Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/oub2MzbEKVCKhWBMIIeuOPyC8_o.roa
File: oub2MzbEKVCKhWBMIIeuOPyC8_o.roa (raw, json)
Hash identifier: ah+dJLGf/Pt1br2p+2vG2lg+9FT9AoXJN6cxxWxHSHA=
Subject key identifier: A2:E6:F6:33:36:C4:29:50:8A:85:60:4C:20:87:AE:38:FC:82:F3:FA
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 01856F66E94811A56F90346573BC7053A2E8
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/oub2MzbEKVCKhWBMIIeuOPyC8_o.roa
Signing time: Sun 01 Jan 2023 22:14:53 +0000
ROA not before: Sun 01 Jan 2023 22:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204437
IP address blocks: 192.33.88.0/24 maxlen: 24
2001:67c:2e40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e9:48:11:a5:6f:90:34:65:73:bc:70:53:a2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Jan 1 22:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2e6f63336c429508a85604c2087ae38fc82f3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:09:76:f4:37:96:c8:f8:89:67:2d:b2:25:98:
3a:5d:d0:fc:22:38:ef:bf:ad:dd:31:bd:19:f6:0f:
26:ea:83:df:dc:e8:eb:45:b5:8a:63:98:6a:cf:2f:
1f:9e:d9:8f:16:00:49:2f:f7:b0:4b:b1:11:96:f2:
65:52:9f:18:e9:81:1f:dd:26:d1:34:42:13:be:40:
c8:3d:12:5c:5f:0c:7c:1d:cf:53:05:68:4b:ce:12:
e4:f8:b6:1d:d4:4a:85:95:8f:a5:59:41:be:b0:a2:
91:a8:2e:d5:2d:e9:49:8a:76:f4:b0:00:bc:7d:10:
93:f3:7f:2e:f6:85:09:40:a9:16:a8:be:c1:81:58:
4d:88:b6:33:cc:4a:2e:5b:20:8e:76:f5:cd:ec:a0:
f5:8b:07:35:1f:19:84:d4:41:8f:63:ce:1a:93:1a:
74:6c:87:1f:2d:b2:4e:d2:c3:b1:67:e1:ce:b7:fc:
28:13:d8:c0:a9:03:ff:73:8f:66:13:a8:01:29:31:
00:6c:39:25:9c:47:b1:81:1f:64:7a:9f:7d:31:fd:
b9:fd:1d:9f:9e:50:b0:3c:6d:16:2b:74:d9:b0:c7:
90:8d:0c:56:78:ec:f6:09:d6:93:e7:3c:ab:17:b0:
98:bb:87:d0:0a:7f:d6:42:62:00:b6:7b:94:14:60:
db:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E6:F6:33:36:C4:29:50:8A:85:60:4C:20:87:AE:38:FC:82:F3:FA
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/oub2MzbEKVCKhWBMIIeuOPyC8_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.88.0/24
IPv6:
2001:67c:2e40::/48
Signature Algorithm: sha256WithRSAEncryption
3a:7f:73:92:45:2d:14:6f:68:f9:dd:8d:d5:4a:9f:5b:8e:af:
c2:ff:f2:d8:95:5a:a8:0c:b8:0f:e2:41:2a:b4:9f:fa:e7:2c:
c7:cc:26:d9:54:4d:64:54:9e:fb:50:39:10:60:a7:b6:18:07:
34:9a:4f:bb:16:c5:ad:f4:76:97:34:29:2b:d0:f0:34:ac:2f:
ab:85:a7:2a:ae:9c:0e:91:b8:d0:d8:1b:67:c8:27:10:a7:8b:
d7:f9:b0:a2:d0:04:0e:1d:65:99:f0:36:ff:3c:a8:f4:35:40:
e4:04:d2:5e:22:79:08:e3:ac:6e:9c:d8:1d:94:05:c4:7d:8e:
09:d5:9d:07:90:0d:f6:cb:75:9d:df:de:98:d9:88:78:72:73:
b3:2f:55:aa:1f:a7:d5:71:9a:f6:26:6a:a7:4f:95:22:15:4a:
5d:ad:e4:47:93:4e:fb:41:2f:86:68:62:08:b9:fc:33:3f:5e:
b0:a9:a6:d2:cb:72:80:ac:aa:b0:0f:77:59:f1:a0:ac:15:ab:
49:02:53:4b:0a:ff:95:db:32:3c:e9:db:bf:65:e7:ad:72:75:
77:62:14:c3:55:37:b0:e1:be:48:bb:d2:21:a2:1d:96:04:b3:
97:d0:e4:5a:3b:ba:2c:cf:cf:6f:8e:ac:12:84:58:4e:2f:10:
08:22:6e:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvZulIEaVvkDRlc7xwU6LoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx
ZTI5YzQwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmU2ZjYzMzM2YzQyOTUwOGE4NTYwNGMyMDg3YWUzOGZjODJmM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAl29DeWyPiJZy2yJZg6XdD8Ijjv
v63dMb0Z9g8m6oPf3OjrRbWKY5hqzy8fntmPFgBJL/ewS7ERlvJlUp8Y6YEf3SbR
NEITvkDIPRJcXwx8Hc9TBWhLzhLk+LYd1EqFlY+lWUG+sKKRqC7VLelJinb0sAC8
fRCT838u9oUJQKkWqL7BgVhNiLYzzEouWyCOdvXN7KD1iwc1HxmE1EGPY84akxp0
bIcfLbJO0sOxZ+HOt/woE9jAqQP/c49mE6gBKTEAbDklnEexgR9kep99Mf25/R2f
nlCwPG0WK3TZsMeQjQxWeOz2CdaT5zyrF7CYu4fQCn/WQmIAtnuUFGDbtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKLm9jM2xClQioVgTCCHrjj8gvP6MB8GA1UdIwQY
MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt
Mzg2YzFmOGIwNjQwLzEvb3ViMk16YkVLVkNLaFdCTUlJZXVPUHlDOF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw
LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwCFYMA8E
AgACMAkDBwAgAQZ8LkAwDQYJKoZIhvcNAQELBQADggEBADp/c5JFLRRvaPndjdVK
n1uOr8L/8tiVWqgMuA/iQSq0n/rnLMfMJtlUTWRUnvtQORBgp7YYBzSaT7sWxa30
dpc0KSvQ8DSsL6uFpyqunA6RuNDYG2fIJxCni9f5sKLQBA4dZZnwNv88qPQ1QOQE
0l4ieQjjrG6c2B2UBcR9jgnVnQeQDfbLdZ3f3pjZiHhyc7MvVaofp9VxmvYmaqdP
lSIVSl2t5EeTTvtBL4ZoYgi5/DM/XrCpptLLcoCsqrAPd1nxoKwVq0kCU0sK/5Xb
Mjzp279l561ydXdiFMNVN7Dhvki70iGiHZYEs5fQ5Fo7uizPz2+OrBKEWE4vEAgi
bmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:59 2024 by rpki-client on console-ams.rpki-client.org