Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/0kaTuJL9rN0uPFytQTVMpeWLltQ.roa
File: 0kaTuJL9rN0uPFytQTVMpeWLltQ.roa (raw, json)
Hash identifier: MT6tW5IWSVJstL9rsEgO8mgFPawT2B1VceMbKoh8Bzg=
Subject key identifier: D2:46:93:B8:92:FD:AC:DD:2E:3C:5C:AD:41:35:4C:A5:E5:8B:96:D4
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 018B23E869876FF67144824E6E0599AECBC8
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/0kaTuJL9rN0uPFytQTVMpeWLltQ.roa
Signing time: Thu 12 Oct 2023 12:41:55 +0000
ROA not before: Thu 12 Oct 2023 12:41:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 128.0.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:e8:69:87:6f:f6:71:44:82:4e:6e:05:99:ae:cb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Oct 12 12:41:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d24693b892fdacdd2e3c5cad41354ca5e58b96d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b3:3f:64:07:a2:3d:8f:2a:27:01:d0:af:94:
fd:ba:fa:65:21:d7:78:35:ed:3e:fc:49:40:5a:3e:
50:29:2f:76:ec:51:a7:b1:19:aa:92:24:8d:7a:fb:
b0:c1:09:ef:74:c7:be:a7:e9:02:3c:45:fa:12:2a:
f9:d9:88:f7:b8:00:1c:10:cb:06:20:d6:ef:d5:83:
eb:4e:da:ce:57:56:78:7d:df:26:c2:9e:c3:b8:3d:
b0:91:2c:df:4c:32:61:1e:bd:51:77:da:9b:13:43:
c9:d5:fe:44:0f:09:9a:6c:c0:fe:e9:93:b2:3b:1a:
2e:39:59:9f:83:0e:d5:7d:c4:27:00:12:99:dd:68:
82:d6:50:c0:e9:f4:46:2c:15:ec:4b:d3:ab:a4:47:
7a:86:4a:e5:a8:cb:79:8d:c6:16:01:9a:a7:9d:33:
ea:7f:35:c4:c0:dc:1c:37:ac:68:9e:67:84:da:67:
7b:a9:7b:bb:fe:44:95:a4:3e:37:c9:71:bc:dd:b3:
dd:56:64:c1:ce:86:37:24:88:10:c9:a6:ef:cd:34:
55:c0:9e:8c:3d:a8:b6:7a:d1:43:d3:80:d4:48:f7:
3b:90:09:17:c8:b0:0c:26:24:ba:be:ff:a8:9a:9f:
00:bc:ad:8c:3d:f7:f0:a2:bc:a3:76:e9:95:12:d9:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:46:93:B8:92:FD:AC:DD:2E:3C:5C:AD:41:35:4C:A5:E5:8B:96:D4
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/0kaTuJL9rN0uPFytQTVMpeWLltQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.45.0/24
Signature Algorithm: sha256WithRSAEncryption
11:bf:95:00:a2:27:84:06:63:7b:72:d9:b3:a6:13:b1:f8:52:
2d:67:96:92:54:3c:a3:c2:92:90:c5:07:6b:21:75:79:b1:10:
8c:21:ef:1a:35:4f:e4:e9:50:e3:31:e8:c6:b5:87:8c:c6:04:
15:c5:2c:c6:05:23:1e:ed:4d:b0:04:5b:cc:26:67:32:94:5a:
31:e8:6b:43:43:8d:79:0d:ce:00:f5:36:fc:9f:e8:fb:d8:3b:
c2:42:cd:bc:e7:4d:c0:21:73:3c:42:dd:d2:9d:7d:67:a8:05:
5b:ad:21:6d:57:26:e7:70:59:44:1a:d8:ce:99:21:0f:76:ad:
aa:da:51:68:1e:9d:96:57:51:f3:b0:75:72:71:46:5d:16:b6:
41:d9:17:c3:fe:e8:55:13:ba:e1:69:35:95:a9:3f:82:7b:1a:
1c:7d:c5:ee:81:44:19:f3:78:85:44:46:13:2b:81:e2:ca:12:
c6:87:2b:1b:df:23:a0:7e:22:5f:b6:a4:a6:90:cb:99:42:af:
5d:a9:40:05:e0:5b:f8:e7:69:12:9b:b9:a0:13:f0:ab:78:c0:
65:aa:56:59:f7:49:48:76:1a:16:13:e1:0a:4f:2b:7d:a4:89:
c2:ee:82:06:df:a7:e2:9d:14:56:31:b4:a8:c2:57:fe:b6:12:
ff:c3:1b:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsj6GmHb/ZxRIJObgWZrsvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjMxMDEyMTI0MTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQ2OTNiODkyZmRhY2RkMmUzYzVjYWQ0MTM1NGNhNWU1OGI5NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrM/ZAeiPY8qJwHQr5T9uvplIdd4
Ne0+/ElAWj5QKS927FGnsRmqkiSNevuwwQnvdMe+p+kCPEX6Eir52Yj3uAAcEMsG
INbv1YPrTtrOV1Z4fd8mwp7DuD2wkSzfTDJhHr1Rd9qbE0PJ1f5EDwmabMD+6ZOy
OxouOVmfgw7VfcQnABKZ3WiC1lDA6fRGLBXsS9OrpEd6hkrlqMt5jcYWAZqnnTPq
fzXEwNwcN6xonmeE2md7qXu7/kSVpD43yXG83bPdVmTBzoY3JIgQyabvzTRVwJ6M
Pai2etFD04DUSPc7kAkXyLAMJiS6vv+omp8AvK2MPffworyjdumVEtkD0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJGk7iS/azdLjxcrUE1TKXli5bUMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvMGthVHVKTDlyTjB1UEZ5dFFUVk1wZVdMbHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAAtMA0G
CSqGSIb3DQEBCwUAA4IBAQARv5UAoieEBmN7ctmzphOx+FItZ5aSVDyjwpKQxQdr
IXV5sRCMIe8aNU/k6VDjMejGtYeMxgQVxSzGBSMe7U2wBFvMJmcylFox6GtDQ415
Dc4A9Tb8n+j72DvCQs28503AIXM8Qt3SnX1nqAVbrSFtVybncFlEGtjOmSEPdq2q
2lFoHp2WV1HzsHVycUZdFrZB2RfD/uhVE7rhaTWVqT+CexocfcXugUQZ83iFREYT
K4HiyhLGhysb3yOgfiJftqSmkMuZQq9dqUAF4Fv452kSm7mgE/CreMBlqlZZ90lI
dhoWE+EKTyt9pInC7oIG36finRRWMbSowlf+thL/wxv6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:42 2024 by rpki-client on console-ams.rpki-client.org