Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/PqOy4wITowdGjtioJAlkg3o_AhI.roa
File: PqOy4wITowdGjtioJAlkg3o_AhI.roa (raw, json)
Hash identifier: Sh2xk8BDUnO3gXTUAANZnmcknQmfestd7u13J9UyIck=
Subject key identifier: 3E:A3:B2:E3:02:13:A3:07:46:8E:D8:A8:24:09:64:83:7A:3F:02:12
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01857246CAF2ED49D27C11FECF2BC3C8A880
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/PqOy4wITowdGjtioJAlkg3o_AhI.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35402
IP address blocks: 2a01:5c8:800::/48 maxlen: 48
2a01:5c8:803::/48 maxlen: 48
2a01:5c8:801::/48 maxlen: 48
2a01:5c8:804::/48 maxlen: 48
2a01:5c8:805::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ca:f2:ed:49:d2:7c:11:fe:cf:2b:c3:c8:a8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ea3b2e30213a307468ed8a8240964837a3f0212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2e:69:aa:91:c3:1f:0d:93:20:8f:7a:b6:51:
fa:66:c7:cf:5f:60:84:4e:cd:a7:e0:5f:fa:1a:50:
fb:0f:b8:33:12:5f:9f:08:72:4a:f6:63:55:80:1f:
39:23:e6:5c:fd:c3:13:e2:21:32:29:79:d7:0f:50:
14:3f:cf:dc:46:47:cd:8e:1b:88:b5:db:72:c6:1d:
8c:15:5e:05:f7:c9:51:c3:10:7a:4e:a4:75:e3:3e:
75:15:ee:0f:98:0e:25:88:db:99:41:dc:6d:b5:37:
26:18:93:4c:c1:1f:95:05:e1:dc:93:3d:fe:3b:05:
f2:41:eb:94:63:5b:0a:a2:46:50:94:9b:d0:07:b7:
d4:ed:b0:41:bc:d8:4f:55:dd:60:fd:2a:65:c4:1c:
05:d2:fa:0f:0c:90:d9:14:ca:d5:01:c6:05:50:38:
0c:34:bc:cd:19:2f:ff:c7:d7:8d:09:39:96:ff:56:
cf:4d:bb:bd:8c:ee:fc:b4:90:ec:fb:80:31:81:24:
d2:bd:dd:e9:7a:65:8f:4a:77:a0:1a:e7:73:c4:f0:
49:70:dc:36:fc:c3:ee:55:dc:5f:92:78:72:42:ac:
5c:4a:75:a0:7a:ca:77:1d:fa:6e:bb:f6:d4:f5:6e:
27:05:ad:0c:06:60:20:dc:c4:e8:85:6f:2c:60:1a:
4b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A3:B2:E3:02:13:A3:07:46:8E:D8:A8:24:09:64:83:7A:3F:02:12
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/PqOy4wITowdGjtioJAlkg3o_AhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:5c8:800::/47
2a01:5c8:803::-2a01:5c8:805:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:45:19:42:35:5e:71:02:13:ff:0f:07:4d:ab:28:49:0d:5b:
12:cf:0b:59:50:99:63:25:d8:69:2e:51:c1:6d:c7:04:d4:c1:
fe:4e:20:e9:a0:a0:fc:d1:18:58:8a:16:e8:51:8f:54:ec:7d:
3c:45:d1:59:8e:9d:d5:92:7f:fd:98:e0:c3:a7:96:61:16:64:
81:27:74:20:ac:3b:03:58:63:fa:b6:8e:59:4a:da:f1:fc:0c:
a8:07:d5:a2:0e:22:d7:66:d5:55:91:5c:e9:e5:05:63:e3:50:
68:85:03:1c:8c:a9:c2:96:b0:52:4a:61:6b:72:1a:10:4a:34:
b4:52:2d:cb:1d:86:4f:dd:d9:2a:10:a1:2a:35:65:93:8a:f1:
d5:6a:ba:ed:93:0e:a4:39:a2:39:b2:84:07:a9:1d:fb:e2:a5:
e5:a1:86:b1:bd:d6:cc:c8:61:23:8d:8c:ae:c5:ec:61:58:3c:
1d:3e:45:f4:6d:5f:c1:d8:ef:5d:18:d1:85:d6:cf:6f:f9:35:
93:16:13:bd:47:90:11:b3:f5:e4:dd:3f:a9:11:46:03:1d:6c:
74:2d:a2:c5:b7:25:f4:ac:1b:f5:2a:d6:01:58:e5:ce:23:36:
0a:2b:e7:bf:fb:ef:79:f0:c5:45:85:ed:88:0d:7b:c5:fd:cd:
74:0f:1d:a2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyRsry7UnSfBH+zyvDyKiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWEzYjJlMzAyMTNhMzA3NDY4ZWQ4YTgyNDA5NjQ4MzdhM2YwMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS5pqpHDHw2TII96tlH6ZsfPX2CE
Ts2n4F/6GlD7D7gzEl+fCHJK9mNVgB85I+Zc/cMT4iEyKXnXD1AUP8/cRkfNjhuI
tdtyxh2MFV4F98lRwxB6TqR14z51Fe4PmA4liNuZQdxttTcmGJNMwR+VBeHckz3+
OwXyQeuUY1sKokZQlJvQB7fU7bBBvNhPVd1g/SplxBwF0voPDJDZFMrVAcYFUDgM
NLzNGS//x9eNCTmW/1bPTbu9jO78tJDs+4AxgSTSvd3pemWPSnegGudzxPBJcNw2
/MPuVdxfknhyQqxcSnWgesp3Hfpuu/bU9W4nBa0MBmAg3MTohW8sYBpLFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD6jsuMCE6MHRo7YqCQJZIN6PwISMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvUHFPeTR3SVRvd2RHanRpb0pBbGtnM29fQWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKgEFyAgA
MBIDBwAqAQXICAMDBwEqAQXICAQwDQYJKoZIhvcNAQELBQADggEBAFZFGUI1XnEC
E/8PB02rKEkNWxLPC1lQmWMl2GkuUcFtxwTUwf5OIOmgoPzRGFiKFuhRj1TsfTxF
0VmOndWSf/2Y4MOnlmEWZIEndCCsOwNYY/q2jllK2vH8DKgH1aIOItdm1VWRXOnl
BWPjUGiFAxyMqcKWsFJKYWtyGhBKNLRSLcsdhk/d2SoQoSo1ZZOK8dVquu2TDqQ5
ojmyhAepHfvipeWhhrG91szIYSONjK7F7GFYPB0+RfRtX8HY710Y0YXWz2/5NZMW
E71HkBGz9eTdP6kRRgMdbHQtosW3JfSsG/Uq1gFY5c4jNgor57/773nwxUWF7YgN
e8X9zXQPHaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:39 2024 by rpki-client on console-ams.rpki-client.org