Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/2SnBFiS4FltwTHEpd7y1j5u0-os.roa
File: 2SnBFiS4FltwTHEpd7y1j5u0-os.roa (raw, json)
Hash identifier: +LR9U3XDdogu70HK31ScFOaswsbZrcLgqBJt27H4OsI=
Subject key identifier: D9:29:C1:16:24:B8:16:5B:70:4C:71:29:77:BC:B5:8F:9B:B4:FA:8B
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 018CC5DD441348EA34ADF68564D7E8B41691
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/2SnBFiS4FltwTHEpd7y1j5u0-os.roa
Signing time: Mon 01 Jan 2024 16:31:01 +0000
ROA not before: Mon 01 Jan 2024 16:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51844
IP address blocks: 2a13:3c0:103::/48 maxlen: 48
2a13:3c0:101::/48 maxlen: 48
2a13:3c0:104::/48 maxlen: 48
2a13:3c0:102::/48 maxlen: 48
2a13:3c0:105::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:44:13:48:ea:34:ad:f6:85:64:d7:e8:b4:16:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 1 16:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d929c11624b8165b704c712977bcb58f9bb4fa8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4f:72:ac:bf:a3:a5:77:59:d6:f5:9e:fa:45:
b0:60:dd:2f:81:2a:e1:16:9e:7c:7e:4b:52:7c:b3:
aa:ce:e8:65:70:cc:c6:e5:51:d1:cb:25:1f:25:54:
c0:4e:db:78:f0:b2:02:1e:d3:db:1e:a7:d2:4d:77:
42:af:24:25:bf:1a:32:6b:1a:bd:e3:fd:db:0f:e3:
09:09:74:21:1d:91:5a:7d:b4:e9:e8:8e:65:e3:b1:
bc:31:dd:d1:d5:66:10:ae:37:fa:30:cc:a1:f3:50:
66:e7:a3:38:3d:7c:45:76:50:32:cc:5d:df:3f:49:
e7:90:9d:62:fd:84:8f:6f:f9:e3:86:08:e1:8d:24:
9f:f1:17:0f:6c:8b:8d:27:86:8f:50:3c:58:82:da:
5a:29:7e:8c:b1:7d:df:c1:fb:a7:e2:ee:b2:87:97:
18:34:f3:68:fd:05:31:0e:9e:c9:aa:1e:a7:16:a2:
5d:79:36:8e:f9:c4:c5:a6:3b:61:d7:18:ff:a8:da:
0f:00:ec:6b:ae:d5:f5:2c:ca:15:08:a8:d9:24:c2:
30:1a:20:40:b5:d4:41:ab:5d:fa:8e:f9:ac:19:7e:
83:cf:56:f4:42:d7:99:15:4d:e2:39:99:49:9b:fc:
9a:ce:89:f9:d9:26:26:c1:ac:b4:fd:37:ab:33:e3:
ca:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:29:C1:16:24:B8:16:5B:70:4C:71:29:77:BC:B5:8F:9B:B4:FA:8B
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/2SnBFiS4FltwTHEpd7y1j5u0-os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3c0:101::-2a13:3c0:105:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:98:8e:ee:08:08:ed:99:2a:67:49:69:b3:3a:bc:ad:6e:fb:
4e:a4:da:c9:86:43:4a:6b:f6:f8:29:46:4c:9c:e5:eb:3b:60:
22:9a:ae:c4:89:af:56:31:35:05:74:9d:92:2a:43:de:7f:8d:
b6:70:0a:81:ca:23:3c:7a:58:c9:bb:fc:59:80:0b:5a:a8:5f:
b9:f1:05:48:35:41:56:ab:bf:e6:89:ba:b1:c6:e7:bf:26:96:
80:a3:fa:3a:f7:3a:c7:1b:7a:67:35:b8:18:04:14:1f:71:5b:
dc:d4:03:74:58:5e:eb:8c:bb:ec:2b:2c:a2:a6:61:63:2c:4b:
fa:fc:3b:e8:d6:20:04:c0:e9:a9:4b:e7:e0:36:8d:46:b1:61:
17:dd:7d:51:88:8b:ac:7c:93:6a:c4:fd:01:01:04:0f:fb:59:
a6:f8:d6:a5:ea:6a:78:0e:a7:94:44:99:41:dd:70:d1:3f:57:
c1:2c:d0:fd:2e:55:29:cf:a9:87:8b:e1:f8:12:f4:6c:06:bb:
fe:aa:56:ea:fa:c3:ea:d8:be:0b:8a:2c:5d:91:93:11:54:b1:
e3:16:5e:63:70:a7:e9:20:6c:7f:a6:b3:a3:53:89:ff:95:1e:
09:43:3f:56:28:6b:c5:6f:65:1f:6e:85:ab:31:26:c6:48:46:
eb:e6:5e:f1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3UQTSOo0rfaFZNfotBaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjQwMTAxMTYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI5YzExNjI0YjgxNjViNzA0YzcxMjk3N2JjYjU4ZjliYjRmYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU9yrL+jpXdZ1vWe+kWwYN0vgSrh
Fp58fktSfLOqzuhlcMzG5VHRyyUfJVTATtt48LICHtPbHqfSTXdCryQlvxoyaxq9
4/3bD+MJCXQhHZFafbTp6I5l47G8Md3R1WYQrjf6MMyh81Bm56M4PXxFdlAyzF3f
P0nnkJ1i/YSPb/njhgjhjSSf8RcPbIuNJ4aPUDxYgtpaKX6MsX3fwfun4u6yh5cY
NPNo/QUxDp7Jqh6nFqJdeTaO+cTFpjth1xj/qNoPAOxrrtX1LMoVCKjZJMIwGiBA
tdRBq136jvmsGX6Dz1b0QteZFU3iOZlJm/yazon52SYmway0/TerM+PKhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNkpwRYkuBZbcExxKXe8tY+btPqLMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvMlNuQkZpUzRGbHR3VEhFcGQ3eTFqNXUwLW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEwPA
AQEDBwEqEwPAAQQwDQYJKoZIhvcNAQELBQADggEBAH6Yju4ICO2ZKmdJabM6vK1u
+06k2smGQ0pr9vgpRkyc5es7YCKarsSJr1YxNQV0nZIqQ95/jbZwCoHKIzx6WMm7
/FmAC1qoX7nxBUg1QVarv+aJurHG578mloCj+jr3Oscbemc1uBgEFB9xW9zUA3RY
XuuMu+wrLKKmYWMsS/r8O+jWIATA6alL5+A2jUaxYRfdfVGIi6x8k2rE/QEBBA/7
Wab41qXqangOp5REmUHdcNE/V8Es0P0uVSnPqYeL4fgS9GwGu/6qVur6w+rYvguK
LF2RkxFUseMWXmNwp+kgbH+ms6NTif+VHglDP1Yoa8VvZR9uhasxJsZIRuvmXvE=
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:19:06 2024 by rpki-client on console-fra.rpki-client.org