Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/LCdz8LPa_4hDRY_GlCIp9lQ9jys.roa
File: LCdz8LPa_4hDRY_GlCIp9lQ9jys.roa (raw, json)
Hash identifier: k8+aNbTig5RBga5UdsM89vTDzlGTLSs4huhrSKanPQM=
Subject key identifier: 2C:27:73:F0:B3:DA:FF:88:43:45:8F:C6:94:22:29:F6:54:3D:8F:2B
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01856C9CA9D61572A562A790373B3F73E6E4
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/LCdz8LPa_4hDRY_GlCIp9lQ9jys.roa
Signing time: Sun 01 Jan 2023 09:14:44 +0000
ROA not before: Sun 01 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44921
IP address blocks: 2a00:1908:e100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:a9:d6:15:72:a5:62:a7:90:37:3b:3f:73:e6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c2773f0b3daff8843458fc6942229f6543d8f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e4:1a:e4:dd:18:39:5a:41:97:2d:28:f9:37:
e8:81:ea:ad:f2:b7:b6:d3:f0:67:e1:83:6b:88:da:
10:06:53:85:9e:a1:38:2d:fd:ac:93:77:3c:bb:7f:
a3:ab:99:c3:6e:4d:00:5b:ec:48:16:01:b1:0d:15:
19:5e:df:65:26:42:8c:3e:24:64:89:84:bb:e4:fd:
08:65:b6:61:59:c0:5b:8c:5d:bd:1a:2f:6b:ec:11:
b2:ec:3f:0a:d3:9b:83:ec:d9:79:9a:2c:3b:6a:27:
b4:b6:16:30:98:64:82:0b:ea:4b:58:f6:90:ac:8d:
cc:2b:c2:1b:fd:51:c5:b5:a3:e1:29:2b:fb:7c:ed:
8f:69:1c:64:93:22:b1:ee:2b:37:53:e2:90:9b:a9:
86:08:a3:1e:9e:f0:f6:5c:5e:3c:ba:91:92:c4:73:
ba:10:ba:73:73:55:00:f0:7b:4f:c7:82:10:f7:64:
7c:9b:45:ec:58:e8:2e:a4:66:50:48:a7:67:93:c7:
fe:36:ae:aa:a9:83:fa:d3:ad:fd:92:c0:67:8c:8f:
84:58:d8:bd:1d:50:61:c2:0f:ae:f1:19:82:8f:34:
93:e9:d3:29:a1:a4:24:45:f1:b7:02:ef:c8:23:e1:
ca:5a:87:6b:95:83:fe:4a:59:18:22:31:f0:2c:44:
07:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:27:73:F0:B3:DA:FF:88:43:45:8F:C6:94:22:29:F6:54:3D:8F:2B
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/LCdz8LPa_4hDRY_GlCIp9lQ9jys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:e100::/48
Signature Algorithm: sha256WithRSAEncryption
9e:ea:5f:24:df:93:79:76:7e:71:df:53:ca:8a:a6:e4:8b:47:
46:da:c0:3d:b2:7e:4a:8b:6b:6a:0b:37:e9:17:8e:08:fd:aa:
00:18:d3:6a:24:d1:b9:42:44:fa:5a:d0:1f:34:9f:b3:98:d0:
33:b8:b9:30:d4:ac:c4:18:2e:fd:f3:1a:e3:94:c8:97:44:39:
dc:dd:f5:9e:ef:4e:8e:df:9d:46:58:79:2c:7e:1f:82:8b:4b:
dd:33:4b:1b:1d:a9:36:b6:01:ee:91:7e:6a:97:4c:0a:b3:07:
ec:26:54:1a:ba:ab:ee:55:dc:eb:30:1c:c1:a7:59:e1:c2:6d:
98:ba:a5:93:47:9e:59:07:c7:18:f1:1a:65:99:29:38:e5:50:
be:ad:1a:f1:b1:3c:d6:ff:d9:15:67:3b:93:a5:51:3e:b2:01:
7d:5f:eb:d5:52:c0:ce:4c:00:83:80:4b:87:0d:22:ce:ce:0d:
a8:5e:26:a4:01:96:a8:ff:bf:6c:37:0d:fb:55:d1:a7:01:ea:
de:e5:0d:7d:8b:17:af:ac:79:ad:45:bf:b5:54:2d:1e:92:ca:
0c:83:75:20:2b:8a:6f:c7:c5:fd:a2:5f:ec:a8:02:33:e5:3f:
13:10:6a:1f:d5:09:82:bb:51:1f:96:54:c0:fd:f4:d4:ac:b6:
06:9e:2f:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsnKnWFXKlYqeQNzs/c+bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwMTAxMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI3NzNmMGIzZGFmZjg4NDM0NThmYzY5NDIyMjlmNjU0M2Q4ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOQa5N0YOVpBly0o+Tfogeqt8re2
0/Bn4YNriNoQBlOFnqE4Lf2sk3c8u3+jq5nDbk0AW+xIFgGxDRUZXt9lJkKMPiRk
iYS75P0IZbZhWcBbjF29Gi9r7BGy7D8K05uD7Nl5miw7aie0thYwmGSCC+pLWPaQ
rI3MK8Ib/VHFtaPhKSv7fO2PaRxkkyKx7is3U+KQm6mGCKMenvD2XF48upGSxHO6
ELpzc1UA8HtPx4IQ92R8m0XsWOgupGZQSKdnk8f+Nq6qqYP60639ksBnjI+EWNi9
HVBhwg+u8RmCjzST6dMpoaQkRfG3Au/II+HKWodrlYP+SlkYIjHwLEQHPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCwnc/Cz2v+IQ0WPxpQiKfZUPY8rMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvTENkejhMUGFfNGhEUllfR2xDSXA5bFE5anlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAZCOEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCe6l8k35N5dn5x31PKiqbki0dG2sA9sn5Ki2tq
CzfpF44I/aoAGNNqJNG5QkT6WtAfNJ+zmNAzuLkw1KzEGC798xrjlMiXRDnc3fWe
706O351GWHksfh+Ci0vdM0sbHak2tgHukX5ql0wKswfsJlQauqvuVdzrMBzBp1nh
wm2YuqWTR55ZB8cY8RplmSk45VC+rRrxsTzW/9kVZzuTpVE+sgF9X+vVUsDOTACD
gEuHDSLOzg2oXiakAZao/79sNw37VdGnAere5Q19ixevrHmtRb+1VC0eksoMg3Ug
K4pvx8X9ol/sqAIz5T8TEGof1QmCu1EfllTA/fTUrLYGni/E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org