Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/yOzeZSQosIDuuVC1rFm3bS0zVGY.roa
File: yOzeZSQosIDuuVC1rFm3bS0zVGY.roa (raw, json)
Hash identifier: MlvF5EhJYy3LqijNCGUtkwW4Msi+g+RjclJvb94FcGM=
Subject key identifier: C8:EC:DE:65:24:28:B0:80:EE:B9:50:B5:AC:59:B7:6D:2D:33:54:66
Certificate issuer: /CN=386ab970bfb6947597e97cefb916ec76a0c56858
Certificate serial: 01856FF03A2370C9AE35DCA5E04D741CA9E7
Authority key identifier: 38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/yOzeZSQosIDuuVC1rFm3bS0zVGY.roa
Signing time: Mon 02 Jan 2023 00:44:52 +0000
ROA not before: Mon 02 Jan 2023 00:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206725
IP address blocks: 2001:678:134::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:3a:23:70:c9:ae:35:dc:a5:e0:4d:74:1c:a9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=386ab970bfb6947597e97cefb916ec76a0c56858
Validity
Not Before: Jan 2 00:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8ecde652428b080eeb950b5ac59b76d2d335466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:26:f5:da:ff:08:c7:b5:8a:68:21:06:b8:cb:
08:69:03:48:2a:fd:81:df:52:28:19:34:fc:e3:ae:
d9:3c:b2:1a:22:fb:7c:68:ed:8b:48:b5:17:c4:64:
50:cf:a8:50:b1:f2:db:59:f8:9c:f7:70:50:90:9d:
a5:9f:73:14:4d:bb:69:4d:c8:b2:5c:19:93:4b:39:
bc:3c:55:04:3e:da:18:2b:2c:64:46:b6:cc:eb:fa:
eb:f4:ae:6c:70:c8:ab:13:a8:1a:1e:a7:f3:98:0d:
6a:d5:d9:18:58:18:e0:01:33:89:da:f6:55:05:42:
df:8a:70:e8:58:2d:0e:d3:be:be:a2:93:92:6e:f0:
8a:71:02:ad:03:3c:74:00:cc:e2:0f:c9:5e:56:53:
67:2e:69:4f:c2:bf:2b:27:15:b8:3c:16:64:08:db:
d1:c5:88:3d:58:9a:21:32:3b:97:32:1a:fb:dd:91:
0d:3f:98:e1:24:4e:c4:be:d1:5b:0c:32:e2:db:46:
8f:a0:cc:5f:7b:ce:4e:0b:6f:56:0a:21:b1:54:a2:
66:a1:17:24:a2:b0:03:8e:2d:fa:74:b5:ed:02:1e:
89:e0:0e:77:ad:7c:77:01:27:1e:9c:c1:aa:e4:34:
c0:bf:b1:da:86:f7:b1:fe:94:29:2d:86:a9:61:e4:
5a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EC:DE:65:24:28:B0:80:EE:B9:50:B5:AC:59:B7:6D:2D:33:54:66
X509v3 Authority Key Identifier:
keyid:38:6A:B9:70:BF:B6:94:75:97:E9:7C:EF:B9:16:EC:76:A0:C5:68:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGq5cL-2lHWX6XzvuRbsdqDFaFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/yOzeZSQosIDuuVC1rFm3bS0zVGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/41fda9-9702-458d-982f-8d11257d4af6/1/OGq5cL-2lHWX6XzvuRbsdqDFaFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:134::/48
Signature Algorithm: sha256WithRSAEncryption
c8:f8:6b:39:93:2f:f4:b3:72:bf:4e:5c:c7:95:a1:d2:93:7d:
d4:a6:61:64:b6:fb:84:7e:de:3e:1f:6f:97:2a:18:cc:06:23:
a9:d2:b9:22:b3:e1:c5:a5:58:0f:e4:d4:56:4d:8e:3f:5f:0f:
e5:6e:b1:59:1f:e3:4a:01:65:5d:71:6c:72:f9:4a:0b:29:d5:
a5:56:99:28:b1:6c:a6:b0:dd:a7:e2:e8:6b:73:19:91:90:0c:
69:f0:e5:a0:5e:19:df:79:5e:b9:d5:16:e7:2a:86:c9:7b:b5:
e3:fd:61:d1:a1:11:6b:a2:85:61:f0:38:0c:ad:79:82:e9:45:
16:85:77:5b:6c:f6:3f:ea:6e:50:e5:cd:76:29:d3:94:19:b6:
d0:4d:7c:f1:67:4a:b4:8a:70:69:8c:e9:d8:05:31:4b:e1:f1:
84:25:eb:02:06:6b:60:3e:3e:43:5f:86:08:35:50:e9:9f:f9:
63:af:6c:1a:0a:8e:30:c9:5b:6d:cb:1d:e4:36:ba:da:b3:2b:
9d:bf:e6:0d:00:2b:d3:81:a1:fb:79:f0:68:30:68:75:e5:76:
f0:3b:b5:e4:bd:22:23:ce:f4:07:74:6d:05:7e:c8:97:c1:b9:
19:1f:2a:25:8a:80:17:68:85:11:a3:0a:e2:f0:43:2e:83:b4:
bf:ab:72:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv8DojcMmuNdyl4E10HKnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NmFiOTcwYmZiNjk0NzU5N2U5N2NlZmI5MTZlYzc2YTBj
NTY4NTgwHhcNMjMwMTAyMDA0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVjZGU2NTI0MjhiMDgwZWViOTUwYjVhYzU5Yjc2ZDJkMzM1NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyb12v8Ix7WKaCEGuMsIaQNIKv2B
31IoGTT8467ZPLIaIvt8aO2LSLUXxGRQz6hQsfLbWfic93BQkJ2ln3MUTbtpTciy
XBmTSzm8PFUEPtoYKyxkRrbM6/rr9K5scMirE6gaHqfzmA1q1dkYWBjgATOJ2vZV
BULfinDoWC0O076+opOSbvCKcQKtAzx0AMziD8leVlNnLmlPwr8rJxW4PBZkCNvR
xYg9WJohMjuXMhr73ZENP5jhJE7EvtFbDDLi20aPoMxfe85OC29WCiGxVKJmoRck
orADji36dLXtAh6J4A53rXx3AScenMGq5DTAv7Hahvex/pQpLYapYeRaLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMjs3mUkKLCA7rlQtaxZt20tM1RmMB8GA1UdIwQY
MBaAFDhquXC/tpR1l+l877kW7HagxWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYt
OGQxMTI1N2Q0YWY2LzEveU96ZVpTUW9zSUR1dVZDMXJGbTNiUzB6VkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC80MWZkYTktOTcwMi00NThkLTk4MmYtOGQxMTI1N2Q0YWY2
LzEvT0dxNWNMLTJsSFdYNlh6dnVSYnNkcURGYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAE0
MA0GCSqGSIb3DQEBCwUAA4IBAQDI+Gs5ky/0s3K/TlzHlaHSk33UpmFktvuEft4+
H2+XKhjMBiOp0rkis+HFpVgP5NRWTY4/Xw/lbrFZH+NKAWVdcWxy+UoLKdWlVpko
sWymsN2n4uhrcxmRkAxp8OWgXhnfeV651RbnKobJe7Xj/WHRoRFrooVh8DgMrXmC
6UUWhXdbbPY/6m5Q5c12KdOUGbbQTXzxZ0q0inBpjOnYBTFL4fGEJesCBmtgPj5D
X4YINVDpn/ljr2waCo4wyVttyx3kNrrasyudv+YNACvTgaH7efBoMGh15XbwO7Xk
vSIjzvQHdG0FfsiXwbkZHyolioAXaIURowri8EMug7S/q3It
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:54 2024 by rpki-client on console-fra.rpki-client.org