Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/0m8tZg4OSJ6WnSJlp4n2AD1v3Ys.roa
File: 0m8tZg4OSJ6WnSJlp4n2AD1v3Ys.roa (raw, json)
Hash identifier: saMZKYdQci2Kf+4gqMCnmII7i9eNfZ+bU/lSTR02q8Y=
Subject key identifier: D2:6F:2D:66:0E:0E:48:9E:96:9D:22:65:A7:89:F6:00:3D:6F:DD:8B
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018AFA5F82455F8CD90D47EE5E027F664E3F
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/0m8tZg4OSJ6WnSJlp4n2AD1v3Ys.roa
Signing time: Wed 04 Oct 2023 11:07:57 +0000
ROA not before: Wed 04 Oct 2023 11:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
2a06:f940::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 11 Oct 2023 10:14:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:5f:82:45:5f:8c:d9:0d:47:ee:5e:02:7f:66:4e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Oct 4 11:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d26f2d660e0e489e969d2265a789f6003d6fdd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:dd:9d:9e:ff:ac:6c:4e:1f:20:c5:7d:61:
1b:71:78:2e:db:95:56:c5:37:bb:c0:e4:6e:e4:ab:
d6:6e:53:cb:8b:a8:56:40:09:23:5f:20:a2:f9:cf:
e0:85:a0:16:be:24:3d:cd:88:c2:6f:a7:f0:93:ea:
ff:df:7d:ea:b2:24:d1:4c:e9:7a:df:e0:03:8b:03:
ec:2e:0c:43:da:2c:99:66:18:97:a2:aa:91:25:ce:
e2:78:7a:aa:f9:a5:1c:db:ef:76:f3:04:4a:d2:4a:
e7:e5:8b:f6:a9:50:94:6c:3e:fd:33:13:f0:19:b9:
8a:8d:b5:dd:e5:e8:5b:f8:06:60:37:ff:44:42:f0:
96:74:4e:6a:7f:3f:6c:44:a9:9d:ee:9d:b8:53:1c:
1d:dd:0f:f4:22:71:76:5e:85:a6:09:08:0c:ee:51:
12:31:61:ac:9a:bb:50:bc:1e:73:e2:41:63:94:2d:
25:2c:bf:aa:57:f5:0b:d9:6a:f8:d4:9b:1f:78:95:
2b:17:01:8e:e0:8d:50:18:49:f5:44:7d:0e:f4:87:
0c:0e:e1:36:c4:85:55:11:70:cf:e6:a3:4e:e2:83:
79:e2:28:6f:99:a5:e8:64:af:69:1c:d1:34:4e:10:
7c:b5:95:82:d4:cc:3f:06:d4:b6:9e:6e:8f:3d:d3:
f4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6F:2D:66:0E:0E:48:9E:96:9D:22:65:A7:89:F6:00:3D:6F:DD:8B
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/0m8tZg4OSJ6WnSJlp4n2AD1v3Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
IPv6:
2a06:f940::/30
Signature Algorithm: sha256WithRSAEncryption
aa:bd:61:44:a3:04:3b:e9:45:b6:4b:5e:d8:36:a5:42:d8:fc:
fe:71:57:02:97:42:98:29:8b:20:d8:21:92:22:99:82:e1:8b:
54:11:5a:d5:41:cd:55:4d:98:ae:f4:83:50:be:5f:24:61:0c:
22:ab:7f:c2:dc:e0:13:ac:41:86:09:6a:56:dc:17:7d:e3:dd:
21:56:f7:de:82:7f:22:b4:74:ef:24:65:e9:5f:10:e5:17:b3:
03:3d:c6:c9:dd:b1:41:e9:7a:da:83:93:9f:15:a0:fe:d0:9c:
fc:03:80:a2:18:6f:74:6b:36:41:9a:ea:6b:47:2d:1b:d9:15:
73:60:10:99:c8:67:b7:48:13:52:4f:5f:0f:b1:74:3a:0a:c9:
fd:31:6e:1d:de:5f:32:32:c8:e8:fc:28:e9:b2:b6:03:0f:a8:
89:9c:77:f7:87:df:a5:d7:80:95:e5:89:8f:4d:1c:87:57:72:
12:5f:e7:f3:33:bd:aa:68:62:c3:34:0a:5b:ba:bb:c7:3e:0a:
9d:bb:cd:93:9b:1d:f9:04:ae:03:40:bd:4d:c7:57:84:3f:90:
d7:1a:e1:d0:02:6d:09:35:74:69:74:90:c6:53:0b:fb:48:bf:
f4:ab:ad:5c:36:72:7c:67:bd:c8:21:da:22:3f:6c:01:08:e6:
81:57:86:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr6X4JFX4zZDUfuXgJ/Zk4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjMxMDA0MTEwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZmMmQ2NjBlMGU0ODllOTY5ZDIyNjVhNzg5ZjYwMDNkNmZkZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhrdnZ7/rGxOHyDFfWEbcXgu25VW
xTe7wORu5KvWblPLi6hWQAkjXyCi+c/ghaAWviQ9zYjCb6fwk+r/333qsiTRTOl6
3+ADiwPsLgxD2iyZZhiXoqqRJc7ieHqq+aUc2+928wRK0krn5Yv2qVCUbD79MxPw
GbmKjbXd5ehb+AZgN/9EQvCWdE5qfz9sRKmd7p24Uxwd3Q/0InF2XoWmCQgM7lES
MWGsmrtQvB5z4kFjlC0lLL+qV/UL2Wr41JsfeJUrFwGO4I1QGEn1RH0O9IcMDuE2
xIVVEXDP5qNO4oN54ihvmaXoZK9pHNE0ThB8tZWC1Mw/BtS2nm6PPdP0gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJvLWYODkielp0iZaeJ9gA9b92LMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xLzBtOHRaZzRPU0o2V25TSmxwNG4yQUQxdjNZcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAG80MQw
DQQCAAIwBwMFAioG+UAwDQYJKoZIhvcNAQELBQADggEBAKq9YUSjBDvpRbZLXtg2
pULY/P5xVwKXQpgpiyDYIZIimYLhi1QRWtVBzVVNmK70g1C+XyRhDCKrf8Lc4BOs
QYYJalbcF33j3SFW996CfyK0dO8kZelfEOUXswM9xsndsUHpetqDk58VoP7QnPwD
gKIYb3RrNkGa6mtHLRvZFXNgEJnIZ7dIE1JPXw+xdDoKyf0xbh3eXzIyyOj8KOmy
tgMPqImcd/eH36XXgJXliY9NHIdXchJf5/MzvapoYsM0Clu6u8c+Cp27zZObHfkE
rgNAvU3HV4Q/kNca4dACbQk1dGl0kMZTC/tIv/SrrVw2cnxnvcgh2iI/bAEI5oFX
hj8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org