Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/joqKJzZbziMGPrghwl-2-EXQo3g.roa
File: joqKJzZbziMGPrghwl-2-EXQo3g.roa (raw, json)
Hash identifier: Iz2CsVwTDNfEBeqpdarkWxH2/H84YYeWeuwLIaaHEqU=
Subject key identifier: 8E:8A:8A:27:36:5B:CE:23:06:3E:B8:21:C2:5F:B6:F8:45:D0:A3:78
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CEC3ABA4E6D7D36E30426CCA4A790D1C1
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/joqKJzZbziMGPrghwl-2-EXQo3g.roa
Signing time: Tue 09 Jan 2024 03:18:40 +0000
ROA not before: Tue 09 Jan 2024 03:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48503
IP address blocks: 2a03:32c0:5001::/48 maxlen: 48
2a03:32c0:5002::/48 maxlen: 48
2a03:32c0:5000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 04:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ec:3a:ba:4e:6d:7d:36:e3:04:26:cc:a4:a7:90:d1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 9 03:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e8a8a27365bce23063eb821c25fb6f845d0a378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f7:94:00:90:44:ae:47:d5:16:d3:d6:94:41:
50:eb:0b:a9:c1:1e:83:bd:24:7e:7a:96:ba:00:aa:
fe:6a:55:bb:0c:4e:75:12:fa:07:5d:81:9d:74:d1:
48:16:23:c2:0d:7e:9a:bf:a3:4d:f5:97:35:b9:88:
3b:6e:c8:c8:ff:65:21:e4:d7:68:62:68:23:66:7a:
7a:0e:e5:fe:c3:d8:f1:99:a5:59:71:0b:f9:19:d9:
de:0f:fa:fa:6b:d7:31:52:c3:42:21:9a:74:99:8c:
31:b2:7e:20:ce:8b:8e:16:8a:3f:0b:90:9b:52:bb:
b3:2b:5c:be:3b:8b:7c:06:68:e1:71:8b:52:65:17:
a8:be:59:94:11:94:f1:13:63:2d:90:c7:02:91:fb:
0f:dc:ca:48:db:aa:4a:32:10:ad:92:ee:32:95:df:
8d:f2:42:aa:16:d8:5a:b7:ca:1d:ab:22:e6:12:c5:
68:41:60:f7:00:15:21:d4:68:34:3c:97:07:38:b2:
06:38:22:68:2d:61:67:16:9e:e7:33:99:ff:c8:a2:
89:44:f8:cf:cc:49:1e:e7:8f:93:5d:ad:52:9a:22:
ab:29:3d:77:ca:db:f0:d8:af:79:c6:a7:c2:86:41:
dc:70:79:fa:41:1f:24:49:a4:76:17:c3:d9:57:c1:
37:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8A:8A:27:36:5B:CE:23:06:3E:B8:21:C2:5F:B6:F8:45:D0:A3:78
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/joqKJzZbziMGPrghwl-2-EXQo3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:32c0:5000::-2a03:32c0:5002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:45:8b:4e:c2:02:27:bc:06:42:cb:e3:49:8e:d1:30:14:ee:
d9:83:a1:c6:5a:87:81:05:5b:64:1e:b1:01:05:05:7e:13:88:
cc:c1:2f:52:2c:b2:2f:f6:f4:5c:32:09:5b:7d:a5:10:92:bb:
02:6c:a1:94:f5:69:44:ee:ba:10:f4:d2:f7:d2:0c:53:60:97:
70:1c:02:55:f8:54:0e:8b:ed:52:10:d3:03:fe:3e:68:5b:4e:
e9:02:10:3b:37:71:74:a6:65:bf:2a:89:80:e9:bc:9f:ed:33:
86:d7:5f:22:8c:29:7b:90:5f:ba:29:ba:d7:38:00:90:2d:4e:
36:f3:dd:78:93:29:3c:69:28:c3:88:33:96:99:ab:83:41:f4:
04:00:cf:73:8a:1a:f8:e5:26:f4:7e:23:17:80:a2:aa:bd:de:
ba:b5:96:c8:a2:b1:d5:23:8f:7a:dd:68:99:a5:13:12:48:e6:
d3:b4:04:84:17:6f:da:be:ba:f5:01:2a:aa:67:a3:86:cc:88:
b1:4d:67:96:ab:ca:b0:ca:9b:53:b6:1d:e7:a7:b0:ef:68:15:
c9:fd:87:84:54:97:f4:60:e9:12:69:d2:db:47:6a:d7:4c:b8:
a9:a5:0d:f2:08:d9:3f:9e:a3:86:5b:13:6f:08:ac:02:2a:82:
70:0e:30:65
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzsOrpObX024wQmzKSnkNHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTA5MDMxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZThhOGEyNzM2NWJjZTIzMDYzZWI4MjFjMjVmYjZmODQ1ZDBhMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPeUAJBErkfVFtPWlEFQ6wupwR6D
vSR+epa6AKr+alW7DE51EvoHXYGddNFIFiPCDX6av6NN9Zc1uYg7bsjI/2Uh5Ndo
YmgjZnp6DuX+w9jxmaVZcQv5GdneD/r6a9cxUsNCIZp0mYwxsn4gzouOFoo/C5Cb
UruzK1y+O4t8BmjhcYtSZReovlmUEZTxE2MtkMcCkfsP3MpI26pKMhCtku4yld+N
8kKqFthat8odqyLmEsVoQWD3ABUh1Gg0PJcHOLIGOCJoLWFnFp7nM5n/yKKJRPjP
zEke54+TXa1SmiKrKT13ytvw2K95xqfChkHccHn6QR8kSaR2F8PZV8E3HwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI6Kiic2W84jBj64IcJftvhF0KN4MB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvam9xS0p6WmJ6aU1HUHJnaHdsLTItRVhRbzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgQqAzLA
UAMHACoDMsBQAjANBgkqhkiG9w0BAQsFAAOCAQEAZkWLTsICJ7wGQsvjSY7RMBTu
2YOhxlqHgQVbZB6xAQUFfhOIzMEvUiyyL/b0XDIJW32lEJK7AmyhlPVpRO66EPTS
99IMU2CXcBwCVfhUDovtUhDTA/4+aFtO6QIQOzdxdKZlvyqJgOm8n+0zhtdfIowp
e5Bfuim61zgAkC1ONvPdeJMpPGkow4gzlpmrg0H0BADPc4oa+OUm9H4jF4Ciqr3e
urWWyKKx1SOPet1omaUTEkjm07QEhBdv2r669QEqqmejhsyIsU1nlqvKsMqbU7Yd
56ew72gVyf2HhFSX9GDpEmnS20dq10y4qaUN8gjZP56jhlsTbwisAiqCcA4wZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org