Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/OQ8ptGxSHmS2JbDvFMIj6iln_-I.roa
File: OQ8ptGxSHmS2JbDvFMIj6iln_-I.roa (raw, json)
Hash identifier: 089JXgjXEL/lnHu5IRlGYZ3TytGD2tq8nOE/M2oW/+w=
Subject key identifier: 39:0F:29:B4:6C:52:1E:64:B6:25:B0:EF:14:C2:23:EA:29:67:FF:E2
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018C15A40BCAEE68FA7C7AB55BD08CA3D257
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/OQ8ptGxSHmS2JbDvFMIj6iln_-I.roa
Signing time: Tue 28 Nov 2023 11:15:21 +0000
ROA not before: Tue 28 Nov 2023 11:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199669
IP address blocks: 2a11:68c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:a4:0b:ca:ee:68:fa:7c:7a:b5:5b:d0:8c:a3:d2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Nov 28 11:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=390f29b46c521e64b625b0ef14c223ea2967ffe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cc:8e:aa:a3:49:13:e0:9e:fa:84:79:f8:8b:
f2:21:4c:12:68:8c:ba:5f:8e:02:a5:6e:9d:8b:26:
51:df:79:ec:d4:79:cc:95:bf:2d:aa:39:0b:fc:9c:
34:11:17:dc:43:90:b3:20:1d:e7:21:62:64:b7:96:
e5:d2:73:31:c6:a5:cd:c1:a6:87:54:10:66:86:5a:
08:b1:43:ce:60:d0:41:02:70:80:cb:99:02:44:36:
34:cc:e6:b3:ad:2e:67:af:a9:de:eb:27:15:81:94:
0f:a8:9e:0c:e8:9f:28:5d:67:f9:2a:e9:8f:36:f9:
7e:05:3c:8c:3e:5a:69:45:85:97:a5:da:97:62:59:
84:55:73:3b:6f:7a:a3:65:b8:6f:6d:08:cc:ac:03:
5c:38:ca:39:9d:77:50:7f:ea:c2:a9:a7:ca:3d:ea:
90:1b:1b:7f:ec:fb:5b:d6:ad:0b:7d:8d:3b:49:dc:
85:25:62:ec:81:6a:5f:fa:2b:75:2f:a9:56:3f:eb:
87:96:a3:f0:77:80:49:28:b9:a4:0f:fb:47:e7:4f:
9b:8c:c8:b8:a8:d1:a2:98:c2:1d:20:70:5c:e1:52:
9f:d7:85:18:e8:3c:09:31:2d:2b:3b:7d:13:08:42:
b6:32:a0:a2:d4:7a:0f:09:01:74:6c:53:68:92:34:
44:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0F:29:B4:6C:52:1E:64:B6:25:B0:EF:14:C2:23:EA:29:67:FF:E2
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/OQ8ptGxSHmS2JbDvFMIj6iln_-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:68c7::/32
Signature Algorithm: sha256WithRSAEncryption
03:7c:08:20:12:20:7f:7b:a2:df:92:a0:21:71:49:bc:70:37:
ec:51:f6:53:b8:61:23:53:0a:89:b7:54:29:37:1b:28:e5:45:
f5:6a:c3:bc:a2:7c:ea:7c:c0:89:95:c6:01:53:4f:35:be:9f:
19:81:be:14:88:51:cc:8e:83:db:da:65:33:f1:9b:d4:ce:d2:
2f:1d:8d:79:99:9c:83:3b:e2:49:9f:72:0d:f5:3b:fa:7a:2d:
13:07:50:2b:61:b8:7d:5e:64:d9:b8:9b:6f:41:0f:1e:c0:61:
fd:6f:3f:43:1f:bc:b8:8e:0f:39:b0:77:7f:fa:38:fe:44:e7:
7c:5d:90:6e:b3:0f:fd:97:85:05:9d:00:29:df:3a:52:7a:75:
43:22:b2:c9:32:67:b3:ef:6c:45:2e:79:c2:ad:39:32:6f:94:
d5:27:11:e5:48:8a:e4:04:67:97:cd:aa:70:6e:87:95:79:05:
ed:a3:83:53:00:cf:8f:4e:65:14:07:aa:1a:12:44:ea:3f:9d:
d1:c4:30:93:55:f0:95:95:12:c6:de:76:e2:58:2e:37:55:f4:
25:d9:8f:79:d2:50:98:50:4c:65:06:37:61:c0:ec:ae:20:ed:
b7:8b:9a:29:d6:6a:d5:29:6f:fa:09:fc:c3:f2:5f:f7:60:ec:
46:4b:24:c8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwVpAvK7mj6fHq1W9CMo9JXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjMxMTI4MTExNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBmMjliNDZjNTIxZTY0YjYyNWIwZWYxNGMyMjNlYTI5NjdmZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocyOqqNJE+Ce+oR5+IvyIUwSaIy6
X44CpW6diyZR33ns1HnMlb8tqjkL/Jw0ERfcQ5CzIB3nIWJkt5bl0nMxxqXNwaaH
VBBmhloIsUPOYNBBAnCAy5kCRDY0zOazrS5nr6ne6ycVgZQPqJ4M6J8oXWf5KumP
Nvl+BTyMPlppRYWXpdqXYlmEVXM7b3qjZbhvbQjMrANcOMo5nXdQf+rCqafKPeqQ
Gxt/7Ptb1q0LfY07SdyFJWLsgWpf+it1L6lWP+uHlqPwd4BJKLmkD/tH50+bjMi4
qNGimMIdIHBc4VKf14UY6DwJMS0rO30TCEK2MqCi1HoPCQF0bFNokjREwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDkPKbRsUh5ktiWw7xTCI+opZ//iMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvT1E4cHRHeFNIbVMySmJEdkZNSWo2aWxuXy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFoxzAN
BgkqhkiG9w0BAQsFAAOCAQEAA3wIIBIgf3ui35KgIXFJvHA37FH2U7hhI1MKibdU
KTcbKOVF9WrDvKJ86nzAiZXGAVNPNb6fGYG+FIhRzI6D29plM/Gb1M7SLx2NeZmc
gzviSZ9yDfU7+notEwdQK2G4fV5k2bibb0EPHsBh/W8/Qx+8uI4PObB3f/o4/kTn
fF2QbrMP/ZeFBZ0AKd86Unp1QyKyyTJns+9sRS55wq05Mm+U1ScR5UiK5ARnl82q
cG6HlXkF7aODUwDPj05lFAeqGhJE6j+d0cQwk1XwlZUSxt524lguN1X0JdmPedJQ
mFBMZQY3YcDsriDtt4uaKdZq1Slv+gn8w/Jf92DsRkskyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:14 2024 by rpki-client on console-ams.rpki-client.org