Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/o57ovHN_RGKxsmIqliTkFg-1ubY.roa
File: o57ovHN_RGKxsmIqliTkFg-1ubY.roa (raw, json)
Hash identifier: 9Rhs74v2IqkrZO+4CCAsQSsXvrloEN9h4ulxqqcQIec=
Subject key identifier: A3:9E:E8:BC:73:7F:44:62:B1:B2:62:2A:96:24:E4:16:0F:B5:B9:B6
Certificate issuer: /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial: 01856EC221B82BB82DC2D88F00E7BE3EE877
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/o57ovHN_RGKxsmIqliTkFg-1ubY.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 2001:678:a90::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:21:b8:2b:b8:2d:c2:d8:8f:00:e7:be:3e:e8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a39ee8bc737f4462b1b2622a9624e4160fb5b9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:e9:e6:9a:85:1d:1b:b5:0b:ee:c7:af:00:
b3:fd:4d:8c:d8:9a:d5:df:f2:c0:b7:e0:d6:6d:95:
5b:23:f2:20:61:41:70:1e:a9:0f:5a:67:8b:aa:de:
ba:50:66:22:bc:16:60:3b:dc:fe:fa:f3:96:59:45:
5d:55:e2:4f:ef:58:4e:7d:bc:ef:a2:23:43:6c:78:
85:0c:97:2d:20:5d:e4:f3:92:92:75:f2:dd:b7:90:
5b:0d:30:29:21:97:90:73:15:4f:63:5e:ef:5b:33:
92:4a:66:b1:e7:df:83:26:56:83:53:69:b4:d6:a0:
70:74:1b:74:71:df:2c:64:9d:cd:88:65:06:b4:0b:
29:af:2d:ef:ff:15:92:71:aa:c9:c8:79:f9:f0:df:
e1:60:e4:25:ac:fd:5b:2c:5f:d0:39:ab:7f:97:c3:
77:64:d2:36:36:31:3b:0c:79:d5:ca:48:a4:e2:34:
28:8e:c0:8b:f2:fd:50:38:78:ee:92:18:ed:c9:6b:
59:6e:39:b4:a9:c2:2e:16:cb:45:3a:26:e9:f5:a8:
5a:25:06:2e:31:c6:64:38:f3:b5:ce:db:1b:3e:85:
37:3a:18:8c:53:44:61:bf:01:51:43:71:29:51:d3:
4d:e9:06:b6:89:1d:83:68:e9:5d:11:60:ce:be:2b:
71:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9E:E8:BC:73:7F:44:62:B1:B2:62:2A:96:24:E4:16:0F:B5:B9:B6
X509v3 Authority Key Identifier:
keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/o57ovHN_RGKxsmIqliTkFg-1ubY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a90::/48
Signature Algorithm: sha256WithRSAEncryption
4f:25:78:35:cd:1a:42:ab:1d:f6:04:93:10:40:da:c4:4d:d1:
60:cf:71:23:0c:f8:39:19:58:c4:f7:22:90:c8:de:8a:3c:da:
0b:0f:6a:aa:1d:d7:ef:57:80:77:f3:6b:52:0f:95:1f:6d:51:
8f:72:20:4c:97:f0:78:46:d4:cd:b2:84:7a:a4:bb:51:85:7f:
23:45:74:e6:20:ae:fd:04:5d:39:3a:82:b8:45:bc:79:fc:1e:
39:ca:c0:92:c5:c6:9b:bf:8a:9f:dc:25:1a:28:68:43:c8:2a:
16:da:f4:0b:da:0e:04:1c:fb:4a:4a:bc:1b:00:d8:85:a5:ff:
26:6d:c8:9d:1d:1a:0d:fd:bb:e3:29:35:64:89:12:eb:a4:17:
d5:d3:9d:30:d9:4f:40:ea:0d:4c:75:b5:79:7a:53:ea:3c:9b:
f4:3a:50:67:71:52:2e:96:8d:cf:5e:3b:b0:94:b0:1f:32:71:
f0:a9:02:54:b3:c1:fd:e8:9b:f4:32:5d:9b:4a:95:30:04:47:
36:67:41:e8:3b:88:d4:fc:88:d5:94:22:4d:d8:a6:61:e2:08:
55:cb:c1:c0:97:96:02:4b:8b:c2:73:b4:51:0b:55:30:47:0f:
c1:4b:38:7d:30:4e:9b:5d:8f:cc:09:49:39:de:38:75:a0:47:
b5:3f:64:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuwiG4K7gtwtiPAOe+Puh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjRlZTg4NTg0ZDZkZmQ5ZTNhYTliYzIwMWM1MGY0NGUz
NTNkOWMwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzllZThiYzczN2Y0NDYyYjFiMjYyMmE5NjI0ZTQxNjBmYjViOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0fp5pqFHRu1C+7HrwCz/U2M2JrV
3/LAt+DWbZVbI/IgYUFwHqkPWmeLqt66UGYivBZgO9z++vOWWUVdVeJP71hOfbzv
oiNDbHiFDJctIF3k85KSdfLdt5BbDTApIZeQcxVPY17vWzOSSmax59+DJlaDU2m0
1qBwdBt0cd8sZJ3NiGUGtAspry3v/xWScarJyHn58N/hYOQlrP1bLF/QOat/l8N3
ZNI2NjE7DHnVykik4jQojsCL8v1QOHjukhjtyWtZbjm0qcIuFstFOibp9ahaJQYu
McZkOPO1ztsbPoU3OhiMU0RhvwFRQ3EpUdNN6Qa2iR2DaOldEWDOvitx0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKOe6Lxzf0RisbJiKpYk5BYPtbm2MB8GA1UdIwQY
MBaAFBj07ohYTW39njqpvCAcUPRONT2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMt
MGI5ODg1ODYzZWJmLzEvbzU3b3ZITl9SR0t4c21JcWxpVGtGZy0xdWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMtMGI5ODg1ODYzZWJm
LzEvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBPJXg1zRpCqx32BJMQQNrETdFgz3EjDPg5GVjE
9yKQyN6KPNoLD2qqHdfvV4B382tSD5UfbVGPciBMl/B4RtTNsoR6pLtRhX8jRXTm
IK79BF05OoK4Rbx5/B45ysCSxcabv4qf3CUaKGhDyCoW2vQL2g4EHPtKSrwbANiF
pf8mbcidHRoN/bvjKTVkiRLrpBfV050w2U9A6g1MdbV5elPqPJv0OlBncVIulo3P
XjuwlLAfMnHwqQJUs8H96Jv0Ml2bSpUwBEc2Z0HoO4jU/IjVlCJN2KZh4ghVy8HA
l5YCS4vCc7RRC1UwRw/BSzh9ME6bXY/MCUk53jh1oEe1P2RI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org