Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/RhYO-pmi2lpdXUqvn2p0HHp3ABw.roa
File: RhYO-pmi2lpdXUqvn2p0HHp3ABw.roa (raw, json)
Hash identifier: iBSABq3KPwsb6KYgOkrHpbfVjxg2NxZsQO1PGdPfTho=
Subject key identifier: 46:16:0E:FA:99:A2:DA:5A:5D:5D:4A:AF:9F:6A:74:1C:7A:77:00:1C
Certificate issuer: /CN=b6fa40adbe936b184f844586a0f90d1230b68537
Certificate serial: 018A5F8E6E558F043DCB31DB6C93433CCD64
Authority key identifier: B6:FA:40:AD:BE:93:6B:18:4F:84:45:86:A0:F9:0D:12:30:B6:85:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvpArb6TaxhPhEWGoPkNEjC2hTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/RhYO-pmi2lpdXUqvn2p0HHp3ABw.roa
Signing time: Mon 04 Sep 2023 09:38:04 +0000
ROA not before: Mon 04 Sep 2023 09:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51778
IP address blocks: 194.5.228.0/22 maxlen: 22
194.5.228.0/23 maxlen: 23
2a0c:e740::/32 maxlen: 33
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:8e:6e:55:8f:04:3d:cb:31:db:6c:93:43:3c:cd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fa40adbe936b184f844586a0f90d1230b68537
Validity
Not Before: Sep 4 09:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46160efa99a2da5a5d5d4aaf9f6a741c7a77001c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ce:3d:8b:be:33:1e:91:df:89:0e:eb:cd:a2:
18:ed:0b:1d:86:97:84:f1:c3:34:52:5b:f3:99:fd:
20:8c:3e:34:2c:e4:3e:0d:50:62:ce:2a:d0:ee:d8:
f6:51:b8:83:00:77:7f:12:bc:9d:f8:c4:92:0e:af:
41:38:c8:d0:02:3a:61:69:51:48:e9:21:fc:16:96:
84:35:7c:b1:ee:7b:25:c9:34:e2:fd:12:78:fe:a0:
73:a9:e3:81:ff:73:eb:04:88:5b:af:dd:ec:6d:8f:
83:e5:74:6e:68:eb:54:74:10:32:fa:fb:33:f8:a6:
6b:10:09:07:98:a1:ba:d1:27:6f:eb:8c:8a:af:f0:
a2:1f:f2:13:e1:69:1c:b7:a4:43:06:ee:cb:51:c9:
cb:be:49:74:46:81:a1:21:77:d9:6a:9f:0a:20:34:
19:7c:e1:35:26:21:d1:71:92:11:59:b5:2b:ff:32:
ed:fb:87:4e:5a:08:21:a2:40:db:91:9d:4a:7c:81:
d0:5e:89:7e:d8:57:ee:7e:56:21:fc:83:58:d1:ab:
b4:9e:36:0d:6a:58:f5:3a:7f:79:e4:f4:0c:9c:bc:
74:89:2a:cb:ac:af:17:9f:de:65:18:75:48:5b:24:
28:b9:82:11:c6:78:6c:9e:86:72:d9:fd:00:66:a6:
c7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:16:0E:FA:99:A2:DA:5A:5D:5D:4A:AF:9F:6A:74:1C:7A:77:00:1C
X509v3 Authority Key Identifier:
keyid:B6:FA:40:AD:BE:93:6B:18:4F:84:45:86:A0:F9:0D:12:30:B6:85:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvpArb6TaxhPhEWGoPkNEjC2hTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/RhYO-pmi2lpdXUqvn2p0HHp3ABw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eeb1b2-e3c3-413d-a164-80d4782437ff/1/tvpArb6TaxhPhEWGoPkNEjC2hTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.228.0/22
IPv6:
2a0c:e740::/32
Signature Algorithm: sha256WithRSAEncryption
49:6d:e4:1e:67:30:83:37:5a:80:9f:17:34:29:49:a5:2c:34:
71:39:b7:c5:7a:a8:03:15:36:87:e6:f2:5f:c1:e2:fe:7d:16:
c8:d7:fb:fd:08:fa:2f:89:2a:11:d6:50:78:28:9e:7c:77:ef:
87:bd:4c:1a:04:09:ac:c9:a3:17:2d:ee:e8:0b:42:7c:6a:17:
6e:0e:d5:4d:e1:8a:4b:7f:7a:cf:6c:cb:5e:69:67:cd:49:07:
90:db:f1:04:2d:c3:57:57:31:f2:24:83:bd:b6:0c:6b:7e:40:
59:7c:f2:25:88:20:c5:21:64:7b:66:6c:94:c8:8c:05:9a:6d:
86:ad:07:06:7c:99:2f:f1:53:43:65:5a:9e:2a:c4:3b:51:dc:
ff:cd:53:93:3b:a2:70:40:22:2d:c9:19:60:8f:f1:21:8e:ec:
bf:17:b2:d1:77:55:75:5b:da:e4:ea:15:e1:fc:4f:bd:7c:32:
3b:0e:4e:5a:1d:ed:9c:38:62:41:ed:e5:b9:bf:7a:37:88:1e:
da:11:5d:4f:6a:9d:5d:5b:54:fd:cc:34:c4:ca:e5:66:e3:78:
6c:35:07:64:27:77:cd:47:f3:fb:96:ef:8b:48:25:1e:13:1b:
e9:74:30:ec:4c:c5:d8:7b:9e:26:72:7e:f5:6d:38:09:a0:c2:
54:b4:b7:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpfjm5VjwQ9yzHbbJNDPM1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmE0MGFkYmU5MzZiMTg0Zjg0NDU4NmEwZjkwZDEyMzBi
Njg1MzcwHhcNMjMwOTA0MDkzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE2MGVmYTk5YTJkYTVhNWQ1ZDRhYWY5ZjZhNzQxYzdhNzcwMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs49i74zHpHfiQ7rzaIY7QsdhpeE
8cM0Ulvzmf0gjD40LOQ+DVBizirQ7tj2UbiDAHd/Eryd+MSSDq9BOMjQAjphaVFI
6SH8FpaENXyx7nslyTTi/RJ4/qBzqeOB/3PrBIhbr93sbY+D5XRuaOtUdBAy+vsz
+KZrEAkHmKG60Sdv64yKr/CiH/IT4Wkct6RDBu7LUcnLvkl0RoGhIXfZap8KIDQZ
fOE1JiHRcZIRWbUr/zLt+4dOWgghokDbkZ1KfIHQXol+2FfuflYh/INY0au0njYN
alj1On955PQMnLx0iSrLrK8Xn95lGHVIWyQouYIRxnhsnoZy2f0AZqbHfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEYWDvqZotpaXV1Kr59qdBx6dwAcMB8GA1UdIwQY
MBaAFLb6QK2+k2sYT4RFhqD5DRIwtoU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZwQXJiNlRheGhQaEVXR29Qa05FakMyaFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lZWIxYjItZTNjMy00MTNkLWExNjQt
ODBkNDc4MjQzN2ZmLzEvUmhZTy1wbWkybHBkWFVxdm4ycDBISHAzQUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lZWIxYjItZTNjMy00MTNkLWExNjQtODBkNDc4MjQzN2Zm
LzEvdHZwQXJiNlRheGhQaEVXR29Qa05FakMyaFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwgXkMA0E
AgACMAcDBQAqDOdAMA0GCSqGSIb3DQEBCwUAA4IBAQBJbeQeZzCDN1qAnxc0KUml
LDRxObfFeqgDFTaH5vJfweL+fRbI1/v9CPoviSoR1lB4KJ58d++HvUwaBAmsyaMX
Le7oC0J8ahduDtVN4YpLf3rPbMteaWfNSQeQ2/EELcNXVzHyJIO9tgxrfkBZfPIl
iCDFIWR7ZmyUyIwFmm2GrQcGfJkv8VNDZVqeKsQ7Udz/zVOTO6JwQCItyRlgj/Eh
juy/F7LRd1V1W9rk6hXh/E+9fDI7Dk5aHe2cOGJB7eW5v3o3iB7aEV1Pap1dW1T9
zDTEyuVm43hsNQdkJ3fNR/P7lu+LSCUeExvpdDDsTMXYe54mcn71bTgJoMJUtLcx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:18 2024 by rpki-client on console-ams.rpki-client.org