpcHv/r3aVZnK/avFISX8NKVN
5T3jg2zaOfQBGbQA+kU0k2GOfCRJLKqXXQpE/e702hAbdcWvx0TtkFvx+cvLFcLX
gUa6GxURlZO6BUmdwoeRO85/HquPgW6NwYzgTgpZIEwHjJvQJ7I2c1piIqQ0YQwa
oMMAbEes1/baZtNc4l7Y/FPTMV5bWRCnhmf//vLDjSQGuP8WRYwkXJZG577HiIcK
aPAe1z55hKDfWfmf57tCrTbqCfrJkNMYlawyxHVfUM1pEdQLtVRnb8nolNmO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:53 2024 by rpki-client on console-fra.rpki-client.org