Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/c_o-trnC7VuWeuZGXdrTdUnVWCM.roa
File: c_o-trnC7VuWeuZGXdrTdUnVWCM.roa (raw, json)
Hash identifier: MN6IYHnuMQDa1yl/ZrZ+HBza2GjvPPgOVCt/daVSQvg=
Subject key identifier: 73:FA:3E:B6:B9:C2:ED:5B:96:7A:E6:46:5D:DA:D3:75:49:D5:58:23
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01857142D52C7A0E603572C970E6A182631A
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/c_o-trnC7VuWeuZGXdrTdUnVWCM.roa
Signing time: Mon 02 Jan 2023 06:54:43 +0000
ROA not before: Mon 02 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 2a0b:2a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d5:2c:7a:0e:60:35:72:c9:70:e6:a1:82:63:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 2 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73fa3eb6b9c2ed5b967ae6465ddad37549d55823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:54:a6:fc:a3:73:bc:0f:c0:08:20:23:63:
ca:5c:39:70:91:75:2c:32:e5:51:58:8b:70:d6:e1:
62:a3:0c:78:70:55:e8:1f:93:df:c2:46:a7:84:50:
ba:27:5e:b9:06:d4:71:5c:0a:78:96:1d:78:0a:26:
ef:0e:c9:c5:d5:e8:dd:69:9b:e2:82:7d:bd:d3:5b:
6e:ed:44:72:fb:be:bd:77:44:39:59:a0:9d:61:dc:
16:e0:6c:3a:08:a8:a3:dd:59:6e:1e:3e:a9:fc:17:
ed:a1:cd:54:e0:6f:39:43:a8:45:8b:9e:78:72:0c:
ad:89:e1:02:44:cb:9b:26:0a:19:2d:82:10:a1:48:
2f:a1:0e:e6:b8:a9:95:da:b5:5b:c0:a6:e4:f1:30:
8b:65:8f:7f:2c:68:1c:03:06:b7:ec:a4:15:cf:16:
c3:a4:77:ca:93:d7:48:29:37:f7:b1:37:d1:4a:bd:
7b:10:29:23:a2:31:9f:3b:c7:7c:58:50:be:cf:63:
1b:6c:a9:05:f7:91:fb:35:8a:5f:48:28:07:02:3b:
21:fb:ef:33:f0:4e:52:78:a6:0c:c6:30:08:ef:3c:
27:33:96:93:56:ee:14:e7:29:2b:1e:89:4c:d6:7a:
61:8e:25:e0:b7:8f:93:0e:6d:99:7f:47:a4:06:74:
42:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FA:3E:B6:B9:C2:ED:5B:96:7A:E6:46:5D:DA:D3:75:49:D5:58:23
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/c_o-trnC7VuWeuZGXdrTdUnVWCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
73:ae:f4:77:b5:a2:6d:82:39:c7:5c:20:4e:c9:56:90:28:fc:
8f:ea:37:1c:1e:1c:26:a2:aa:0c:c9:d4:e8:6a:79:8f:5b:5a:
1b:2e:f2:92:e5:9f:fa:a4:a5:d9:25:7a:0b:46:bf:d1:9e:87:
6a:a4:ae:ca:4d:54:f9:30:58:34:2f:65:fc:3a:b2:70:17:dc:
8c:e0:3b:c7:0b:ac:b6:89:43:61:fe:e8:8e:92:95:84:01:20:
70:90:37:83:f3:42:9c:0f:4f:57:55:90:5f:18:3e:10:01:bd:
0b:8f:42:60:12:6a:1c:af:7c:d3:b8:56:64:3d:7a:76:ab:59:
5b:51:b1:e8:f9:85:67:bb:73:ed:87:42:ed:15:04:61:9a:3a:
20:c5:32:76:86:20:21:e6:a1:46:59:3b:5c:8b:4d:d1:0f:af:
ef:56:bc:2a:ac:f4:57:e3:c7:12:17:63:f6:5e:f2:50:13:65:
f9:df:f8:d1:1f:d7:f7:22:de:d9:75:df:c4:83:91:84:35:29:
22:be:ed:65:cc:62:c4:a6:8c:7b:2d:c4:26:13:9d:a5:62:d0:
ed:8a:8b:0e:8b:d6:0b:4f:0a:2f:e2:47:a8:50:01:81:53:06:
d9:f9:11:05:75:35:dd:7c:34:9b:3d:a5:51:2b:6b:1d:07:e8:
2b:c2:f4:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxQtUseg5gNXLJcOahgmMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZhM2ViNmI5YzJlZDViOTY3YWU2NDY1ZGRhZDM3NTQ5ZDU1ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAophUpvyjc7wPwAggI2PKXDlwkXUs
MuVRWItw1uFiowx4cFXoH5PfwkanhFC6J165BtRxXAp4lh14CibvDsnF1ejdaZvi
gn2901tu7URy+769d0Q5WaCdYdwW4Gw6CKij3VluHj6p/Bftoc1U4G85Q6hFi554
cgytieECRMubJgoZLYIQoUgvoQ7muKmV2rVbwKbk8TCLZY9/LGgcAwa37KQVzxbD
pHfKk9dIKTf3sTfRSr17ECkjojGfO8d8WFC+z2MbbKkF95H7NYpfSCgHAjsh++8z
8E5SeKYMxjAI7zwnM5aTVu4U5ykrHolM1nphjiXgt4+TDm2Zf0ekBnRCewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHP6Pra5wu1blnrmRl3a03VJ1VgjMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvY19vLXRybkM3VnVXZXVaR1hkclRkVW5WV0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgsqQDAN
BgkqhkiG9w0BAQsFAAOCAQEAc670d7WibYI5x1wgTslWkCj8j+o3HB4cJqKqDMnU
6Gp5j1taGy7ykuWf+qSl2SV6C0a/0Z6HaqSuyk1U+TBYNC9l/DqycBfcjOA7xwus
tolDYf7ojpKVhAEgcJA3g/NCnA9PV1WQXxg+EAG9C49CYBJqHK9807hWZD16dqtZ
W1Gx6PmFZ7tz7YdC7RUEYZo6IMUydoYgIeahRlk7XItN0Q+v71a8Kqz0V+PHEhdj
9l7yUBNl+d/40R/X9yLe2XXfxIORhDUpIr7tZcxixKaMey3EJhOdpWLQ7YqLDovW
C08KL+JHqFABgVMG2fkRBXU13Xw0mz2lUStrHQfoK8L0HA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org