Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/oxq5JE_JlwXkk33QRqycKv0gDGg.roa
File: oxq5JE_JlwXkk33QRqycKv0gDGg.roa (raw, json)
Hash identifier: 8gp2rSbveUHysQuRqkPFVKkldEkwNTt+48EpRjbH/6w=
Subject key identifier: A3:1A:B9:24:4F:C9:97:05:E4:93:7D:D0:46:AC:9C:2A:FD:20:0C:68
Certificate issuer: /CN=a38b176a7d92e501eedaef6c60e8ce3a68d75224
Certificate serial: 018CC801C620F67EE45C1D21B1C746A69C7B
Authority key identifier: A3:8B:17:6A:7D:92:E5:01:EE:DA:EF:6C:60:E8:CE:3A:68:D7:52:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4sXan2S5QHu2u9sYOjOOmjXUiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/oxq5JE_JlwXkk33QRqycKv0gDGg.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216320
IP address blocks: 2a13:1500:3b00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Oct 2024 20:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c6:20:f6:7e:e4:5c:1d:21:b1:c7:46:a6:9c:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a38b176a7d92e501eedaef6c60e8ce3a68d75224
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a31ab9244fc99705e4937dd046ac9c2afd200c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:39:0c:be:00:80:c3:40:01:f4:4e:d7:f6:b8:
62:ac:67:ba:8f:98:ec:6f:1e:12:8b:dc:49:6f:be:
c6:81:1f:e4:82:f1:87:34:7b:24:16:cd:52:6f:fc:
ac:a0:e3:4a:d8:06:bf:81:d6:f3:ea:90:2d:13:a6:
4e:5e:8c:b9:0c:b1:30:6f:b9:83:db:a2:27:dc:fd:
21:c5:c5:75:b5:34:f6:42:51:13:c6:c0:b9:45:31:
ed:3e:a0:8e:42:3a:f8:e5:2d:ae:80:ef:e6:96:59:
e1:1a:fd:0e:f6:b6:35:74:00:3e:59:13:95:7b:bd:
d6:b4:d8:05:25:78:b4:bb:36:b6:95:eb:ee:1c:78:
0d:db:48:8a:8d:df:ca:f4:e4:cb:37:ba:3b:f5:b2:
1f:9e:4b:96:f1:7c:65:b9:7c:82:b4:d0:97:81:5d:
7a:6b:b2:4e:19:ac:6a:b8:2e:94:7f:a8:b0:22:9d:
3b:92:62:84:8b:aa:77:de:26:8b:86:e4:b6:ee:e5:
3f:0e:58:37:49:bf:ae:a4:d7:4d:70:60:cf:25:4e:
d6:5e:cf:f4:b0:f0:75:3f:98:b2:e5:9f:0a:e0:fc:
49:06:cf:e8:d1:9e:b9:92:59:be:a9:95:c4:b4:a8:
21:c0:a1:4f:e1:bf:8a:6f:89:87:03:a1:3a:91:c4:
c5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1A:B9:24:4F:C9:97:05:E4:93:7D:D0:46:AC:9C:2A:FD:20:0C:68
X509v3 Authority Key Identifier:
keyid:A3:8B:17:6A:7D:92:E5:01:EE:DA:EF:6C:60:E8:CE:3A:68:D7:52:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4sXan2S5QHu2u9sYOjOOmjXUiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/oxq5JE_JlwXkk33QRqycKv0gDGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/o4sXan2S5QHu2u9sYOjOOmjXUiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1500:3b00::/40
Signature Algorithm: sha256WithRSAEncryption
7b:81:ba:53:bc:1f:bb:eb:ed:44:e5:0d:8c:d8:1f:36:77:c9:
bb:3f:c4:1b:7d:68:76:de:c1:79:48:21:03:ed:45:8b:d0:16:
57:ab:44:fa:f7:36:72:62:e2:0a:7c:0e:a1:f5:5e:00:75:1d:
c9:f8:b4:88:45:d7:03:45:50:12:8e:0c:2b:c9:72:b3:b3:4b:
2c:94:84:20:10:08:fe:cf:33:54:b5:bd:b8:7f:67:de:36:d7:
5f:54:96:4c:90:c3:30:bb:9b:fa:5f:c6:95:fe:f4:48:43:7e:
55:a9:55:76:36:96:53:e1:c3:72:28:7e:f2:e1:2a:c0:4c:10:
18:63:20:93:b6:55:de:13:93:c1:78:82:39:4b:f1:ed:90:8d:
c3:39:a7:29:c2:43:96:9a:66:fc:ab:dc:4d:a0:17:00:fe:15:
0a:c0:1f:d3:f2:54:4a:b7:6d:7b:f4:ca:8f:bf:8b:90:ed:64:
7b:ad:eb:50:0c:4d:b6:5e:92:a9:6c:d8:d8:5a:2f:9e:05:19:
74:58:fd:f9:d7:63:a5:db:12:9c:aa:8a:38:6b:64:b0:db:1b:
29:13:a4:e5:0b:a5:dd:93:81:95:9b:d5:f1:25:0a:29:90:36:
d1:9d:ca:80:c8:e5:35:a3:71:c0:13:4b:e5:b2:cf:c9:08:bd:
15:65:27:d0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAcYg9n7kXB0hscdGppx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOGIxNzZhN2Q5MmU1MDFlZWRhZWY2YzYwZThjZTNhNjhk
NzUyMjQwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFhYjkyNDRmYzk5NzA1ZTQ5MzdkZDA0NmFjOWMyYWZkMjAwYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTkMvgCAw0AB9E7X9rhirGe6j5js
bx4Si9xJb77GgR/kgvGHNHskFs1Sb/ysoONK2Aa/gdbz6pAtE6ZOXoy5DLEwb7mD
26In3P0hxcV1tTT2QlETxsC5RTHtPqCOQjr45S2ugO/mllnhGv0O9rY1dAA+WROV
e73WtNgFJXi0uza2levuHHgN20iKjd/K9OTLN7o79bIfnkuW8XxluXyCtNCXgV16
a7JOGaxquC6Uf6iwIp07kmKEi6p33iaLhuS27uU/Dlg3Sb+upNdNcGDPJU7WXs/0
sPB1P5iy5Z8K4PxJBs/o0Z65klm+qZXEtKghwKFP4b+Kb4mHA6E6kcTFcQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKMauSRPyZcF5JN90EasnCr9IAxoMB8GA1UdIwQY
MBaAFKOLF2p9kuUB7trvbGDozjpo11IkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRzWGFuMlM1UUh1MnU5c1lPak9PbWpYVWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84MTAwZGItNDQzYS00YzdlLWJiZTIt
ZWZlNzljMjU0ZTI1LzEvb3hxNUpFX0psd1hrazMzUVJxeWNLdjBnREdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84MTAwZGItNDQzYS00YzdlLWJiZTItZWZlNzljMjU0ZTI1
LzEvbzRzWGFuMlM1UUh1MnU5c1lPak9PbWpYVWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhMVADsw
DQYJKoZIhvcNAQELBQADggEBAHuBulO8H7vr7UTlDYzYHzZ3ybs/xBt9aHbewXlI
IQPtRYvQFlerRPr3NnJi4gp8DqH1XgB1Hcn4tIhF1wNFUBKODCvJcrOzSyyUhCAQ
CP7PM1S1vbh/Z942119UlkyQwzC7m/pfxpX+9EhDflWpVXY2llPhw3IofvLhKsBM
EBhjIJO2Vd4Tk8F4gjlL8e2QjcM5pynCQ5aaZvyr3E2gFwD+FQrAH9PyVEq3bXv0
yo+/i5DtZHut61AMTbZekqls2NhaL54FGXRY/fnXY6XbEpyqijhrZLDbGykTpOUL
pd2TgZWb1fElCimQNtGdyoDI5TWjccATS+Wyz8kIvRVlJ9A=
-----END CERTIFICATE-----
Generated at Thu Oct 10 22:40:03 2024 by rpki-client on console-fra.rpki-client.org