Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/OCkQbP4JxH3Ft-qe87vE5XroYVE.roa
File: OCkQbP4JxH3Ft-qe87vE5XroYVE.roa (raw, json)
Hash identifier: Mfq8q8dUyU8OHkm/9x2FGqKQmKFXY/8gH8XCqUMc6s0=
Subject key identifier: 38:29:10:6C:FE:09:C4:7D:C5:B7:EA:9E:F3:BB:C4:E5:7A:E8:61:51
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0187252FAC853182EF66473FC1E21B6F67C3
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/OCkQbP4JxH3Ft-qe87vE5XroYVE.roa
Signing time: Mon 27 Mar 2023 22:28:14 +0000
ROA not before: Mon 27 Mar 2023 22:28:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48233
IP address blocks: 2a06:9686:800::/39 maxlen: 39
2a06:9686:600::/39 maxlen: 39
2a06:9686:400::/39 maxlen: 39
2a06:9686:200::/39 maxlen: 39
2a06:9686::/39 maxlen: 39
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:25:2f:ac:85:31:82:ef:66:47:3f:c1:e2:1b:6f:67:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Mar 27 22:28:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3829106cfe09c47dc5b7ea9ef3bbc4e57ae86151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d4:63:7d:64:96:a6:94:03:37:63:08:c5:12:
b3:ef:c9:a4:26:2f:b4:b1:74:36:50:35:b0:e0:67:
af:6e:07:15:c2:6b:1c:2a:ff:54:df:6b:fa:52:04:
e7:84:e4:82:2b:5f:33:0b:ca:10:6d:5a:c7:1b:59:
73:31:af:97:a9:74:9f:e9:20:a3:d2:5f:8e:80:da:
3f:ff:0c:e4:21:df:ed:b4:d8:ed:20:a6:ba:66:88:
54:e2:19:61:d8:9a:35:b6:ea:e7:a8:2d:f4:33:92:
47:d6:e2:39:bf:fe:18:ec:f0:5e:3f:46:14:cb:a1:
c3:2a:bf:d7:aa:04:35:41:5e:89:1a:66:65:d3:1b:
f1:26:30:8e:08:c3:fe:12:81:92:cc:4e:aa:e4:4b:
39:ce:5a:a4:04:53:0f:a0:e8:77:a2:18:a3:5f:b1:
c8:dc:aa:ec:d9:ee:e7:b2:75:00:2c:6d:bd:39:65:
96:af:32:43:fa:7e:d7:cd:63:2b:35:82:66:2d:eb:
99:91:59:71:90:ff:48:d4:87:83:85:19:e5:38:bd:
9e:71:1b:1b:76:0d:19:89:7d:33:54:dc:a1:9f:db:
d5:a0:46:6d:87:f8:5a:01:b8:35:15:00:9f:67:75:
ee:d5:56:84:cd:12:fa:55:e6:04:fa:ec:46:dd:5b:
1b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:29:10:6C:FE:09:C4:7D:C5:B7:EA:9E:F3:BB:C4:E5:7A:E8:61:51
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/OCkQbP4JxH3Ft-qe87vE5XroYVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686::-2a06:9686:9ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
24:52:46:13:78:f4:48:7a:e0:94:b5:92:47:1d:a0:1e:93:e7:
57:84:d6:fe:51:73:28:90:ac:7c:0f:79:4a:98:f8:11:b2:94:
07:81:9f:31:4d:60:cc:db:e3:1d:84:21:92:27:e8:0a:c5:59:
74:88:eb:48:4c:6d:8d:b4:61:5b:88:d3:e4:cd:ac:12:4b:b7:
91:cf:26:10:a7:2e:fc:4e:0f:28:23:d7:da:aa:7c:7d:5a:05:
17:05:74:a2:03:7c:d2:b0:ec:82:17:46:f9:22:81:a8:ad:4f:
18:b5:cf:50:8e:dd:32:ed:65:5d:2c:4f:0e:47:72:87:8b:de:
03:51:06:3a:31:62:6b:7a:89:15:b9:ab:a3:e0:76:56:ef:02:
9e:b3:4a:74:80:88:24:c7:4b:d0:1e:11:f5:1c:40:70:11:ef:
ae:24:71:02:cb:d1:75:6c:4d:ac:a4:d0:ff:a4:25:7e:14:52:
19:d3:05:85:f3:9f:b7:68:b6:58:f6:15:c5:a4:2e:08:7d:18:
37:7b:1d:32:a8:8f:d4:2e:4a:12:45:80:ed:95:2a:d2:a2:6c:
87:0e:10:31:aa:30:50:67:79:7f:f0:c0:c9:30:a8:66:62:7b:
9a:3b:f2:ba:d8:a5:f7:bc:37:82:b9:5f:9d:04:5c:62:ec:77:
f6:7b:d4:45
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYclL6yFMYLvZkc/weIbb2fDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjMwMzI3MjIyODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI5MTA2Y2ZlMDljNDdkYzViN2VhOWVmM2JiYzRlNTdhZTg2MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NRjfWSWppQDN2MIxRKz78mkJi+0
sXQ2UDWw4GevbgcVwmscKv9U32v6UgTnhOSCK18zC8oQbVrHG1lzMa+XqXSf6SCj
0l+OgNo//wzkId/ttNjtIKa6ZohU4hlh2Jo1turnqC30M5JH1uI5v/4Y7PBeP0YU
y6HDKr/XqgQ1QV6JGmZl0xvxJjCOCMP+EoGSzE6q5Es5zlqkBFMPoOh3ohijX7HI
3Krs2e7nsnUALG29OWWWrzJD+n7XzWMrNYJmLeuZkVlxkP9I1IeDhRnlOL2ecRsb
dg0ZiX0zVNyhn9vVoEZth/haAbg1FQCfZ3Xu1VaEzRL6VeYE+uxG3VsbcQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDgpEGz+CcR9xbfqnvO7xOV66GFRMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvT0NrUWJQNEp4SDNGdC1xZTg3dkU1WHJvWVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARMA8DBQEqBpaG
AwYBKgaWhggwDQYJKoZIhvcNAQELBQADggEBACRSRhN49Eh64JS1kkcdoB6T51eE
1v5RcyiQrHwPeUqY+BGylAeBnzFNYMzb4x2EIZIn6ArFWXSI60hMbY20YVuI0+TN
rBJLt5HPJhCnLvxODygj19qqfH1aBRcFdKIDfNKw7IIXRvkigaitTxi1z1CO3TLt
ZV0sTw5HcoeL3gNRBjoxYmt6iRW5q6PgdlbvAp6zSnSAiCTHS9AeEfUcQHAR764k
cQLL0XVsTayk0P+kJX4UUhnTBYXzn7dotlj2FcWkLgh9GDd7HTKoj9QuShJFgO2V
KtKibIcOEDGqMFBneX/wwMkwqGZie5o78rrYpfe8N4K5X50EXGLsd/Z71EU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:12 2024 by rpki-client on console-ams.rpki-client.org