Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/of8rgXtyresyoadiGNUjuXNxYFs.roa
File: of8rgXtyresyoadiGNUjuXNxYFs.roa (raw, json)
Hash identifier: oLtInn9u1T0aq5s6gkFVtO51CpH7+R/R6h9tFBN2jx0=
Subject key identifier: A1:FF:2B:81:7B:72:AD:EB:32:A1:A7:62:18:D5:23:B9:73:71:60:5B
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018E6A590E8D75D768FF2799F7CAF96256E0
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/of8rgXtyresyoadiGNUjuXNxYFs.roa
Signing time: Sat 23 Mar 2024 08:06:45 +0000
ROA not before: Sat 23 Mar 2024 08:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204010
IP address blocks: 2a05:907::/32 maxlen: 32
2a05:907:2001::/48 maxlen: 48
2a05:907:2002::/48 maxlen: 48
2a05:907:2003::/48 maxlen: 48
2a05:907:2004::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 07:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:59:0e:8d:75:d7:68:ff:27:99:f7:ca:f9:62:56:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Mar 23 08:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1ff2b817b72adeb32a1a76218d523b97371605b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:76:c2:b7:17:a8:3b:2a:84:1d:d3:7e:8e:da:
32:a1:11:c4:ee:fb:1d:98:bd:94:06:12:85:9f:d7:
27:ea:cf:2b:a2:79:81:bd:ab:00:72:e5:51:e4:ce:
ba:d1:76:38:32:75:40:d5:89:92:35:4a:a6:1c:13:
67:10:45:c1:2e:c2:94:62:aa:38:e8:df:1b:a0:8b:
12:dd:b4:92:08:eb:be:2d:f0:6e:95:c3:b6:ee:b2:
cb:46:ae:2c:f3:ba:29:fb:28:e2:c2:f9:92:1f:62:
49:d0:7e:2c:9c:f2:33:c1:2d:df:8a:9b:a0:9d:12:
4e:dc:c1:42:f8:51:ab:41:fc:f9:b6:b7:23:64:4c:
d6:1c:3b:69:27:6a:73:b6:fd:02:ff:32:37:f9:f7:
e4:41:55:3a:fe:8f:69:74:3b:dc:00:b6:8c:d1:0b:
01:a9:aa:a4:d3:5d:93:10:2e:ce:e0:96:7e:dc:f5:
08:e5:be:06:48:f4:cc:ad:f4:ce:f3:c7:26:0a:b7:
79:6d:de:cd:b6:50:44:88:8d:59:84:d2:5e:cf:ca:
d9:6f:e6:65:82:66:07:47:58:b9:25:e8:f2:b1:90:
4a:f6:e5:31:5a:92:69:aa:f4:58:af:85:62:bd:35:
21:11:e3:de:1e:c6:1e:de:f3:c6:df:52:93:9c:f7:
08:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FF:2B:81:7B:72:AD:EB:32:A1:A7:62:18:D5:23:B9:73:71:60:5B
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/of8rgXtyresyoadiGNUjuXNxYFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:907::/32
Signature Algorithm: sha256WithRSAEncryption
5c:e9:8a:90:f0:83:68:10:b5:ff:61:20:92:2a:97:ed:cc:e0:
51:66:e6:eb:00:83:c6:ff:38:6e:a8:7f:14:30:79:1b:03:f6:
54:ab:20:17:1d:e3:57:2d:cb:c7:e8:74:7b:3c:47:b8:4c:69:
08:fd:24:7c:1b:b1:cb:b9:ee:6f:61:05:59:a3:0c:d0:5e:90:
0d:f2:95:b0:6b:7b:dd:11:19:bf:20:25:04:86:d3:1b:90:22:
fa:ad:98:07:7d:89:66:95:16:05:9e:39:ed:93:b2:78:d1:fb:
a7:ab:42:bb:35:b2:c1:e1:e9:61:8e:ea:b7:d1:5a:17:a1:0c:
33:69:72:32:6c:52:dc:e2:f5:a0:0e:8d:69:7b:25:52:5c:45:
a7:49:7c:b1:29:a0:ea:cd:d3:02:6b:7a:de:d2:9c:14:df:64:
ec:db:11:e6:aa:f0:ef:5c:4c:b9:f0:5f:c3:c5:2f:3d:08:d8:
65:2b:58:92:14:7d:f4:81:e0:d4:88:fe:71:99:8f:d2:3e:fc:
a9:a5:c6:eb:9e:54:37:36:1a:9c:a4:a6:95:c7:63:6a:78:9f:
74:72:4a:1c:64:eb:e9:4e:c6:c9:e5:82:4f:81:99:e8:4e:5a:
00:d8:1f:da:59:40:ab:9d:16:39:12:77:c9:27:5a:f5:51:b4:
6d:b3:78:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5qWQ6Ndddo/yeZ98r5YlbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzIzMDgwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWZmMmI4MTdiNzJhZGViMzJhMWE3NjIxOGQ1MjNiOTczNzE2MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHbCtxeoOyqEHdN+jtoyoRHE7vsd
mL2UBhKFn9cn6s8ronmBvasAcuVR5M660XY4MnVA1YmSNUqmHBNnEEXBLsKUYqo4
6N8boIsS3bSSCOu+LfBulcO27rLLRq4s87op+yjiwvmSH2JJ0H4snPIzwS3fipug
nRJO3MFC+FGrQfz5trcjZEzWHDtpJ2pztv0C/zI3+ffkQVU6/o9pdDvcALaM0QsB
qaqk012TEC7O4JZ+3PUI5b4GSPTMrfTO88cmCrd5bd7NtlBEiI1ZhNJez8rZb+Zl
gmYHR1i5JejysZBK9uUxWpJpqvRYr4VivTUhEePeHsYe3vPG31KTnPcIZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKH/K4F7cq3rMqGnYhjVI7lzcWBbMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvb2Y4cmdYdHlyZXN5b2FkaUdOVWp1WE54WUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUJBzAN
BgkqhkiG9w0BAQsFAAOCAQEAXOmKkPCDaBC1/2EgkiqX7czgUWbm6wCDxv84bqh/
FDB5GwP2VKsgFx3jVy3Lx+h0ezxHuExpCP0kfBuxy7nub2EFWaMM0F6QDfKVsGt7
3REZvyAlBIbTG5Ai+q2YB32JZpUWBZ457ZOyeNH7p6tCuzWyweHpYY7qt9FaF6EM
M2lyMmxS3OL1oA6NaXslUlxFp0l8sSmg6s3TAmt63tKcFN9k7NsR5qrw71xMufBf
w8UvPQjYZStYkhR99IHg1Ij+cZmP0j78qaXG655UNzYanKSmlcdjanifdHJKHGTr
6U7GyeWCT4GZ6E5aANgf2llAq50WORJ3ySda9VG0bbN4xQ==
-----END CERTIFICATE-----
Generated at Mon Mar 25 10:10:07 2024 by rpki-client on console-ams.rpki-client.org