Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AO1ykbJwFKmACynE0sPbaeURHJg.roa
File: AO1ykbJwFKmACynE0sPbaeURHJg.roa (raw, json)
Hash identifier: tjNeu+QxhgX6hGvSaBTIQ+dxStoRxaDk65XQTtNBx9Q=
Subject key identifier: 00:ED:72:91:B2:70:14:A9:80:0B:29:C4:D2:C3:DB:69:E5:11:1C:98
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018CC4938D5427E0CADFBBAE6442361DCE23
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AO1ykbJwFKmACynE0sPbaeURHJg.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42861
IP address blocks: 2a00:1e68:112::/48 maxlen: 128
2a00:1e68:100::/48 maxlen: 128
2a00:1e68:100::/47 maxlen: 128
2a00:1e68:101::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 10 Apr 2024 15:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:54:27:e0:ca:df:bb:ae:64:42:36:1d:ce:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00ed7291b27014a9800b29c4d2c3db69e5111c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:c5:59:48:ba:99:91:95:ee:02:30:35:32:
58:41:f0:40:1d:00:5a:19:16:03:9b:7f:93:29:71:
79:77:cd:59:bf:1b:d3:c1:12:8d:84:5c:88:02:1b:
42:73:eb:b3:49:ed:9c:f6:00:e9:cf:7d:1c:af:ee:
dc:7c:b9:24:83:42:c3:51:e5:8a:41:5b:af:f5:a1:
6d:cb:90:44:3d:90:87:d9:e9:02:22:6f:07:19:27:
1d:fd:cb:d7:9d:88:92:c7:e9:19:7a:e0:6b:40:f1:
71:f5:c5:78:59:24:3b:d7:6f:e2:c9:8e:86:fc:57:
05:07:0f:1f:80:18:87:97:b2:2a:77:03:30:17:14:
6b:0a:1b:d0:d6:ba:4b:c7:67:b4:5d:42:88:6b:75:
9f:6b:18:ec:3d:b7:0d:bb:06:9d:01:78:73:a3:58:
4e:75:df:95:4e:3b:f2:de:05:cc:f8:12:ee:2b:8e:
b2:ad:ca:65:3b:0d:42:6d:06:4d:2f:d5:0c:f5:45:
52:78:58:bc:ed:1f:9f:43:d6:4a:84:bf:91:51:88:
fe:42:97:9f:d5:5a:fe:e8:eb:4d:c4:01:20:aa:71:
37:6e:50:04:cd:8f:0f:d4:b4:23:7f:2a:27:8a:9c:
c1:03:13:c3:86:ce:d8:dd:e6:7f:c1:b1:cb:ea:05:
7a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:ED:72:91:B2:70:14:A9:80:0B:29:C4:D2:C3:DB:69:E5:11:1C:98
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/AO1ykbJwFKmACynE0sPbaeURHJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1e68:100::/47
2a00:1e68:112::/48
Signature Algorithm: sha256WithRSAEncryption
2c:a3:a3:54:b2:5e:50:43:79:4e:0b:15:12:14:18:34:0f:79:
54:de:ce:23:5c:c4:2c:16:76:19:cb:eb:52:b1:bc:ec:6f:17:
ab:b7:c4:02:b2:62:83:fe:73:10:6d:2b:1f:06:4d:ed:2b:d6:
d8:50:39:3e:5c:49:c7:a3:ba:ca:96:50:95:ff:33:b5:da:0d:
04:df:d6:71:9a:34:ea:4f:ba:a1:12:e0:4c:9c:c1:c0:41:a5:
bc:bf:2e:d7:5c:85:54:ed:17:5f:d0:40:f5:ea:00:f8:ba:06:
00:c9:db:df:9e:82:92:e0:60:52:8c:3f:a8:bf:0e:47:ea:ce:
3a:17:58:05:b3:2c:73:97:9e:fe:fa:4e:bd:e4:8c:c7:0a:ad:
79:b7:91:45:7d:b7:6b:65:4f:43:a1:08:e9:7a:e9:a5:eb:3a:
11:57:5f:7b:f4:f1:5b:8b:6c:0f:e0:d0:97:3e:5b:c8:ba:d5:
28:eb:e8:39:03:51:27:56:e7:15:6d:61:ed:5a:55:87:12:da:
0a:90:48:c7:42:f3:3c:14:0a:03:db:05:de:75:b4:9a:c0:f3:
e1:fd:dc:95:11:72:d7:77:42:1d:fb:cb:d6:dd:6f:be:af:7f:
1b:7a:d6:32:62:56:b0:b6:bc:03:f7:ef:6c:8f:96:19:f3:6f:
b4:de:eb:b4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzEk41UJ+DK37uuZEI2Hc4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVkNzI5MWIyNzAxNGE5ODAwYjI5YzRkMmMzZGI2OWU1MTExYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTnFWUi6mZGV7gIwNTJYQfBAHQBa
GRYDm3+TKXF5d81ZvxvTwRKNhFyIAhtCc+uzSe2c9gDpz30cr+7cfLkkg0LDUeWK
QVuv9aFty5BEPZCH2ekCIm8HGScd/cvXnYiSx+kZeuBrQPFx9cV4WSQ712/iyY6G
/FcFBw8fgBiHl7IqdwMwFxRrChvQ1rpLx2e0XUKIa3WfaxjsPbcNuwadAXhzo1hO
dd+VTjvy3gXM+BLuK46yrcplOw1CbQZNL9UM9UVSeFi87R+fQ9ZKhL+RUYj+Qpef
1Vr+6OtNxAEgqnE3blAEzY8P1LQjfyonipzBAxPDhs7Y3eZ/wbHL6gV67QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFADtcpGycBSpgAspxNLD22nlERyYMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL0FPMXlrYkp3RkttQUN5bkUwc1BiYWVVUkhKZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIDBwEqAB5o
AQADBwAqAB5oARIwDQYJKoZIhvcNAQELBQADggEBACyjo1SyXlBDeU4LFRIUGDQP
eVTeziNcxCwWdhnL61KxvOxvF6u3xAKyYoP+cxBtKx8GTe0r1thQOT5cScejusqW
UJX/M7XaDQTf1nGaNOpPuqES4EycwcBBpby/LtdchVTtF1/QQPXqAPi6BgDJ29+e
gpLgYFKMP6i/DkfqzjoXWAWzLHOXnv76Tr3kjMcKrXm3kUV9t2tlT0OhCOl66aXr
OhFXX3v08VuLbA/g0Jc+W8i61Sjr6DkDUSdW5xVtYe1aVYcS2gqQSMdC8zwUCgPb
Bd51tJrA8+H93JURctd3Qh37y9bdb76vfxt61jJiVrC2vAP372yPlhnzb7Te67Q=
-----END CERTIFICATE-----
Generated at Wed Apr 10 19:33:13 2024 by rpki-client on console-fra.rpki-client.org