Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/u8w75Awssq8GI3G1DdL_o-im8S0.roa
File: u8w75Awssq8GI3G1DdL_o-im8S0.roa (raw, json)
Hash identifier: xsoQijrovYSv3zK6MwNuthSm1ylYHROqH4emg9RkYMA=
Subject key identifier: BB:CC:3B:E4:0C:2C:B2:AF:06:23:71:B5:0D:D2:FF:A3:E8:A6:F1:2D
Certificate issuer: /CN=331a51afd4cb6682c230ded640658c113c562fd2
Certificate serial: 018873D1891EEAEFAE98E56DBE9549CD2897
Authority key identifier: 33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/u8w75Awssq8GI3G1DdL_o-im8S0.roa
Signing time: Wed 31 May 2023 21:58:11 +0000
ROA not before: Wed 31 May 2023 21:58:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198378
IP address blocks: 2001:67c:cac::/48 maxlen: 48
2001:67c:cb0::/48 maxlen: 48
2001:67c:ca8::/48 maxlen: 48
2001:67c:7a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:73:d1:89:1e:ea:ef:ae:98:e5:6d:be:95:49:cd:28:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331a51afd4cb6682c230ded640658c113c562fd2
Validity
Not Before: May 31 21:58:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbcc3be40c2cb2af062371b50dd2ffa3e8a6f12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:a0:ee:eb:de:3b:95:c5:4d:45:54:d7:f7:
ce:e7:3a:83:fb:82:9a:3e:f6:07:34:7f:f6:c5:95:
bc:57:ae:36:df:9e:f6:7a:6d:e6:aa:c1:05:dd:91:
88:cb:e4:76:43:41:f3:df:b5:77:95:1d:9b:bd:fc:
71:d6:8c:a2:1b:1d:f2:27:d2:11:ac:59:f9:2b:18:
ba:52:66:d2:cc:15:4e:8a:de:e4:75:77:4c:50:6a:
f7:25:3e:b5:eb:71:5a:d8:b4:be:bd:24:fd:4b:67:
f3:6a:b9:42:ed:22:94:3d:25:57:ec:27:00:63:17:
3e:c9:4f:9c:64:99:22:af:e1:0f:25:ed:ab:44:d1:
03:aa:4d:78:7f:8d:b1:17:2c:e5:20:67:c0:37:b8:
e1:31:1d:17:a8:f4:c7:2d:60:5d:da:37:af:c3:02:
0d:f3:80:b7:98:4f:ee:43:ea:97:f4:18:53:94:0a:
0b:f5:bd:5d:58:4d:15:59:d8:5c:a3:e9:3c:a1:0d:
ce:93:70:f1:8f:8a:41:3d:a8:f7:e1:c2:c2:df:20:
54:fe:ee:6a:9a:a3:e7:f4:c9:cf:6c:0e:2d:2d:66:
6c:03:17:e9:ce:db:17:df:98:65:a8:f6:1b:da:a6:
b5:ea:25:a1:25:58:ac:97:fd:54:f5:68:e7:ce:76:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CC:3B:E4:0C:2C:B2:AF:06:23:71:B5:0D:D2:FF:A3:E8:A6:F1:2D
X509v3 Authority Key Identifier:
keyid:33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/u8w75Awssq8GI3G1DdL_o-im8S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:7a0::/48
2001:67c:ca8::/48
2001:67c:cac::/48
2001:67c:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
7c:78:35:e8:13:a6:62:b1:15:a7:87:44:7e:f4:d1:a0:b3:8a:
69:5c:56:c1:7b:3d:93:74:a6:97:81:b6:4a:39:45:b2:3c:b5:
26:c4:80:2c:23:e0:78:fb:41:28:38:4a:38:80:55:fc:04:ee:
e4:a5:3e:92:77:e7:8f:9f:0e:3b:ef:77:68:5a:09:ab:0c:c1:
2c:94:c7:3d:d3:20:92:bd:c9:9a:ae:48:80:d7:a1:09:04:f1:
87:d5:97:b8:89:ee:0b:04:07:b2:85:be:2d:bf:91:2e:b4:5d:
b6:a9:e8:57:a5:f6:b5:32:71:8b:de:06:20:e8:ba:2d:f6:a2:
39:f7:39:4b:3e:5f:24:03:15:67:dc:1f:e1:9b:a6:20:5c:d8:
04:a8:4d:90:78:a9:e5:73:25:65:bd:90:14:17:48:24:c5:e8:
71:a2:d9:6d:10:c4:35:5c:bf:26:e7:1f:7c:d8:75:61:39:20:
a0:18:45:82:fd:17:2b:38:4f:fc:24:bc:6d:e4:bb:4d:05:48:
4b:3f:5a:92:b6:b4:4a:82:1e:36:58:9f:b8:c7:3d:04:84:fb:
cd:00:f2:c8:81:c4:47:f3:d7:6b:5e:23:ab:39:35:a2:c0:02:
e7:fd:e9:77:24:0a:d4:7a:c7:b2:41:5a:a4:cc:7e:2a:f2:4d:
30:4c:16:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhz0Yke6u+umOVtvpVJzSiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWE1MWFmZDRjYjY2ODJjMjMwZGVkNjQwNjU4YzExM2M1
NjJmZDIwHhcNMjMwNTMxMjE1ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNjM2JlNDBjMmNiMmFmMDYyMzcxYjUwZGQyZmZhM2U4YTZmMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd6g7uveO5XFTUVU1/fO5zqD+4Ka
PvYHNH/2xZW8V6423572em3mqsEF3ZGIy+R2Q0Hz37V3lR2bvfxx1oyiGx3yJ9IR
rFn5Kxi6UmbSzBVOit7kdXdMUGr3JT6163Fa2LS+vST9S2fzarlC7SKUPSVX7CcA
Yxc+yU+cZJkir+EPJe2rRNEDqk14f42xFyzlIGfAN7jhMR0XqPTHLWBd2jevwwIN
84C3mE/uQ+qX9BhTlAoL9b1dWE0VWdhco+k8oQ3Ok3Dxj4pBPaj34cLC3yBU/u5q
mqPn9MnPbA4tLWZsAxfpztsX35hlqPYb2qa16iWhJVisl/1U9WjnznaEzQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLvMO+QMLLKvBiNxtQ3S/6PopvEtMB8GA1UdIwQY
MBaAFDMaUa/Uy2aCwjDe1kBljBE8Vi/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAt
NGE1NjZhZGQ1NGIyLzEvdTh3NzVBd3NzcThHSTNHMURkTF9vLWltOFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAtNGE1NjZhZGQ1NGIy
LzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGfAeg
AwcAIAEGfAyoAwcAIAEGfAysAwcAIAEGfAywMA0GCSqGSIb3DQEBCwUAA4IBAQB8
eDXoE6ZisRWnh0R+9NGgs4ppXFbBez2TdKaXgbZKOUWyPLUmxIAsI+B4+0EoOEo4
gFX8BO7kpT6Sd+ePnw4773doWgmrDMEslMc90yCSvcmarkiA16EJBPGH1Ze4ie4L
BAeyhb4tv5EutF22qehXpfa1MnGL3gYg6Lot9qI59zlLPl8kAxVn3B/hm6YgXNgE
qE2QeKnlcyVlvZAUF0gkxehxotltEMQ1XL8m5x982HVhOSCgGEWC/RcrOE/8JLxt
5LtNBUhLP1qStrRKgh42WJ+4xz0EhPvNAPLIgcRH89drXiOrOTWiwALn/el3JArU
eseyQVqkzH4q8k0wTBZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:16 2024 by rpki-client on console-fra.rpki-client.org