Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/2rLBOLHcGtY8fULRjWNAAlDAMH8.roa
File: 2rLBOLHcGtY8fULRjWNAAlDAMH8.roa (raw, json)
Hash identifier: dQdIBUaAHMfuJ+f/7noqJSMMFtTy4Y8llmIejKGvcy0=
Subject key identifier: DA:B2:C1:38:B1:DC:1A:D6:3C:7D:42:D1:8D:63:40:02:50:C0:30:7F
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 01856F391B130FB3961FF40658240AE8DEFA
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/2rLBOLHcGtY8fULRjWNAAlDAMH8.roa
Signing time: Sun 01 Jan 2023 21:24:51 +0000
ROA not before: Sun 01 Jan 2023 21:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56849
IP address blocks: 2a0e:48c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:1b:13:0f:b3:96:1f:f4:06:58:24:0a:e8:de:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Jan 1 21:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dab2c138b1dc1ad63c7d42d18d63400250c0307f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6a:13:86:8d:11:f6:67:8b:1d:dd:85:68:4e:
2b:82:78:37:6a:a6:35:0d:80:f4:5a:65:75:9f:d9:
e5:56:8f:d6:bc:c3:2a:b4:c6:10:34:a4:1f:7c:90:
0f:00:73:41:58:83:07:57:99:d5:0a:55:06:71:42:
b0:00:46:81:da:9d:23:0f:a1:de:fb:f5:c8:06:41:
67:b1:80:d6:d5:6d:15:4a:c6:6c:67:b4:96:fe:1b:
0b:36:62:af:a3:7d:cc:72:00:35:68:b5:93:78:2c:
54:59:a3:14:c2:ab:ed:4f:cf:3e:35:aa:09:8c:ca:
48:40:2e:bd:5c:6e:cf:79:c2:57:58:b1:c0:f9:19:
5c:10:d2:f9:96:48:39:bd:07:8a:05:dc:e8:85:96:
39:71:6e:9f:df:1c:4f:c4:ae:5a:d4:b9:39:82:8a:
9c:c4:79:81:e1:5f:1f:14:2c:68:91:b6:fe:fb:bd:
8c:5b:79:7e:31:ac:34:05:2d:60:a3:55:26:a9:41:
8f:3c:c5:88:6a:69:98:89:ca:2e:46:9d:fb:c6:92:
13:b9:94:9b:1a:54:d3:fa:1b:17:80:b2:e6:00:18:
6a:04:22:1e:cc:c1:70:1a:6d:c0:95:f6:58:3b:86:
4d:33:6a:73:9c:f8:5e:ed:ee:9a:8c:cb:05:19:61:
fd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B2:C1:38:B1:DC:1A:D6:3C:7D:42:D1:8D:63:40:02:50:C0:30:7F
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/2rLBOLHcGtY8fULRjWNAAlDAMH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:4b:6f:1b:99:03:68:c9:59:ab:ff:e7:e9:b4:e2:97:2b:b2:
17:38:1d:00:34:76:f5:60:4e:f0:ef:80:0c:46:ee:04:d0:b1:
14:f7:05:bf:c6:89:10:55:99:b7:9d:5a:20:5f:3d:49:24:d2:
5f:65:05:c5:3a:c4:4a:26:31:aa:d8:c9:8a:ab:84:3c:bf:7b:
c6:e3:38:4f:e7:15:f3:84:00:71:24:29:f9:98:21:95:25:6f:
49:b7:bf:c2:9d:89:f3:7d:cb:88:ee:d6:ca:be:4e:74:7c:c6:
f1:bf:42:90:c3:0f:67:28:49:68:20:36:f7:7f:ba:8a:2a:bd:
7d:a8:b3:c3:fc:2a:36:ff:3a:29:ca:fc:72:e0:e0:6c:b6:2a:
c0:b8:3e:92:3d:30:1f:39:b9:6c:a0:a9:ac:e9:c9:8d:86:00:
18:77:74:ad:67:05:5b:f0:8c:99:51:a5:40:cd:86:92:0f:f8:
74:17:a7:12:16:5a:12:24:bc:89:9d:ec:06:53:84:02:87:f2:
46:a1:70:a8:0f:17:64:bd:b7:68:d1:f6:36:5b:09:58:0f:0c:
a8:e3:df:3b:2d:c7:04:47:11:b1:70:d9:b3:a9:e7:a0:22:1f:
cc:0a:e2:e3:f0:0c:59:29:c0:66:d6:f2:0c:b3:02:be:c4:c7:
c8:c0:2c:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvORsTD7OWH/QGWCQK6N76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjMwMTAxMjEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIyYzEzOGIxZGMxYWQ2M2M3ZDQyZDE4ZDYzNDAwMjUwYzAzMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWoTho0R9meLHd2FaE4rgng3aqY1
DYD0WmV1n9nlVo/WvMMqtMYQNKQffJAPAHNBWIMHV5nVClUGcUKwAEaB2p0jD6He
+/XIBkFnsYDW1W0VSsZsZ7SW/hsLNmKvo33McgA1aLWTeCxUWaMUwqvtT88+NaoJ
jMpIQC69XG7PecJXWLHA+RlcENL5lkg5vQeKBdzohZY5cW6f3xxPxK5a1Lk5goqc
xHmB4V8fFCxokbb++72MW3l+Maw0BS1go1UmqUGPPMWIammYicouRp37xpITuZSb
GlTT+hsXgLLmABhqBCIezMFwGm3AlfZYO4ZNM2pznPhe7e6ajMsFGWH93QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNqywTix3BrWPH1C0Y1jQAJQwDB/MB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvMnJMQk9MSGNHdFk4ZlVMUmpXTkFBbERBTUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEApktvG5kDaMlZq//n6bTilyuyFzgdADR29WBO8O+A
DEbuBNCxFPcFv8aJEFWZt51aIF89SSTSX2UFxTrESiYxqtjJiquEPL97xuM4T+cV
84QAcSQp+ZghlSVvSbe/wp2J833LiO7Wyr5OdHzG8b9CkMMPZyhJaCA293+6iiq9
faizw/wqNv86Kcr8cuDgbLYqwLg+kj0wHzm5bKCprOnJjYYAGHd0rWcFW/CMmVGl
QM2Gkg/4dBenEhZaEiS8iZ3sBlOEAofyRqFwqA8XZL23aNH2NlsJWA8MqOPfOy3H
BEcRsXDZs6nnoCIfzAri4/AMWSnAZtbyDLMCvsTHyMAsUA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:10 2024 by rpki-client on console-ams.rpki-client.org