Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/5ea5f0-02d7-4b0f-b0b2-1b86177af0dd/1/ruQXw6yq46yQ8Izq3Hba-jiAh2Q.roa
File: ruQXw6yq46yQ8Izq3Hba-jiAh2Q.roa (raw, json)
Hash identifier: xAYTGr7jeiSc9hk5OQIcuSVN85GC2QaeC3ad1gGpubU=
Subject key identifier: AE:E4:17:C3:AC:AA:E3:AC:90:F0:8C:EA:DC:76:DA:FA:38:80:87:64
Certificate issuer: /CN=4691bfd3cfec5a1108f1c86854764e2b903d7888
Certificate serial: 018570DE61B88019FA6A5E04447952AFA61E
Authority key identifier: 46:91:BF:D3:CF:EC:5A:11:08:F1:C8:68:54:76:4E:2B:90:3D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RpG_08_sWhEI8choVHZOK5A9eIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/5ea5f0-02d7-4b0f-b0b2-1b86177af0dd/1/ruQXw6yq46yQ8Izq3Hba-jiAh2Q.roa
Signing time: Mon 02 Jan 2023 05:05:00 +0000
ROA not before: Mon 02 Jan 2023 05:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205597
IP address blocks: 2001:678:ad0::/48 maxlen: 48
2001:678:ad4::/48 maxlen: 48
2001:67c:2d00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:61:b8:80:19:fa:6a:5e:04:44:79:52:af:a6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4691bfd3cfec5a1108f1c86854764e2b903d7888
Validity
Not Before: Jan 2 05:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aee417c3acaae3ac90f08ceadc76dafa38808764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bb:49:47:a4:9d:56:8c:23:79:5a:69:6f:ee:
6b:98:bf:aa:68:63:ab:04:87:f9:6b:9a:77:f6:a4:
cf:0d:71:7a:e7:1e:6d:79:a5:9a:ed:59:61:52:6c:
5f:3e:25:54:1a:0f:13:21:98:01:6f:6d:c6:90:60:
dc:39:1c:18:86:69:06:5e:6c:72:23:1e:9a:ae:b4:
29:74:33:22:0d:6e:64:b0:89:99:d6:d6:ec:b8:f5:
22:c6:6b:8a:1e:56:79:48:ff:25:00:f0:c8:06:f1:
97:fc:03:2d:97:3f:1e:05:5f:6b:4a:9d:51:48:0f:
ff:4a:ba:c0:4b:4a:e0:25:0a:30:7b:56:94:34:fd:
2c:06:fc:21:7d:72:b0:a6:29:5a:60:79:a8:ac:ce:
5a:36:2d:91:63:e2:bf:d8:77:1c:7b:a5:47:c8:4f:
82:95:80:37:6e:1d:fb:b3:5d:6a:a6:f0:6a:5e:7a:
54:19:93:6d:39:1b:a1:21:a9:e9:63:ce:ec:3d:a5:
a1:a2:4a:37:ca:c9:ad:c4:61:19:8d:20:a5:eb:30:
8e:fa:17:7a:32:cf:b5:18:b1:31:7c:85:1b:4c:33:
73:77:e9:d9:b9:60:fc:22:67:60:23:1e:64:36:22:
0a:6d:20:57:63:f9:4c:01:18:df:1e:0e:c8:35:cf:
4c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E4:17:C3:AC:AA:E3:AC:90:F0:8C:EA:DC:76:DA:FA:38:80:87:64
X509v3 Authority Key Identifier:
keyid:46:91:BF:D3:CF:EC:5A:11:08:F1:C8:68:54:76:4E:2B:90:3D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RpG_08_sWhEI8choVHZOK5A9eIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5ea5f0-02d7-4b0f-b0b2-1b86177af0dd/1/ruQXw6yq46yQ8Izq3Hba-jiAh2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5ea5f0-02d7-4b0f-b0b2-1b86177af0dd/1/RpG_08_sWhEI8choVHZOK5A9eIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ad0::/48
2001:678:ad4::/48
2001:67c:2d00::/48
Signature Algorithm: sha256WithRSAEncryption
89:7f:6a:d0:9f:4d:b2:ce:3c:16:4f:4a:aa:30:6c:ef:ab:18:
c9:0b:11:a7:09:3c:9f:c5:37:d6:30:64:5a:c0:f6:33:eb:c0:
73:d9:3c:70:1c:a2:1a:80:c0:31:37:11:e2:82:3b:6d:19:d0:
5c:12:ca:1a:d2:56:4a:1b:f6:5c:5f:ab:d3:8d:ff:cd:cc:10:
bd:85:78:be:f8:c7:06:f9:30:bb:7c:3a:df:be:15:b3:5a:23:
a8:f9:ca:22:da:a9:cf:c6:56:4f:6b:76:7f:e8:1f:01:ee:b7:
f7:3e:d3:97:a7:30:b5:36:6b:29:4e:a0:97:d9:0f:ce:14:69:
d8:64:f6:81:d0:8c:34:23:a4:98:dd:ab:da:e0:f4:de:1e:2c:
80:34:9e:0b:45:57:5f:4f:a1:66:e0:67:ae:37:93:f5:db:02:
a0:00:13:c5:17:36:af:2d:64:01:f8:f3:d9:cd:32:c4:b3:04:
54:90:c9:b4:d7:8e:28:f2:24:5f:17:1a:7b:ae:56:67:0d:9b:
c5:7b:28:55:b2:be:ed:e5:90:9a:87:38:a3:83:4e:c9:a0:8e:
f4:46:52:48:ce:70:b5:37:15:b8:0d:58:f1:c2:34:f6:dc:88:
48:60:70:93:d8:89:45:5d:b4:1e:8e:be:7c:d2:97:ac:75:f3:
43:3f:2f:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw3mG4gBn6al4ERHlSr6YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OTFiZmQzY2ZlYzVhMTEwOGYxYzg2ODU0NzY0ZTJiOTAz
ZDc4ODgwHhcNMjMwMTAyMDUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWU0MTdjM2FjYWFlM2FjOTBmMDhjZWFkYzc2ZGFmYTM4ODA4NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrtJR6SdVowjeVppb+5rmL+qaGOr
BIf5a5p39qTPDXF65x5teaWa7VlhUmxfPiVUGg8TIZgBb23GkGDcORwYhmkGXmxy
Ix6arrQpdDMiDW5ksImZ1tbsuPUixmuKHlZ5SP8lAPDIBvGX/AMtlz8eBV9rSp1R
SA//SrrAS0rgJQowe1aUNP0sBvwhfXKwpilaYHmorM5aNi2RY+K/2Hcce6VHyE+C
lYA3bh37s11qpvBqXnpUGZNtORuhIanpY87sPaWhoko3ysmtxGEZjSCl6zCO+hd6
Ms+1GLExfIUbTDNzd+nZuWD8ImdgIx5kNiIKbSBXY/lMARjfHg7INc9MOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK7kF8OsquOskPCM6tx22vo4gIdkMB8GA1UdIwQY
MBaAFEaRv9PP7FoRCPHIaFR2TiuQPXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnBHXzA4X3NXaEVJOGNob1ZIWk9LNUE5ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81ZWE1ZjAtMDJkNy00YjBmLWIwYjIt
MWI4NjE3N2FmMGRkLzEvcnVRWHc2eXE0NnlROEl6cTNIYmEtamlBaDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81ZWE1ZjAtMDJkNy00YjBmLWIwYjItMWI4NjE3N2FmMGRk
LzEvUnBHXzA4X3NXaEVJOGNob1ZIWk9LNUE5ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeArQ
AwcAIAEGeArUAwcAIAEGfC0AMA0GCSqGSIb3DQEBCwUAA4IBAQCJf2rQn02yzjwW
T0qqMGzvqxjJCxGnCTyfxTfWMGRawPYz68Bz2TxwHKIagMAxNxHigjttGdBcEsoa
0lZKG/ZcX6vTjf/NzBC9hXi++McG+TC7fDrfvhWzWiOo+coi2qnPxlZPa3Z/6B8B
7rf3PtOXpzC1NmspTqCX2Q/OFGnYZPaB0Iw0I6SY3ava4PTeHiyANJ4LRVdfT6Fm
4GeuN5P12wKgABPFFzavLWQB+PPZzTLEswRUkMm0144o8iRfFxp7rlZnDZvFeyhV
sr7t5ZCahzijg07JoI70RlJIznC1NxW4DVjxwjT23IhIYHCT2IlFXbQejr580pes
dfNDPy+M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:11 2024 by rpki-client on console-ams.rpki-client.org