Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/OvLgPWx7c-3zjnEquTe-eJNxcEA.roa
File: OvLgPWx7c-3zjnEquTe-eJNxcEA.roa (raw, json)
Hash identifier: 9Gx69p/EFP5ZcncgM+ofMC0CrAUBTR+ysAiF+n8W50o=
Subject key identifier: 3A:F2:E0:3D:6C:7B:73:ED:F3:8E:71:2A:B9:37:BE:78:93:71:70:40
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018CC726276825309235687A4911CABB792D
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/OvLgPWx7c-3zjnEquTe-eJNxcEA.roa
Signing time: Mon 01 Jan 2024 22:30:15 +0000
ROA not before: Mon 01 Jan 2024 22:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a0e:dfc7:9c28::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Mar 2024 15:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:27:68:25:30:92:35:68:7a:49:11:ca:bb:79:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 1 22:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3af2e03d6c7b73edf38e712ab937be7893717040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:ab:21:cf:61:7f:c9:eb:57:e9:bb:56:81:
43:87:ae:42:77:a0:86:26:61:a7:06:ab:77:14:f2:
aa:97:18:67:dc:f1:8e:a3:82:8f:1e:aa:8e:53:a0:
33:50:95:9c:3d:c4:68:09:d6:c2:91:dd:38:f1:ac:
5d:4a:9f:be:55:df:ff:4a:57:dc:fc:a1:da:c1:4e:
5b:df:81:c6:df:ab:90:8a:f1:14:98:96:60:c5:2c:
fe:fe:d3:4d:2c:4e:69:77:61:bd:db:40:97:4c:67:
e9:8c:d2:4d:f3:60:7e:1d:f7:3b:8c:15:6a:6d:3a:
41:40:bd:9f:19:42:94:62:59:b5:2d:9a:3a:24:12:
b3:f4:74:a6:ff:a4:e7:24:9d:e6:e4:2e:86:ed:4f:
48:0b:76:f8:88:e1:4f:cb:83:b9:bb:dc:b7:51:63:
94:e3:f2:a2:da:52:19:48:9f:fe:eb:f6:eb:9c:43:
48:94:a6:45:9f:72:ce:dc:79:6b:ef:92:5f:83:60:
ce:fb:74:33:44:84:bb:82:f7:2a:78:00:b1:e2:86:
45:f9:36:77:33:61:ee:be:38:50:3d:13:c0:e9:08:
8e:43:98:0d:7a:5a:21:0f:48:48:f9:e0:8c:57:42:
12:6e:e3:de:9f:30:3f:17:42:fd:55:a0:a2:72:da:
8a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F2:E0:3D:6C:7B:73:ED:F3:8E:71:2A:B9:37:BE:78:93:71:70:40
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/OvLgPWx7c-3zjnEquTe-eJNxcEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc7:9c28::/48
Signature Algorithm: sha256WithRSAEncryption
2e:3f:eb:1b:9e:ed:f0:45:8b:89:78:0d:dd:e6:3d:be:20:a5:
dd:5f:dc:a8:43:6d:89:21:0d:82:50:60:45:8b:f2:94:4e:34:
73:b6:84:8d:4f:8b:52:1f:dd:df:f3:28:13:31:3d:a8:fb:06:
9b:cd:e6:75:f5:ee:f5:c3:1d:1c:f3:8f:f5:e0:7d:a9:8d:19:
56:77:95:0f:1e:86:e0:c2:ef:0c:be:b5:58:5a:66:fe:b1:12:
f3:b0:c3:a8:72:bf:5c:5a:20:a6:4a:9f:cd:b9:3f:f6:79:98:
70:fe:22:9b:6c:21:81:66:4f:79:bb:d8:63:22:47:fc:e8:4e:
38:e3:e2:d8:f7:4a:01:81:1a:2c:6b:c2:f4:5e:7b:af:bf:46:
f4:42:ec:0c:3e:a1:48:36:86:03:83:9f:42:01:73:a5:00:9f:
4a:78:e5:19:a3:e0:2a:a8:57:b0:15:6e:e3:cf:45:54:b4:da:
df:0f:f1:fb:26:4d:b4:14:95:74:1f:cd:c5:2d:6b:ed:4f:a8:
1c:9f:11:c5:6a:65:2e:d7:90:65:e8:ac:f4:41:73:dd:a1:25:
e8:55:e6:80:a7:d2:18:b1:ef:58:3e:dd:7c:ef:be:3b:2b:44:
f6:32:20:43:e1:f4:e7:ec:60:c7:81:d3:9a:ab:68:20:b5:f4:
45:90:0d:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJidoJTCSNWh6SRHKu3ktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTAxMjIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWYyZTAzZDZjN2I3M2VkZjM4ZTcxMmFiOTM3YmU3ODkzNzE3MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFqrIc9hf8nrV+m7VoFDh65Cd6CG
JmGnBqt3FPKqlxhn3PGOo4KPHqqOU6AzUJWcPcRoCdbCkd048axdSp++Vd//Slfc
/KHawU5b34HG36uQivEUmJZgxSz+/tNNLE5pd2G920CXTGfpjNJN82B+Hfc7jBVq
bTpBQL2fGUKUYlm1LZo6JBKz9HSm/6TnJJ3m5C6G7U9IC3b4iOFPy4O5u9y3UWOU
4/Ki2lIZSJ/+6/brnENIlKZFn3LO3Hlr75Jfg2DO+3QzRIS7gvcqeACx4oZF+TZ3
M2HuvjhQPRPA6QiOQ5gNelohD0hI+eCMV0ISbuPenzA/F0L9VaCictqKdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDry4D1se3Pt845xKrk3vniTcXBAMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvT3ZMZ1BXeDdjLTN6am5FcXVUZS1lSk54Y0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7fx5wo
MA0GCSqGSIb3DQEBCwUAA4IBAQAuP+sbnu3wRYuJeA3d5j2+IKXdX9yoQ22JIQ2C
UGBFi/KUTjRztoSNT4tSH93f8ygTMT2o+wabzeZ19e71wx0c84/14H2pjRlWd5UP
Hobgwu8MvrVYWmb+sRLzsMOocr9cWiCmSp/NuT/2eZhw/iKbbCGBZk95u9hjIkf8
6E444+LY90oBgRosa8L0Xnuvv0b0QuwMPqFINoYDg59CAXOlAJ9KeOUZo+AqqFew
FW7jz0VUtNrfD/H7Jk20FJV0H83FLWvtT6gcnxHFamUu15Bl6Kz0QXPdoSXoVeaA
p9IYse9YPt187747K0T2MiBD4fTn7GDHgdOaq2ggtfRFkA0n
-----END CERTIFICATE-----
Generated at Mon Mar 4 19:43:28 2024 by rpki-client on console-fra.rpki-client.org