Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/oc1KBVbKm9Otj96UxCMzQZ_Covo.roa
File: oc1KBVbKm9Otj96UxCMzQZ_Covo.roa (raw, json)
Hash identifier: gdjD6Od//3KWf+DQi/qfvEpuZj0j+rcheWDaiEmqKG8=
Subject key identifier: A1:CD:4A:05:56:CA:9B:D3:AD:8F:DE:94:C4:23:33:41:9F:C2:A2:FA
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 01856C53F498F32B74007EBCF3BCA32998C6
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/oc1KBVbKm9Otj96UxCMzQZ_Covo.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43067
IP address blocks: 2a04:a900:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f4:98:f3:2b:74:00:7e:bc:f3:bc:a3:29:98:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1cd4a0556ca9bd3ad8fde94c42333419fc2a2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a8:d6:b7:1d:c8:06:7b:81:fb:48:46:22:ad:
7b:09:39:1c:c4:0a:7a:0e:bb:e7:5d:59:c2:7c:96:
a3:ea:3c:59:5b:15:35:12:47:ea:4e:cf:9c:d5:ea:
66:be:1b:fe:73:e3:33:fe:28:f5:aa:45:d5:3e:04:
a9:97:36:6e:bc:bd:08:ae:fc:c2:18:80:39:0c:37:
60:13:a0:e7:d4:52:c3:04:a7:fd:c7:4c:86:7a:3a:
09:a4:15:92:46:e3:54:7a:f2:6a:73:24:d3:e3:1f:
72:dc:eb:a1:9b:7b:04:5e:56:70:bb:75:fe:5c:60:
f2:9d:57:08:71:4d:99:be:e9:a6:36:fb:c0:1a:ae:
d8:56:85:af:50:88:45:79:46:0b:77:7a:4c:a4:1f:
26:c4:fe:cf:cf:dd:be:4c:96:0b:07:f4:58:80:2b:
0c:9c:6a:d0:67:a4:c9:11:c3:2f:34:55:4c:1c:8d:
1a:ef:b7:90:26:c6:b6:62:16:e5:94:43:c0:60:fa:
00:ec:9a:1a:ff:95:9c:39:5d:b7:80:7f:88:1b:0b:
9e:4e:64:61:d7:99:e8:0d:96:c3:18:b1:0f:4d:23:
e4:74:bc:14:08:cd:ec:63:b3:f8:da:6b:c5:9b:40:
80:1a:44:58:70:7d:59:73:62:4c:2d:47:f2:f5:ac:
cc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CD:4A:05:56:CA:9B:D3:AD:8F:DE:94:C4:23:33:41:9F:C2:A2:FA
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/oc1KBVbKm9Otj96UxCMzQZ_Covo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a900:2::/48
Signature Algorithm: sha256WithRSAEncryption
31:bb:60:38:19:e1:af:5b:41:47:eb:63:be:44:04:4f:09:1a:
74:e5:dc:bf:cd:00:fb:8f:f1:c5:a0:d1:70:f8:7c:a4:93:d5:
f4:d5:bd:b0:fe:51:5e:32:4c:97:12:8a:85:7a:e8:59:dd:a1:
f3:b0:a7:3d:34:fc:3c:73:98:63:90:4f:e4:72:96:7a:6a:05:
2e:a2:a7:dc:35:16:0c:33:b4:2f:b8:81:f1:43:e0:26:e5:7b:
50:1d:13:1e:ef:7a:39:f1:f5:8c:a3:19:92:3a:ee:34:7a:ea:
7e:02:cc:50:d1:f5:d7:82:29:d0:74:99:3e:3f:40:43:b9:e3:
d9:64:e3:5b:3f:2e:56:d2:69:b7:91:d3:ee:5f:b3:34:ea:50:
c0:4c:7c:1c:d1:97:ce:23:ba:e3:d1:ad:c4:b9:63:6e:1a:67:
a1:55:1b:0d:8d:12:32:47:09:c5:e3:70:9e:a7:ae:95:c3:82:
fc:d6:fb:24:d8:55:30:b7:77:b4:28:bb:8e:fa:a6:e6:a2:48:
98:bb:2f:8c:97:bb:91:16:8f:e8:a4:f0:f6:6b:03:4d:63:12:
81:f2:39:8c:b1:8f:e2:fb:63:cc:71:ad:53:3d:35:d1:3a:54:
15:94:28:4d:33:12:52:0d:85:3d:b5:a4:dd:92:f7:7f:12:75:
da:40:c7:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsU/SY8yt0AH6887yjKZjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWNkNGEwNTU2Y2E5YmQzYWQ4ZmRlOTRjNDIzMzM0MTlmYzJhMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKjWtx3IBnuB+0hGIq17CTkcxAp6
DrvnXVnCfJaj6jxZWxU1EkfqTs+c1epmvhv+c+Mz/ij1qkXVPgSplzZuvL0IrvzC
GIA5DDdgE6Dn1FLDBKf9x0yGejoJpBWSRuNUevJqcyTT4x9y3Ouhm3sEXlZwu3X+
XGDynVcIcU2ZvummNvvAGq7YVoWvUIhFeUYLd3pMpB8mxP7Pz92+TJYLB/RYgCsM
nGrQZ6TJEcMvNFVMHI0a77eQJsa2YhbllEPAYPoA7Joa/5WcOV23gH+IGwueTmRh
15noDZbDGLEPTSPkdLwUCM3sY7P42mvFm0CAGkRYcH1Zc2JMLUfy9azMJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKHNSgVWypvTrY/elMQjM0GfwqL6MB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvb2MxS0JWYkttOU90ajk2VXhDTXpRWl9Db3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgSpAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAxu2A4GeGvW0FH62O+RARPCRp05dy/zQD7j/HF
oNFw+Hykk9X01b2w/lFeMkyXEoqFeuhZ3aHzsKc9NPw8c5hjkE/kcpZ6agUuoqfc
NRYMM7QvuIHxQ+Am5XtQHRMe73o58fWMoxmSOu40eup+AsxQ0fXXginQdJk+P0BD
uePZZONbPy5W0mm3kdPuX7M06lDATHwc0ZfOI7rj0a3EuWNuGmehVRsNjRIyRwnF
43Cep66Vw4L81vsk2FUwt3e0KLuO+qbmokiYuy+Ml7uRFo/opPD2awNNYxKB8jmM
sY/i+2PMca1TPTXROlQVlChNMxJSDYU9taTdkvd/EnXaQMem
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:32 2024 by rpki-client on console-fra.rpki-client.org