Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/MI8OOskQ9sCTJfVIft9DgqwN7eA.roa
File: MI8OOskQ9sCTJfVIft9DgqwN7eA.roa (raw, json)
Hash identifier: KugPkjEG/NOq1ZpmCLyiO/6QU/xZ3PC/RY0rpT1CL+I=
Subject key identifier: 30:8F:0E:3A:C9:10:F6:C0:93:25:F5:48:7E:DF:43:82:AC:0D:ED:E0
Certificate issuer: /CN=a16512b8a262bad599a3b023358c5ceccac9e085
Certificate serial: 0192AFC0210C280F70B4837BC5B97D61D43F
Authority key identifier: A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/MI8OOskQ9sCTJfVIft9DgqwN7eA.roa
Signing time: Mon 21 Oct 2024 15:44:16 +0000
ROA not before: Mon 21 Oct 2024 15:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214145
IP address blocks: 2a01:e140::/48 maxlen: 48
2a01:e140:1::/48 maxlen: 48
2a01:e140:2::/48 maxlen: 48
2a01:e140:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 19:05:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:c0:21:0c:28:0f:70:b4:83:7b:c5:b9:7d:61:d4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16512b8a262bad599a3b023358c5ceccac9e085
Validity
Not Before: Oct 21 15:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=308f0e3ac910f6c09325f5487edf4382ac0dede0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:49:e9:c8:9a:0f:e4:62:74:90:0c:4d:19:
42:52:93:28:bc:75:0c:a8:51:a9:21:25:e1:ff:9f:
f0:9b:79:0f:b1:ec:e4:09:4e:bb:9e:ec:f8:80:b6:
35:66:f7:49:f7:f5:c7:87:93:94:e3:3b:ed:61:84:
2b:f3:77:8a:aa:83:30:fe:97:3b:b2:13:1b:11:a9:
b4:3f:98:a5:8f:27:95:e3:17:e2:1a:22:1c:b6:e6:
64:31:23:63:c4:87:e5:eb:4e:46:09:79:e0:c6:a3:
74:5a:27:d4:3d:f1:04:ad:2e:26:50:78:50:58:84:
49:31:62:24:f9:56:ed:dc:ac:08:43:4a:dd:e8:2e:
4d:12:e2:c0:38:97:11:da:10:ec:55:32:67:5f:1e:
2f:da:45:d3:99:a5:bf:77:9c:92:63:34:89:76:ed:
64:d6:0c:67:95:a0:c4:c0:17:7f:ad:b4:15:e8:13:
5c:d5:62:63:e9:fd:69:e6:85:e0:f1:68:e7:5b:b9:
b0:16:20:f0:8d:2d:1d:35:ed:07:a6:45:fa:2f:eb:
8c:bf:4f:c9:be:93:f9:24:3c:49:89:9c:2f:0c:a4:
2e:6e:0c:6a:49:04:37:2c:83:a6:e9:1f:04:c7:86:
38:50:ef:4e:4e:63:a6:10:85:c5:73:d0:81:40:06:
f6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8F:0E:3A:C9:10:F6:C0:93:25:F5:48:7E:DF:43:82:AC:0D:ED:E0
X509v3 Authority Key Identifier:
keyid:A1:65:12:B8:A2:62:BA:D5:99:A3:B0:23:35:8C:5C:EC:CA:C9:E0:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWUSuKJiutWZo7AjNYxc7MrJ4IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/MI8OOskQ9sCTJfVIft9DgqwN7eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8aa085-cadc-446e-bbe8-c9ec3a98f9a3/1/oWUSuKJiutWZo7AjNYxc7MrJ4IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e140::-2a01:e140:2:ffff:ffff:ffff:ffff:ffff
2a01:e140:a::/48
Signature Algorithm: sha256WithRSAEncryption
8d:7e:2d:a2:12:9b:d2:52:3c:91:90:e0:99:13:4d:58:58:fc:
82:37:d8:64:9f:ef:c7:a7:a8:1c:83:3b:8f:dd:3b:6e:12:69:
bd:db:97:cf:78:28:23:88:11:1a:80:96:be:eb:e3:e7:36:82:
4c:0f:11:29:50:f6:d3:10:7a:aa:c8:32:d3:cf:ba:86:5e:5b:
7b:22:dc:bf:a1:c0:cc:47:87:bb:6a:9d:84:bc:9a:2c:22:6d:
77:63:ee:50:5f:8b:94:ec:90:2d:e0:50:72:35:3e:70:c2:fa:
2b:ca:06:3b:1b:fb:e6:32:4c:a0:23:a8:93:77:14:f0:e4:26:
9a:19:d1:1c:ea:81:9e:a0:12:7a:60:75:2d:c7:6f:3e:3d:14:
09:47:1e:fa:a8:a0:e1:d5:e9:d4:07:6a:8c:67:b5:31:62:28:
4e:76:69:c2:8b:a7:b3:dd:11:65:37:48:da:47:1a:cb:8f:9c:
fa:1b:fe:fd:8e:e9:75:25:81:fc:ae:c3:cb:8b:72:48:52:2a:
90:30:88:7b:bf:e7:6e:f5:c9:6c:90:f8:fe:eb:33:c0:d8:22:
b0:6c:e5:e6:2d:7a:7a:fc:33:18:67:f7:d7:00:f0:6a:4a:cd:
bd:79:60:f8:12:57:6f:fe:10:ae:73:f8:1d:63:a3:f1:64:67:
8a:17:cb:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKvwCEMKA9wtIN7xbl9YdQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjUxMmI4YTI2MmJhZDU5OWEzYjAyMzM1OGM1Y2VjY2Fj
OWUwODUwHhcNMjQxMDIxMTU0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDhmMGUzYWM5MTBmNmMwOTMyNWY1NDg3ZWRmNDM4MmFjMGRlZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/ZJ6ciaD+RidJAMTRlCUpMovHUM
qFGpISXh/5/wm3kPsezkCU67nuz4gLY1ZvdJ9/XHh5OU4zvtYYQr83eKqoMw/pc7
shMbEam0P5iljyeV4xfiGiIctuZkMSNjxIfl605GCXngxqN0WifUPfEErS4mUHhQ
WIRJMWIk+Vbt3KwIQ0rd6C5NEuLAOJcR2hDsVTJnXx4v2kXTmaW/d5ySYzSJdu1k
1gxnlaDEwBd/rbQV6BNc1WJj6f1p5oXg8WjnW7mwFiDwjS0dNe0HpkX6L+uMv0/J
vpP5JDxJiZwvDKQubgxqSQQ3LIOm6R8Ex4Y4UO9OTmOmEIXFc9CBQAb2aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDCPDjrJEPbAkyX1SH7fQ4KsDe3gMB8GA1UdIwQY
MBaAFKFlEriiYrrVmaOwIzWMXOzKyeCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgt
YzllYzNhOThmOWEzLzEvTUk4T09za1E5c0NUSmZWSWZ0OURncXdON2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84YWEwODUtY2FkYy00NDZlLWJiZTgtYzllYzNhOThmOWEz
LzEvb1dVU3VLSml1dFdabzdBak5ZeGM3TXJKNElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBADBQYqAeFA
AwcAKgHhQAACAwcAKgHhQAAKMA0GCSqGSIb3DQEBCwUAA4IBAQCNfi2iEpvSUjyR
kOCZE01YWPyCN9hkn+/Hp6gcgzuP3TtuEmm925fPeCgjiBEagJa+6+PnNoJMDxEp
UPbTEHqqyDLTz7qGXlt7Ity/ocDMR4e7ap2EvJosIm13Y+5QX4uU7JAt4FByNT5w
wvorygY7G/vmMkygI6iTdxTw5CaaGdEc6oGeoBJ6YHUtx28+PRQJRx76qKDh1enU
B2qMZ7UxYihOdmnCi6ez3RFlN0jaRxrLj5z6G/79jul1JYH8rsPLi3JIUiqQMIh7
v+du9clskPj+6zPA2CKwbOXmLXp6/DMYZ/fXAPBqSs29eWD4Eldv/hCuc/gdY6Px
ZGeKF8sQ
Generated at Mon Oct 21 22:08:12 2024 by rpki-client on console-ams.rpki-client.org