Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lO2B4_bmBpayDvHmkNd7hDLpQZA.roa
File: lO2B4_bmBpayDvHmkNd7hDLpQZA.roa (raw, json)
Hash identifier: qrc0mlxNnHQ9dV8Pq1R1MXwMZiJDOSWj89wU/AAa5w4=
Subject key identifier: 94:ED:81:E3:F6:E6:06:96:B2:0E:F1:E6:90:D7:7B:84:32:E9:41:90
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185739013B54E258F4FA540D6AB3BFAA3EA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lO2B4_bmBpayDvHmkNd7hDLpQZA.roa
Signing time: Mon 02 Jan 2023 17:38:20 +0000
ROA not before: Mon 02 Jan 2023 17:38:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212701
IP address blocks: 2a0b:b87:ffd8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:90:13:b5:4e:25:8f:4f:a5:40:d6:ab:3b:fa:a3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ed81e3f6e60696b20ef1e690d77b8432e94190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b8:97:d8:9c:2c:4d:9b:ec:cf:de:37:96:ba:
25:06:39:a3:a0:9c:0c:f8:4a:46:8f:d1:5c:68:16:
ec:22:76:a9:21:64:64:bc:d5:83:97:de:11:f6:38:
39:9c:d4:05:4d:2b:97:49:7e:2e:fe:bd:c3:40:ea:
82:c0:79:8b:44:64:b0:37:9a:c8:b3:3e:6e:95:17:
d3:c2:7a:49:37:26:20:04:7b:b1:11:07:3d:cc:68:
0a:87:8c:2b:06:14:ec:f9:db:92:65:51:41:00:06:
c4:41:aa:db:88:a8:3b:9b:bb:1c:b9:bb:23:a8:05:
67:7f:98:cf:a9:2e:bb:a0:de:da:84:6d:11:f1:74:
7a:81:65:09:f8:6b:1f:01:98:fd:3a:b1:71:f4:14:
92:e3:26:7d:fd:38:45:ff:67:c8:2a:d0:82:4c:44:
b9:7a:55:1d:52:82:7e:bf:50:78:35:64:d9:2b:5f:
94:b9:40:22:1b:e3:b2:f8:c3:94:8a:16:45:82:77:
83:2b:6d:f2:80:a8:11:54:92:4c:fe:87:d5:b8:ed:
8f:84:c3:8f:4f:24:1e:0d:7d:49:e2:b1:8f:05:f8:
0a:46:33:12:9b:b1:fe:b3:11:ba:9a:73:dc:ee:4e:
d8:15:cd:b5:b3:c3:bc:17:3f:65:27:13:7a:81:8d:
b9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:81:E3:F6:E6:06:96:B2:0E:F1:E6:90:D7:7B:84:32:E9:41:90
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lO2B4_bmBpayDvHmkNd7hDLpQZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffd8::/48
Signature Algorithm: sha256WithRSAEncryption
8d:1f:4e:73:37:1b:fb:74:c8:58:74:af:a0:79:45:74:00:c1:
f7:76:cb:a3:ac:9a:ed:75:12:64:3e:ae:a4:b1:88:10:01:38:
6c:fd:3b:ce:57:cd:b4:c7:64:18:79:30:3e:17:f4:99:82:0b:
83:c1:a4:c2:58:9e:a5:35:3c:a4:54:01:b2:5c:82:2a:4b:5e:
f6:94:7c:a6:a8:8d:42:9d:6b:13:f6:58:ee:ca:76:1c:b8:9c:
91:2d:dd:5b:89:c6:75:0a:ec:d8:15:ce:30:90:7f:a2:9b:f0:
a2:79:b9:82:98:0b:5b:37:78:48:d2:31:c7:a1:1e:2c:07:d9:
40:95:51:e8:7f:d2:72:15:09:9f:f7:18:5c:74:f6:43:a1:d6:
6d:a4:46:ce:b4:a7:c6:76:75:0c:09:74:8b:0c:ba:2d:00:10:
c6:0c:f2:63:98:3d:10:64:7d:63:ca:35:79:bd:5b:26:f3:e0:
34:40:b6:82:41:4f:17:86:c7:37:b2:0c:36:51:b2:ed:68:82:
33:ba:3e:74:f1:3a:99:15:d5:64:f9:e7:96:e2:8d:7c:1a:59:
34:89:d2:3e:88:fa:c6:b0:66:55:f9:78:1e:20:a6:69:ee:d7:
21:8b:20:a6:89:c3:ac:17:a2:08:47:a4:1d:11:4f:d8:9a:75:
c8:bb:e1:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzkBO1TiWPT6VA1qs7+qPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVkODFlM2Y2ZTYwNjk2YjIwZWYxZTY5MGQ3N2I4NDMyZTk0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApriX2JwsTZvsz943lrolBjmjoJwM
+EpGj9FcaBbsInapIWRkvNWDl94R9jg5nNQFTSuXSX4u/r3DQOqCwHmLRGSwN5rI
sz5ulRfTwnpJNyYgBHuxEQc9zGgKh4wrBhTs+duSZVFBAAbEQarbiKg7m7scubsj
qAVnf5jPqS67oN7ahG0R8XR6gWUJ+GsfAZj9OrFx9BSS4yZ9/ThF/2fIKtCCTES5
elUdUoJ+v1B4NWTZK1+UuUAiG+Oy+MOUihZFgneDK23ygKgRVJJM/ofVuO2PhMOP
TyQeDX1J4rGPBfgKRjMSm7H+sxG6mnPc7k7YFc21s8O8Fz9lJxN6gY25dwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJTtgeP25gaWsg7x5pDXe4Qy6UGQMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbE8yQjRfYm1CcGF5RHZIbWtOZDdoRExwUVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//Y
MA0GCSqGSIb3DQEBCwUAA4IBAQCNH05zNxv7dMhYdK+geUV0AMH3dsujrJrtdRJk
Pq6ksYgQAThs/TvOV820x2QYeTA+F/SZgguDwaTCWJ6lNTykVAGyXIIqS172lHym
qI1CnWsT9ljuynYcuJyRLd1bicZ1CuzYFc4wkH+im/CiebmCmAtbN3hI0jHHoR4s
B9lAlVHof9JyFQmf9xhcdPZDodZtpEbOtKfGdnUMCXSLDLotABDGDPJjmD0QZH1j
yjV5vVsm8+A0QLaCQU8Xhsc3sgw2UbLtaIIzuj508TqZFdVk+eeW4o18Glk0idI+
iPrGsGZV+XgeIKZp7tchiyCmicOsF6IIR6QdEU/YmnXIu+HA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:40 2024 by rpki-client on console-ams.rpki-client.org