Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/OCRIzUMHtxjx9r7iRM4a-se5qsY.roa
File: OCRIzUMHtxjx9r7iRM4a-se5qsY.roa (raw, json)
Hash identifier: K0FFbIHBITFNwhJVMmeaA7vYEwsyhCas11/pMqVda4w=
Subject key identifier: 38:24:48:CD:43:07:B7:18:F1:F6:BE:E2:44:CE:1A:FA:C7:B9:AA:C6
Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial: 01898827A6721E7216E258585924611D58CC
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/OCRIzUMHtxjx9r7iRM4a-se5qsY.roa
Signing time: Mon 24 Jul 2023 13:47:27 +0000
ROA not before: Mon 24 Jul 2023 13:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 151338
IP address blocks: 2a13:b487:4f00::/40 maxlen: 48
2a13:b487:5000::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:27:a6:72:1e:72:16:e2:58:58:59:24:61:1d:58:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Validity
Not Before: Jul 24 13:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=382448cd4307b718f1f6bee244ce1afac7b9aac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:06:2c:2e:dc:20:be:23:f4:b0:fb:63:e7:c1:
88:e7:33:ad:e5:70:98:5c:50:af:00:99:ca:7f:6a:
f8:fe:df:d0:7c:cd:9e:38:49:89:85:b2:cf:2f:98:
88:e0:dc:a9:43:a8:46:e4:ec:59:94:cc:50:5a:7a:
5c:6c:eb:53:d4:1d:28:b7:26:be:31:27:dd:2d:6b:
ce:54:59:3e:8d:d9:95:a3:9e:1e:e9:99:41:68:cd:
00:99:29:55:10:28:99:c8:7d:c9:ec:66:c4:6e:7a:
56:40:02:d4:ec:1a:43:4b:12:c9:48:60:3e:fc:b4:
d2:11:b3:eb:b4:fa:78:e7:9c:f0:a1:5f:32:fb:fb:
8e:75:4b:a5:00:10:21:1f:8f:2d:aa:1e:96:2d:99:
83:1d:a6:1a:c5:ae:55:9f:89:3a:e3:05:24:50:cf:
4a:67:4c:38:23:d3:95:3a:69:5d:dd:a7:45:f6:cc:
13:10:da:a8:b1:aa:79:e1:97:25:b7:e5:41:75:f6:
08:6b:76:94:0a:09:65:03:37:4e:14:9f:4e:1a:34:
00:83:46:ed:51:75:72:79:0f:25:f7:b7:c6:d7:5a:
d6:b7:00:9a:2f:8f:6d:14:a5:79:3e:32:3f:a6:96:
d9:f2:cd:db:74:0e:a2:ad:ee:e1:ba:a1:8d:72:a7:
5c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:24:48:CD:43:07:B7:18:F1:F6:BE:E2:44:CE:1A:FA:C7:B9:AA:C6
X509v3 Authority Key Identifier:
keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/OCRIzUMHtxjx9r7iRM4a-se5qsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b487:4f00::-2a13:b487:50ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
e0:2a:d4:17:69:e6:9a:0b:67:3b:2d:d6:c4:4c:b9:3c:d5:3a:
dc:13:81:ae:23:c7:c4:cf:35:57:5c:8d:76:cf:3e:95:86:09:
ac:3e:0f:46:6f:65:98:7e:06:a7:4c:48:43:e5:28:bc:0b:c5:
7f:ce:ba:c9:12:0c:73:b4:94:ba:6d:93:f2:bb:2b:d8:a7:da:
8c:de:26:3c:67:d3:53:3b:bc:67:79:40:2f:ae:7c:5c:cf:b0:
89:04:ec:48:8e:5e:6c:26:32:bc:a1:2c:0a:cb:fe:b2:6e:09:
1b:a9:98:4d:45:fc:b7:a4:9a:1d:c8:98:ac:4c:a8:48:d0:7a:
3c:86:b6:4e:c0:3a:da:3b:59:e4:20:e6:0c:a2:32:5f:c0:f6:
91:dc:72:49:bf:8b:bb:95:7b:60:4b:89:d8:ce:b1:2d:ac:07:
b2:2c:3d:86:38:1b:20:4e:d5:c0:3e:8e:7e:0d:db:74:be:22:
90:f7:f6:ad:9a:18:55:c0:1a:27:5f:87:bc:6c:1f:9f:5d:21:
48:8c:a5:47:f5:7f:fa:08:fc:8a:6f:3b:6b:1b:cd:fb:2a:ed:
1a:ec:3f:d2:7c:f9:d1:ff:1f:42:a3:ab:ce:e2:bf:c7:e2:f3:
c5:e4:60:e7:b1:b8:5c:7c:a6:d9:52:db:74:75:f0:fc:9f:4c:
66:37:bf:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmIJ6ZyHnIW4lhYWSRhHVjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjMwNzI0MTM0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI0NDhjZDQzMDdiNzE4ZjFmNmJlZTI0NGNlMWFmYWM3YjlhYWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wYsLtwgviP0sPtj58GI5zOt5XCY
XFCvAJnKf2r4/t/QfM2eOEmJhbLPL5iI4NypQ6hG5OxZlMxQWnpcbOtT1B0otya+
MSfdLWvOVFk+jdmVo54e6ZlBaM0AmSlVECiZyH3J7GbEbnpWQALU7BpDSxLJSGA+
/LTSEbPrtPp455zwoV8y+/uOdUulABAhH48tqh6WLZmDHaYaxa5Vn4k64wUkUM9K
Z0w4I9OVOmld3adF9swTENqosap54Zclt+VBdfYIa3aUCgllAzdOFJ9OGjQAg0bt
UXVyeQ8l97fG11rWtwCaL49tFKV5PjI/ppbZ8s3bdA6ire7huqGNcqdcXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDgkSM1DB7cY8fa+4kTOGvrHuarGMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvT0NSSXpVTUh0eGp4OXI3aVJNNGEtc2U1cXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqE7SH
TwMGACoTtIdQMA0GCSqGSIb3DQEBCwUAA4IBAQDgKtQXaeaaC2c7LdbETLk81Trc
E4GuI8fEzzVXXI12zz6VhgmsPg9Gb2WYfganTEhD5Si8C8V/zrrJEgxztJS6bZPy
uyvYp9qM3iY8Z9NTO7xneUAvrnxcz7CJBOxIjl5sJjK8oSwKy/6ybgkbqZhNRfy3
pJodyJisTKhI0Ho8hrZOwDraO1nkIOYMojJfwPaR3HJJv4u7lXtgS4nYzrEtrAey
LD2GOBsgTtXAPo5+Ddt0viKQ9/atmhhVwBonX4e8bB+fXSFIjKVH9X/6CPyKbztr
G837Ku0a7D/SfPnR/x9Co6vO4r/H4vPF5GDnsbhcfKbZUtt0dfD8n0xmN794
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:04 2024 by rpki-client on console-ams.rpki-client.org