Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/lPX5eQfReoYr503GQ6tXoXz9VWk.roa
File: lPX5eQfReoYr503GQ6tXoXz9VWk.roa (raw, json)
Hash identifier: DLYMlztpdTnIs75h+xQX4uKYHUNUjVp+PhZsRTDryIg=
Subject key identifier: 94:F5:F9:79:07:D1:7A:86:2B:E7:4D:C6:43:AB:57:A1:7C:FD:55:69
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018BAEB7B5A193CB17D47868BA875AA23A0D
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/lPX5eQfReoYr503GQ6tXoXz9VWk.roa
Signing time: Wed 08 Nov 2023 11:35:57 +0000
ROA not before: Wed 08 Nov 2023 11:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:641::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:b7:b5:a1:93:cb:17:d4:78:68:ba:87:5a:a2:3a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Nov 8 11:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94f5f97907d17a862be74dc643ab57a17cfd5569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a9:38:1b:cb:b1:d3:17:ad:7e:51:78:d6:93:
69:11:92:b0:8a:6b:d0:fe:51:6d:be:97:22:2f:c7:
8e:c0:87:dc:f7:a6:3e:c1:60:ec:28:de:4f:41:23:
5f:99:c6:b0:aa:43:3a:16:78:aa:bc:50:19:51:b9:
83:43:9b:66:c7:5e:55:b6:07:6d:c1:7c:04:c1:9d:
3a:ed:ac:37:65:a9:1f:57:bd:8f:72:8f:24:92:39:
e8:4b:54:9b:89:be:29:b0:fc:d1:11:f9:a5:d8:8a:
96:80:07:26:09:ff:d0:e6:95:87:dc:64:5e:35:b2:
20:fc:dc:ed:5b:3e:ff:44:b6:f6:e8:4a:54:53:ce:
a9:96:8b:e5:c1:9b:c1:fd:ae:95:c0:44:06:3a:63:
d7:23:b3:0e:ad:08:52:36:c8:6d:5c:a9:4c:c6:77:
6b:e5:86:85:3d:ba:1b:86:d7:c2:18:f1:03:52:5d:
cf:36:7c:c5:63:24:ef:63:0c:e9:cb:54:de:1e:d4:
71:9e:07:1d:68:33:73:94:28:97:6c:fe:3a:10:78:
9f:9c:a4:f5:13:69:fb:0b:b4:ee:ed:74:a6:82:ab:
bf:fd:30:2e:c3:cb:7c:3f:7f:09:ff:12:d2:73:18:
a9:15:75:94:8b:4b:95:c4:fb:b5:ef:a7:db:3e:7b:
00:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F5:F9:79:07:D1:7A:86:2B:E7:4D:C6:43:AB:57:A1:7C:FD:55:69
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/lPX5eQfReoYr503GQ6tXoXz9VWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:641::/32
Signature Algorithm: sha256WithRSAEncryption
6f:fd:cb:f2:b5:49:da:59:61:97:3b:c2:1f:20:79:1a:4b:35:
fe:ef:6c:5b:7e:e5:71:6a:16:af:11:5a:d9:8a:a8:fc:5b:4b:
39:2d:e0:43:81:12:3b:d9:78:26:63:ea:b6:87:62:12:bd:33:
3b:7c:f0:49:bc:15:64:1f:7f:f5:01:6b:ca:6d:2b:d1:55:b0:
0c:9c:4e:2b:79:3f:33:4b:82:82:37:d0:54:c5:08:a3:d3:e1:
7d:9b:a7:30:ee:d2:60:af:01:6f:40:92:cb:5a:e7:6d:bd:41:
62:11:ab:56:4f:04:4b:3a:bb:aa:e7:fd:cf:3e:41:00:c8:a8:
10:d3:a0:56:61:a2:27:21:62:7d:d7:07:ff:31:74:d6:34:fe:
6b:74:47:6c:39:5c:ad:82:94:a7:d8:d0:c4:56:41:62:a9:36:
97:8d:a2:93:98:da:19:1e:4b:dd:ac:e1:c9:d5:0c:c6:eb:26:
20:4a:1b:e3:67:dd:8b:d9:ab:d1:de:3a:56:f4:05:7d:91:b2:
2a:da:1f:6b:16:f1:9d:b1:e5:7d:e1:f9:f5:d1:2b:90:ac:75:
6b:66:27:5e:0d:92:81:5d:9d:79:04:8a:e0:f4:11:ee:f7:9b:
d4:34:75:cd:7a:36:fd:a7:11:8e:5a:f7:b0:7c:5e:85:84:58:
36:42:72:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYuut7Whk8sX1HhouodaojoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjMxMTA4MTEzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY1Zjk3OTA3ZDE3YTg2MmJlNzRkYzY0M2FiNTdhMTdjZmQ1NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKk4G8ux0xetflF41pNpEZKwimvQ
/lFtvpciL8eOwIfc96Y+wWDsKN5PQSNfmcawqkM6FniqvFAZUbmDQ5tmx15Vtgdt
wXwEwZ067aw3ZakfV72Pco8kkjnoS1Sbib4psPzREfml2IqWgAcmCf/Q5pWH3GRe
NbIg/NztWz7/RLb26EpUU86plovlwZvB/a6VwEQGOmPXI7MOrQhSNshtXKlMxndr
5YaFPbobhtfCGPEDUl3PNnzFYyTvYwzpy1TeHtRxngcdaDNzlCiXbP46EHifnKT1
E2n7C7Tu7XSmgqu//TAuw8t8P38J/xLScxipFXWUi0uVxPu176fbPnsArwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJT1+XkH0XqGK+dNxkOrV6F8/VVpMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvbFBYNWVRZlJlb1lyNTAzR1E2dFhvWHo5VldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhEGQTAN
BgkqhkiG9w0BAQsFAAOCAQEAb/3L8rVJ2llhlzvCHyB5Gks1/u9sW37lcWoWrxFa
2Yqo/FtLOS3gQ4ESO9l4JmPqtodiEr0zO3zwSbwVZB9/9QFrym0r0VWwDJxOK3k/
M0uCgjfQVMUIo9PhfZunMO7SYK8Bb0CSy1rnbb1BYhGrVk8ESzq7quf9zz5BAMio
ENOgVmGiJyFifdcH/zF01jT+a3RHbDlcrYKUp9jQxFZBYqk2l42ik5jaGR5L3azh
ydUMxusmIEob42fdi9mr0d46VvQFfZGyKtofaxbxnbHlfeH59dErkKx1a2YnXg2S
gV2deQSK4PQR7veb1DR1zXo2/acRjlr3sHxehYRYNkJycw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org