Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/P2dhM4UHT2Z9BAjjwgixGdtsKQA.roa
File: P2dhM4UHT2Z9BAjjwgixGdtsKQA.roa (raw, json)
Hash identifier: /BzK2/4cy+BH0xuGEy8p8uSzPVgpUu2l2/yc2ZOz9xw=
Subject key identifier: 3F:67:61:33:85:07:4F:66:7D:04:08:E3:C2:08:B1:19:DB:6C:29:00
Certificate issuer: /CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Certificate serial: 01856FD4FCFB72174F4A48796AF70A65182F
Authority key identifier: 35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/P2dhM4UHT2Z9BAjjwgixGdtsKQA.roa
Signing time: Mon 02 Jan 2023 00:15:07 +0000
ROA not before: Mon 02 Jan 2023 00:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41446
IP address blocks: 192.166.12.0/22 maxlen: 22
2001:67c:2108::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:fc:fb:72:17:4f:4a:48:79:6a:f7:0a:65:18:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=350b40ced36e31f905e1a6e8e03c621e9fbfcb29
Validity
Not Before: Jan 2 00:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f67613385074f667d0408e3c208b119db6c2900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:67:30:df:cc:03:ac:e5:77:46:ed:9b:46:
0e:1a:5a:8d:f2:0b:e5:82:06:05:53:6a:d8:2a:b5:
29:70:e5:2e:76:78:f7:54:a5:0f:39:f5:d7:69:61:
d2:55:45:5c:0d:e5:28:00:ea:68:22:32:b0:5a:7b:
9e:0b:35:70:85:07:66:a1:3f:12:39:6b:40:7d:ec:
36:a9:4f:66:ec:af:81:4b:9d:c7:9b:6b:a7:6a:ca:
b4:77:76:54:87:05:d8:01:4a:8e:b0:30:91:bf:f6:
82:fa:3e:9e:c9:ff:66:1e:42:7e:6e:87:79:df:93:
71:a7:74:89:0f:bd:c2:af:0e:89:a7:79:5f:24:5e:
ab:9a:6c:4d:02:17:d3:43:d9:da:3a:7d:32:30:bd:
c5:2b:17:be:42:a4:db:8d:7a:b5:17:cb:11:9b:58:
cf:25:39:1e:72:6e:25:b6:ea:bc:67:83:e3:e3:da:
aa:fe:ab:67:11:4f:a0:40:89:33:36:b7:3e:cc:9b:
98:82:85:91:d3:c6:d3:eb:9b:30:df:40:cf:cb:1a:
44:b0:a5:f0:8b:f8:c3:3d:ae:22:70:a4:35:90:77:
c7:7c:48:c8:bb:48:9e:34:0e:9a:b3:f9:f3:ef:73:
f6:fd:eb:48:7e:2a:93:a3:dd:b8:49:b6:57:04:ca:
98:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:67:61:33:85:07:4F:66:7D:04:08:E3:C2:08:B1:19:DB:6C:29:00
X509v3 Authority Key Identifier:
keyid:35:0B:40:CE:D3:6E:31:F9:05:E1:A6:E8:E0:3C:62:1E:9F:BF:CB:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQtAztNuMfkF4abo4DxiHp-_yyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/P2dhM4UHT2Z9BAjjwgixGdtsKQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/221fcd-61e5-4b45-a359-72f6ca757a08/1/NQtAztNuMfkF4abo4DxiHp-_yyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.12.0/22
IPv6:
2001:67c:2108::/48
Signature Algorithm: sha256WithRSAEncryption
01:a2:6c:7d:ac:33:44:4d:7d:49:9b:41:6a:fd:60:9e:3f:8b:
38:ca:df:a1:f7:52:98:a0:11:d5:51:12:52:87:fb:5a:26:2a:
1d:eb:e1:e3:d2:aa:80:65:5b:77:bb:5e:16:c9:fd:ae:ed:7d:
0a:ee:f2:62:48:d0:61:d2:96:63:e7:a0:04:66:c0:f4:db:83:
17:a7:75:5b:68:65:33:c5:86:b2:c4:62:db:cc:1e:5f:53:23:
0e:a4:02:51:ac:9b:ae:57:41:20:bd:a7:98:1e:9c:2a:10:33:
5a:d1:9f:3c:45:da:35:f1:78:40:14:ae:3e:6a:48:ca:75:44:
d3:94:44:63:87:bf:fa:aa:e2:84:be:a2:52:32:5c:39:7d:00:
a8:2a:e1:97:0b:36:1f:57:a4:f4:e0:56:cb:63:c8:af:98:09:
45:47:c4:cc:39:1e:f0:1e:20:db:18:1c:07:03:d0:1c:6b:08:
3f:ca:13:95:0c:3c:04:35:8e:8f:7f:59:8a:3a:a7:e0:12:9a:
db:7c:c3:b9:48:dd:35:17:10:91:8b:86:b1:99:1c:0a:4d:26:
87:80:48:68:19:b2:46:7c:43:6d:7d:8e:8a:4a:6b:c0:89:c4:
0a:a2:0c:e8:67:2c:f1:fb:7f:f3:fb:51:2b:9b:dd:d5:2b:e6:
66:39:5f:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv1Pz7chdPSkh5avcKZRgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MGI0MGNlZDM2ZTMxZjkwNWUxYTZlOGUwM2M2MjFlOWZi
ZmNiMjkwHhcNMjMwMTAyMDAxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjY3NjEzMzg1MDc0ZjY2N2QwNDA4ZTNjMjA4YjExOWRiNmMyOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR5nMN/MA6zld0btm0YOGlqN8gvl
ggYFU2rYKrUpcOUudnj3VKUPOfXXaWHSVUVcDeUoAOpoIjKwWnueCzVwhQdmoT8S
OWtAfew2qU9m7K+BS53Hm2unasq0d3ZUhwXYAUqOsDCRv/aC+j6eyf9mHkJ+bod5
35Nxp3SJD73Crw6Jp3lfJF6rmmxNAhfTQ9naOn0yML3FKxe+QqTbjXq1F8sRm1jP
JTkecm4ltuq8Z4Pj49qq/qtnEU+gQIkzNrc+zJuYgoWR08bT65sw30DPyxpEsKXw
i/jDPa4icKQ1kHfHfEjIu0ieNA6as/nz73P2/etIfiqTo924SbZXBMqYTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9nYTOFB09mfQQI48IIsRnbbCkAMB8GA1UdIwQY
MBaAFDULQM7TbjH5BeGm6OA8Yh6fv8spMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTkt
NzJmNmNhNzU3YTA4LzEvUDJkaE00VUhUMlo5QkFqandnaXhHZHRzS1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yMjFmY2QtNjFlNS00YjQ1LWEzNTktNzJmNmNhNzU3YTA4
LzEvTlF0QXp0TnVNZmtGNGFibzREeGlIcC1feXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwKYMMA8E
AgACMAkDBwAgAQZ8IQgwDQYJKoZIhvcNAQELBQADggEBAAGibH2sM0RNfUmbQWr9
YJ4/izjK36H3UpigEdVRElKH+1omKh3r4ePSqoBlW3e7XhbJ/a7tfQru8mJI0GHS
lmPnoARmwPTbgxendVtoZTPFhrLEYtvMHl9TIw6kAlGsm65XQSC9p5genCoQM1rR
nzxF2jXxeEAUrj5qSMp1RNOURGOHv/qq4oS+olIyXDl9AKgq4ZcLNh9XpPTgVstj
yK+YCUVHxMw5HvAeINsYHAcD0BxrCD/KE5UMPAQ1jo9/WYo6p+ASmtt8w7lI3TUX
EJGLhrGZHApNJoeASGgZskZ8Q219jopKa8CJxAqiDOhnLPH7f/P7USub3dUr5mY5
X0A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org