Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/ocamT5bPdFtp52fvriSocSDgg-I.roa
File: ocamT5bPdFtp52fvriSocSDgg-I.roa (raw, json)
Hash identifier: f/e1a0v7p23G4M6YKx53frFBzkrMjcXeUzbOceWLmGE=
Subject key identifier: A1:C6:A6:4F:96:CF:74:5B:69:E7:67:EF:AE:24:A8:71:20:E0:83:E2
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018BAEB14D97B4EB85E699C03C0A0D161C2F
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/ocamT5bPdFtp52fvriSocSDgg-I.roa
Signing time: Wed 08 Nov 2023 11:28:57 +0000
ROA not before: Wed 08 Nov 2023 11:28:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56694
IP address blocks: 2a11:68c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:b1:4d:97:b4:eb:85:e6:99:c0:3c:0a:0d:16:1c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Nov 8 11:28:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c6a64f96cf745b69e767efae24a87120e083e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0d:78:5e:66:fc:2b:d3:9f:91:4f:23:21:96:
3d:d7:70:f3:b9:da:ec:02:6c:fe:e4:a7:7c:e4:6a:
2e:94:57:44:f2:f6:9a:a6:11:4c:9d:92:da:b2:da:
10:c0:67:4f:fb:0e:47:7e:f9:c8:97:cf:b0:1e:59:
15:99:38:36:c8:13:f8:7e:b8:d6:dd:94:e9:83:8a:
27:ae:87:8e:0f:bf:36:61:88:18:11:5c:43:0f:b2:
25:a2:ec:a1:aa:6f:2f:63:92:4f:b2:1a:17:71:00:
f6:d1:01:ef:f9:01:f7:c2:4c:d4:1e:0b:bf:4d:d8:
54:5e:42:42:75:f3:2c:94:d6:9f:d0:9e:35:4d:6b:
cf:cf:d2:94:f9:23:ab:bb:44:17:b3:e2:13:7a:e1:
d8:05:33:4d:e0:bb:b6:59:1e:c0:aa:27:79:a4:b2:
80:b1:ae:13:ec:3c:49:ee:e1:48:aa:34:3b:28:85:
fa:36:f4:77:53:ee:35:a4:c7:c2:d3:8e:a9:27:03:
ae:a4:4e:28:a9:4b:87:a2:00:f7:dc:23:cc:97:ef:
b0:0b:f8:6b:6c:39:5e:ed:5a:ea:cf:fa:31:85:78:
1a:84:4e:d3:5d:fd:47:51:17:37:e4:dd:38:73:1c:
4e:06:0c:ce:71:96:4e:6d:a8:5e:ff:54:4a:28:d7:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C6:A6:4F:96:CF:74:5B:69:E7:67:EF:AE:24:A8:71:20:E0:83:E2
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/ocamT5bPdFtp52fvriSocSDgg-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:68c5::/32
Signature Algorithm: sha256WithRSAEncryption
3b:51:63:c4:10:66:d0:1f:25:ea:a8:42:1b:e9:f6:22:d6:11:
91:97:af:00:0d:53:45:df:4c:ff:40:d7:02:76:3a:64:67:88:
05:52:61:8c:dc:91:0e:d8:d8:09:76:ad:e3:93:83:94:58:a8:
35:a5:b6:b3:33:a1:3c:32:8f:02:ea:12:09:ba:8e:cc:36:46:
6b:a3:a3:88:97:43:2b:70:db:f6:ea:f1:99:11:6f:2a:f1:83:
b7:d6:3c:cf:74:cf:81:9f:90:6a:2b:29:8e:d8:29:f6:89:47:
39:94:b5:4b:ad:53:f4:e8:8a:82:d2:1a:f9:73:a4:8e:df:58:
8e:8b:f0:0a:d8:d2:a3:54:33:fa:76:5f:f7:9b:45:74:c3:4b:
bf:2b:64:66:6d:17:6a:ba:a8:36:09:b6:b7:cd:f4:2e:04:d7:
16:59:3d:66:8c:98:aa:25:00:63:72:9b:1d:81:79:27:c7:82:
33:55:5c:8b:a1:29:07:81:19:94:29:ca:d9:ce:59:ef:2c:4d:
27:9c:09:6a:22:11:c3:f2:88:d7:2b:f8:41:e2:a3:dc:65:f2:
7c:36:07:28:b6:c8:af:5e:1f:1a:b3:a5:6a:bf:eb:ae:c4:7c:
b0:a6:6c:58:35:02:d7:84:49:73:9c:bd:ce:76:98:cc:33:de:
d9:b7:46:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuusU2XtOuF5pnAPAoNFhwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjMxMTA4MTEyODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM2YTY0Zjk2Y2Y3NDViNjllNzY3ZWZhZTI0YTg3MTIwZTA4M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg14Xmb8K9OfkU8jIZY913Dzudrs
Amz+5Kd85GoulFdE8vaaphFMnZLastoQwGdP+w5HfvnIl8+wHlkVmTg2yBP4frjW
3ZTpg4onroeOD782YYgYEVxDD7Ilouyhqm8vY5JPshoXcQD20QHv+QH3wkzUHgu/
TdhUXkJCdfMslNaf0J41TWvPz9KU+SOru0QXs+ITeuHYBTNN4Lu2WR7Aqid5pLKA
sa4T7DxJ7uFIqjQ7KIX6NvR3U+41pMfC046pJwOupE4oqUuHogD33CPMl++wC/hr
bDle7Vrqz/oxhXgahE7TXf1HURc35N04cxxOBgzOcZZObahe/1RKKNeS0wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKHGpk+Wz3Rbaedn764kqHEg4IPiMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvb2NhbVQ1YlBkRnRwNTJmdnJpU29jU0RnZy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFoxTAN
BgkqhkiG9w0BAQsFAAOCAQEAO1FjxBBm0B8l6qhCG+n2ItYRkZevAA1TRd9M/0DX
AnY6ZGeIBVJhjNyRDtjYCXat45ODlFioNaW2szOhPDKPAuoSCbqOzDZGa6OjiJdD
K3Db9urxmRFvKvGDt9Y8z3TPgZ+Qaispjtgp9olHOZS1S61T9OiKgtIa+XOkjt9Y
jovwCtjSo1Qz+nZf95tFdMNLvytkZm0XarqoNgm2t830LgTXFlk9ZoyYqiUAY3Kb
HYF5J8eCM1Vci6EpB4EZlCnK2c5Z7yxNJ5wJaiIRw/KI1yv4QeKj3GXyfDYHKLbI
r14fGrOlar/rrsR8sKZsWDUC14RJc5y9znaYzDPe2bdGTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org