Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/dgOJH3FctSEw8wveinmsjsHx_Ow.roa
File: dgOJH3FctSEw8wveinmsjsHx_Ow.roa (raw, json)
Hash identifier: DP8G6/1/PvXMFyy5zqXeuY22izJrbIPSFV4exDMMntk=
Subject key identifier: 76:03:89:1F:71:5C:B5:21:30:F3:0B:DE:8A:79:AC:8E:C1:F1:FC:EC
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA707CD4539074D932B0E60C904F07
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/dgOJH3FctSEw8wveinmsjsHx_Ow.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56876
IP address blocks: 2a0f:5707:aab1::/48 maxlen: 48
2a0f:5707:aab0::/44 maxlen: 44
2a0f:5707:aab0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:70:7c:d4:53:90:74:d9:32:b0:e6:0c:90:4f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7603891f715cb52130f30bde8a79ac8ec1f1fcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:78:51:c0:f4:ca:bc:b7:4f:c5:11:4f:02:f0:
82:35:4f:71:9c:f5:ff:70:68:3d:80:14:64:b7:e4:
f3:eb:c8:72:e2:26:1f:86:0e:13:00:fb:8c:a1:85:
ef:35:61:36:f4:54:af:bc:76:14:cb:96:89:66:51:
91:a2:71:61:42:e3:d9:24:41:b6:fa:a0:f0:44:72:
42:ca:3c:75:4c:f9:38:1f:14:51:37:61:0b:c7:5b:
43:1c:db:5d:1f:57:5d:6f:36:e7:08:cf:fd:84:79:
65:3b:1c:1a:25:76:09:6a:b0:40:61:22:5c:f8:54:
eb:ff:a9:9c:f9:c4:13:9d:d3:60:e8:e2:5b:44:e3:
c1:9b:c8:25:33:63:b2:9e:ca:c8:b3:67:04:e7:aa:
a9:43:3a:44:12:72:de:26:c5:12:bd:5f:b0:2f:19:
39:c5:7f:16:17:2a:2b:f2:40:80:89:f8:77:87:0f:
f1:6a:e3:8c:04:04:1b:c9:84:1a:13:ed:66:ca:d4:
d3:bf:3f:e8:a5:b5:d8:df:f8:6a:bf:50:f6:93:63:
39:6d:a7:29:02:32:76:78:2d:87:a2:b7:05:9c:33:
af:34:e0:b8:b1:76:3b:41:d0:c3:e7:4b:df:34:94:
bb:45:7c:ee:84:6f:ff:b1:24:26:8d:51:1c:89:03:
fd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:03:89:1F:71:5C:B5:21:30:F3:0B:DE:8A:79:AC:8E:C1:F1:FC:EC
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/dgOJH3FctSEw8wveinmsjsHx_Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aab0::/44
Signature Algorithm: sha256WithRSAEncryption
09:ff:7d:d2:33:e9:05:c3:ea:93:e1:de:f7:37:21:d9:67:7a:
84:c7:30:78:18:96:68:f5:12:08:54:1b:cb:bb:83:e7:ca:b4:
65:84:e7:3b:7e:cf:40:8e:c4:77:e0:9b:fe:8c:87:03:f1:99:
66:8d:6a:ef:75:90:4f:dc:6c:3f:e5:f8:34:bb:1e:48:c5:2d:
b1:be:fe:4b:01:8a:8a:af:9b:9e:f0:16:08:92:65:26:0d:ae:
bd:7e:dc:eb:ba:ce:a8:18:5b:c5:44:e3:c4:09:5a:cf:1d:e5:
fc:9c:0b:f0:42:ce:a4:de:6e:5c:92:ea:5b:3b:17:1f:84:2a:
29:b0:f0:df:ea:b3:e7:67:7b:51:17:cb:d8:68:fa:ae:b8:41:
db:d7:c7:3f:a8:33:75:26:78:2b:6a:56:52:b1:70:90:1a:fd:
96:16:d2:a3:64:75:35:17:42:ac:48:03:7c:5f:04:27:fd:ce:
2d:7f:19:52:8b:57:af:dd:4c:18:ee:2a:1d:37:bb:44:af:31:
49:54:44:58:11:12:bb:3c:e8:2d:40:bf:b1:2f:f9:6f:9c:a3:
18:e6:bc:5c:fa:3d:35:d0:60:17:e8:f6:cf:5b:03:08:f2:ba:
bd:d0:d0:fd:08:02:d7:7f:9a:cf:0f:15:bd:8b:a8:4d:39:3e:
e9:e7:06:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyunB81FOQdNkysOYMkE8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAzODkxZjcxNWNiNTIxMzBmMzBiZGU4YTc5YWM4ZWMxZjFmY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnhRwPTKvLdPxRFPAvCCNU9xnPX/
cGg9gBRkt+Tz68hy4iYfhg4TAPuMoYXvNWE29FSvvHYUy5aJZlGRonFhQuPZJEG2
+qDwRHJCyjx1TPk4HxRRN2ELx1tDHNtdH1ddbzbnCM/9hHllOxwaJXYJarBAYSJc
+FTr/6mc+cQTndNg6OJbROPBm8glM2OynsrIs2cE56qpQzpEEnLeJsUSvV+wLxk5
xX8WFyor8kCAifh3hw/xauOMBAQbyYQaE+1mytTTvz/opbXY3/hqv1D2k2M5bacp
AjJ2eC2HorcFnDOvNOC4sXY7QdDD50vfNJS7RXzuhG//sSQmjVEciQP9hQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHYDiR9xXLUhMPML3op5rI7B8fzsMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvZGdPSkgzRmN0U0V3OHd2ZWlubXNqc0h4X093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6qw
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ/33SM+kFw+qT4d73NyHZZ3qExzB4GJZo9RII
VBvLu4PnyrRlhOc7fs9AjsR34Jv+jIcD8ZlmjWrvdZBP3Gw/5fg0ux5IxS2xvv5L
AYqKr5ue8BYIkmUmDa69ftzrus6oGFvFROPECVrPHeX8nAvwQs6k3m5ckupbOxcf
hCopsPDf6rPnZ3tRF8vYaPquuEHb18c/qDN1JngralZSsXCQGv2WFtKjZHU1F0Ks
SAN8XwQn/c4tfxlSi1ev3UwY7iodN7tErzFJVERYERK7POgtQL+xL/lvnKMY5rxc
+j010GAX6PbPWwMI8rq90ND9CALXf5rPDxW9i6hNOT7p5wZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org