Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/oblAThsShesFNevtpM1Wkyc1oQQ.roa
File: oblAThsShesFNevtpM1Wkyc1oQQ.roa (raw, json)
Hash identifier: wQ4Vn1reeMoAySM/Rh77dB7gYHdJStN/OCbT5uRysoM=
Subject key identifier: A1:B9:40:4E:1B:12:85:EB:05:35:EB:ED:A4:CD:56:93:27:35:A1:04
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018AF25E7791CBDADB687A43918C9C3E2D05
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/oblAThsShesFNevtpM1Wkyc1oQQ.roa
Signing time: Mon 02 Oct 2023 21:49:51 +0000
ROA not before: Mon 02 Oct 2023 21:49:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216223
IP address blocks: 2a0f:5707:ab40::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:5e:77:91:cb:da:db:68:7a:43:91:8c:9c:3e:2d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Oct 2 21:49:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1b9404e1b1285eb0535ebeda4cd56932735a104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ce:c9:aa:79:b6:96:ec:46:09:fc:53:a3:56:
bb:98:eb:70:00:ae:4e:41:21:6d:18:08:e5:14:30:
6f:46:3a:e4:7f:22:31:ff:b8:c5:7b:9b:f7:41:b0:
00:87:d6:79:1f:5b:2e:71:19:fe:31:37:2d:a0:99:
c4:90:4d:7c:91:db:88:24:03:79:ca:c0:3c:47:00:
07:62:76:0c:ec:48:da:5f:74:2f:9c:03:fd:d7:50:
d8:4f:95:e2:a2:41:51:f2:5a:57:cc:b1:91:c4:98:
f6:90:14:d9:e4:47:d0:67:f3:78:34:f1:20:c4:76:
96:59:42:ee:7d:2c:2c:8c:c9:89:0a:cd:59:df:68:
43:89:ae:c0:8d:d9:58:5c:45:72:c9:d5:53:78:bd:
0a:d3:bf:b1:1a:f5:7f:81:75:dc:c0:7d:3a:97:23:
e5:6d:cd:94:c4:d4:f3:8c:9c:d1:f8:7f:4d:f8:b8:
40:be:5e:69:22:af:af:24:d0:70:90:0b:3b:41:a2:
55:1a:87:7d:f6:9c:a9:00:3c:64:67:62:6a:6d:fe:
30:73:9a:4d:72:4b:0d:9f:91:c0:33:77:a4:bb:1a:
d1:5c:0f:77:4b:87:29:f6:76:cd:c3:79:98:c4:c2:
b9:21:e7:18:88:88:82:f7:f6:4c:d1:b4:83:35:43:
95:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B9:40:4E:1B:12:85:EB:05:35:EB:ED:A4:CD:56:93:27:35:A1:04
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/oblAThsShesFNevtpM1Wkyc1oQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ab40::/44
Signature Algorithm: sha256WithRSAEncryption
08:f9:8b:c0:85:23:18:8d:ed:4b:96:76:47:3a:3d:ab:5f:e8:
b6:ff:14:8e:aa:93:8e:44:9d:b2:9e:87:d8:ed:c7:be:86:32:
de:3e:9d:22:b3:9c:3d:a1:01:16:d9:28:07:e4:88:f2:7a:94:
99:06:8c:c2:d2:db:36:6e:c0:40:c4:df:ce:29:f0:e1:27:7b:
0b:59:a4:81:f1:5c:46:55:f7:8a:9f:a0:cd:f0:e8:53:f4:32:
c6:be:fa:9b:09:08:fb:5e:4d:82:83:26:87:51:e2:9e:c7:b2:
b3:56:72:37:0f:c5:a8:04:77:2c:11:52:97:05:9a:49:b4:1b:
80:6e:d1:a9:d9:99:57:c8:ea:d6:c1:9b:7c:aa:63:6b:84:17:
30:1b:97:0a:6d:15:d7:b2:f4:34:86:68:94:7f:25:20:e7:1f:
bb:f8:93:da:cc:d8:61:71:4d:d5:6a:4d:a7:70:0c:73:fa:cb:
e3:be:10:ef:1c:3e:08:66:e7:fc:75:80:03:7e:ae:06:55:c2:
3e:35:8c:a0:33:cb:2c:89:77:cf:e6:56:4a:71:4e:ed:e3:8a:
d2:c4:e5:5f:bc:12:4f:0c:fb:b0:ce:b6:7f:f9:d5:0e:ba:b2:
f8:67:b0:63:5b:f0:ce:9f:be:5b:db:fe:cf:64:01:df:c5:aa:
71:72:0f:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYryXneRy9rbaHpDkYycPi0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMxMDAyMjE0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWI5NDA0ZTFiMTI4NWViMDUzNWViZWRhNGNkNTY5MzI3MzVhMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn87Jqnm2luxGCfxTo1a7mOtwAK5O
QSFtGAjlFDBvRjrkfyIx/7jFe5v3QbAAh9Z5H1sucRn+MTctoJnEkE18kduIJAN5
ysA8RwAHYnYM7EjaX3QvnAP911DYT5XiokFR8lpXzLGRxJj2kBTZ5EfQZ/N4NPEg
xHaWWULufSwsjMmJCs1Z32hDia7AjdlYXEVyydVTeL0K07+xGvV/gXXcwH06lyPl
bc2UxNTzjJzR+H9N+LhAvl5pIq+vJNBwkAs7QaJVGod99pypADxkZ2Jqbf4wc5pN
cksNn5HAM3ekuxrRXA93S4cp9nbNw3mYxMK5IecYiIiC9/ZM0bSDNUOVeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKG5QE4bEoXrBTXr7aTNVpMnNaEEMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvb2JsQVRoc1NoZXNGTmV2dHBNMVdreWMxb1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6tA
MA0GCSqGSIb3DQEBCwUAA4IBAQAI+YvAhSMYje1LlnZHOj2rX+i2/xSOqpOORJ2y
nofY7ce+hjLePp0is5w9oQEW2SgH5IjyepSZBozC0ts2bsBAxN/OKfDhJ3sLWaSB
8VxGVfeKn6DN8OhT9DLGvvqbCQj7Xk2CgyaHUeKex7KzVnI3D8WoBHcsEVKXBZpJ
tBuAbtGp2ZlXyOrWwZt8qmNrhBcwG5cKbRXXsvQ0hmiUfyUg5x+7+JPazNhhcU3V
ak2ncAxz+svjvhDvHD4IZuf8dYADfq4GVcI+NYygM8ssiXfP5lZKcU7t44rSxOVf
vBJPDPuwzrZ/+dUOurL4Z7BjW/DOn75b2/7PZAHfxapxcg9H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:59 2024 by rpki-client on console-fra.rpki-client.org