Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/OEn3zmPrnhhh7V5e05BJXl7yg2s.roa
File: OEn3zmPrnhhh7V5e05BJXl7yg2s.roa (raw, json)
Hash identifier: ku7LeTkfqUkVYESSxxTmSf50t5kZCJ3uzvmHl222mc4=
Subject key identifier: 38:49:F7:CE:63:EB:9E:18:61:ED:5E:5E:D3:90:49:5E:5E:F2:83:6B
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 0185718309B6ED0E961D0836A3B9DE0D4F8E
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/OEn3zmPrnhhh7V5e05BJXl7yg2s.roa
Signing time: Mon 02 Jan 2023 08:04:50 +0000
ROA not before: Mon 02 Jan 2023 08:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1271
IP address blocks: 2a07:b980:480f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:09:b6:ed:0e:96:1d:08:36:a3:b9:de:0d:4f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jan 2 08:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3849f7ce63eb9e1861ed5e5ed390495e5ef2836b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:bf:77:cb:d2:1a:57:75:16:57:be:01:49:
94:a5:79:d2:27:b2:45:64:cf:35:23:ee:b4:cb:72:
c9:ce:ad:d2:d9:d1:6a:0e:c7:71:8e:21:50:3e:80:
71:7b:61:57:96:62:31:d4:47:0f:57:59:36:3c:4e:
d2:91:65:83:66:1b:44:97:a2:ae:81:ff:ef:09:16:
9f:42:c5:11:82:01:9d:d2:63:2e:93:a2:3e:17:39:
b1:39:3f:3f:95:a9:11:0c:c0:ad:b1:82:dd:27:50:
53:a8:a5:11:02:cf:f7:70:46:e4:fb:5b:62:a9:24:
f7:b0:e9:f9:a3:73:f7:b8:e8:6f:93:5a:b0:0f:81:
d3:f8:3d:56:db:82:5e:ad:7d:6e:31:42:17:c5:9c:
c7:b2:e9:0e:26:d9:b3:47:82:9a:5d:0b:54:f0:9a:
a6:d9:49:21:fc:22:26:52:21:7b:1a:f1:73:f5:1c:
82:a7:0e:f2:6b:72:1f:ce:46:50:e1:88:85:9f:76:
1e:42:42:c6:24:87:e3:60:da:7a:c9:5b:c2:e3:32:
ca:a9:ce:9a:6e:3d:69:1d:b3:bf:6e:1e:b5:38:a7:
32:78:74:25:60:af:61:12:80:db:6b:7c:87:eb:6d:
af:55:de:39:23:ae:31:48:85:e3:c1:62:55:1c:38:
bd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:49:F7:CE:63:EB:9E:18:61:ED:5E:5E:D3:90:49:5E:5E:F2:83:6B
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/OEn3zmPrnhhh7V5e05BJXl7yg2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:b980:480f::/48
Signature Algorithm: sha256WithRSAEncryption
5d:fd:d7:e7:b0:ac:c6:d7:06:43:f6:f6:2c:5f:fd:a7:ba:a8:
8a:e9:3d:df:9a:ff:b0:34:ab:ce:8e:b4:97:e1:f2:d4:66:06:
cc:88:5b:68:72:0a:df:bc:2c:bb:3f:bc:c4:17:e2:79:22:b2:
10:ec:1a:83:c1:15:a1:3d:22:9c:d2:a1:86:23:61:a8:2d:9e:
f7:69:2c:69:86:be:ed:d1:fa:97:98:73:f5:64:d4:cc:f0:2e:
c9:75:a9:58:c3:89:f4:a3:cb:cd:59:2e:06:6a:06:2a:5a:c8:
a1:4d:2c:88:9e:af:c3:ac:aa:9e:e1:97:da:db:3c:ad:88:a8:
d0:87:a5:1f:c1:f6:58:53:a2:15:38:95:88:46:01:97:fe:e9:
33:d6:8d:e9:d2:0e:1f:8e:ff:67:bb:6a:8c:1a:19:21:7a:ad:
12:0e:65:8d:95:cc:20:43:bd:23:4c:78:bf:c8:c6:3e:80:d4:
9b:1a:15:83:42:79:e6:bb:c0:d6:c3:24:76:9a:7a:91:4c:8f:
e6:08:f4:6b:b4:ce:22:18:7f:56:8a:79:bc:1f:30:b7:c1:8e:
a2:1a:4a:e9:33:15:50:25:fb:f0:d9:23:b8:95:a0:49:0f:6e:
73:02:fe:53:a8:34:67:77:2a:19:b9:0d:d8:62:a5:a1:33:41:
49:7f:ea:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxgwm27Q6WHQg2o7neDU+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjMwMTAyMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQ5ZjdjZTYzZWI5ZTE4NjFlZDVlNWVkMzkwNDk1ZTVlZjI4MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf6/d8vSGld1Fle+AUmUpXnSJ7JF
ZM81I+60y3LJzq3S2dFqDsdxjiFQPoBxe2FXlmIx1EcPV1k2PE7SkWWDZhtEl6Ku
gf/vCRafQsURggGd0mMuk6I+FzmxOT8/lakRDMCtsYLdJ1BTqKURAs/3cEbk+1ti
qST3sOn5o3P3uOhvk1qwD4HT+D1W24JerX1uMUIXxZzHsukOJtmzR4KaXQtU8Jqm
2Ukh/CImUiF7GvFz9RyCpw7ya3IfzkZQ4YiFn3YeQkLGJIfjYNp6yVvC4zLKqc6a
bj1pHbO/bh61OKcyeHQlYK9hEoDba3yH622vVd45I64xSIXjwWJVHDi9awIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDhJ985j654YYe1eXtOQSV5e8oNrMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvT0VuM3ptUHJuaGhoN1Y1ZTA1QkpYbDd5ZzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKge5gEgP
MA0GCSqGSIb3DQEBCwUAA4IBAQBd/dfnsKzG1wZD9vYsX/2nuqiK6T3fmv+wNKvO
jrSX4fLUZgbMiFtocgrfvCy7P7zEF+J5IrIQ7BqDwRWhPSKc0qGGI2GoLZ73aSxp
hr7t0fqXmHP1ZNTM8C7JdalYw4n0o8vNWS4GagYqWsihTSyInq/DrKqe4Zfa2zyt
iKjQh6UfwfZYU6IVOJWIRgGX/ukz1o3p0g4fjv9nu2qMGhkheq0SDmWNlcwgQ70j
THi/yMY+gNSbGhWDQnnmu8DWwyR2mnqRTI/mCPRrtM4iGH9Winm8HzC3wY6iGkrp
MxVQJfvw2SO4laBJD25zAv5TqDRndyoZuQ3YYqWhM0FJf+o/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:15 2024 by rpki-client on console-fra.rpki-client.org