Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oCy3W4-zG_ZoCfrebaDIXEGLsvQ.roa
File: oCy3W4-zG_ZoCfrebaDIXEGLsvQ.roa (raw, json)
Hash identifier: diT4gC1XP/YkJkVByNKqWo+9ZIFkewSmzKfrsR2DEWQ=
Subject key identifier: A0:2C:B7:5B:8F:B3:1B:F6:68:09:FA:DE:6D:A0:C8:5C:41:8B:B2:F4
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC5015305E6281664F9B80F14C95B455E
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oCy3W4-zG_ZoCfrebaDIXEGLsvQ.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a10:2ec0::/29 maxlen: 36
2a0c:ab00::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 09 Apr 2024 14:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:53:05:e6:28:16:64:f9:b8:0f:14:c9:5b:45:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a02cb75b8fb31bf66809fade6da0c85c418bb2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ce:18:5b:84:c1:70:ef:11:e1:80:5e:ff:04:
0d:65:1a:bc:86:53:ca:a1:c1:d5:83:c0:2d:19:e9:
aa:d2:29:42:ed:66:69:21:71:3a:5c:d3:89:aa:15:
0a:38:0f:79:78:51:d8:df:4e:8b:c4:e8:8d:9c:d1:
7d:f6:6c:21:03:ad:98:dc:21:c2:bf:31:50:7e:b2:
2a:89:42:de:bf:e6:2b:51:67:c0:53:b0:1a:aa:f3:
9e:5c:51:e7:c5:e5:ce:85:06:bf:ad:77:94:d3:4d:
f5:20:8f:6b:ce:e2:9b:45:52:17:ad:5b:37:07:d6:
05:f3:c9:19:8c:47:69:51:37:5e:4c:e9:7e:8d:af:
d9:20:1e:39:a9:7c:58:8e:de:18:17:6c:0a:aa:e3:
55:51:3f:3c:cb:84:6d:ae:42:78:8b:e0:4f:a5:5e:
4a:d2:74:fe:4b:84:17:57:89:32:4f:a4:b2:da:3a:
ef:89:a7:4a:c0:89:73:6b:7a:d6:4e:fa:8d:62:af:
22:66:37:1b:16:89:a8:ee:77:bb:2f:bd:42:1e:5c:
be:2f:de:b2:b4:30:2f:69:6b:fc:4a:30:55:05:ed:
24:fc:ac:7e:89:25:98:2a:15:c6:3b:cb:36:c8:8f:
95:4d:e8:de:ab:a8:c0:34:31:af:00:94:d9:86:a9:
ec:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2C:B7:5B:8F:B3:1B:F6:68:09:FA:DE:6D:A0:C8:5C:41:8B:B2:F4
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oCy3W4-zG_ZoCfrebaDIXEGLsvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:ab00::/29
2a10:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:18:1d:80:7b:d1:a8:22:6e:08:3e:de:cc:ae:c6:51:ea:68:
4e:e0:c4:19:f1:50:df:82:06:a2:dd:b2:af:bf:6b:fe:1e:81:
8f:99:2c:7e:23:c4:31:06:fc:5e:ad:ab:09:32:e8:d9:5d:ea:
eb:84:81:a9:9b:49:92:ab:c0:48:3f:ed:ca:c5:bd:eb:a2:75:
40:ab:79:5f:a4:57:4f:1b:ee:1a:b5:6f:9f:0c:81:a6:55:d6:
8e:dd:a3:0f:dc:d8:34:cc:a0:1a:2c:38:9c:29:b5:ca:44:67:
91:fe:4c:c9:63:8d:ed:c7:d8:35:d6:6b:87:35:07:9f:de:83:
0a:84:d9:a2:93:ab:40:f0:ef:6c:ce:8f:d4:05:a4:68:6a:d1:
f5:1b:79:10:b9:6b:12:d7:87:49:cc:06:12:4a:28:6b:6a:6e:
b6:61:05:e7:fa:26:db:0e:fc:36:a5:b7:50:38:9a:d6:3a:c7:
e3:7f:c1:71:dd:70:30:3f:18:48:8b:fd:e9:6b:63:bf:52:22:
1c:8b:42:50:3a:19:a0:bc:9a:e3:0b:7c:18:1c:9a:e9:22:9f:
de:d1:e0:6a:af:a9:83:07:d2:ec:65:03:37:c3:13:cf:09:7e:
93:4c:61:48:c2:85:eb:19:5a:7c:09:15:62:00:6b:4d:ee:73:
ed:e7:00:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFAVMF5igWZPm4DxTJW0VeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJjYjc1YjhmYjMxYmY2NjgwOWZhZGU2ZGEwYzg1YzQxOGJiMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg84YW4TBcO8R4YBe/wQNZRq8hlPK
ocHVg8AtGemq0ilC7WZpIXE6XNOJqhUKOA95eFHY306LxOiNnNF99mwhA62Y3CHC
vzFQfrIqiULev+YrUWfAU7AaqvOeXFHnxeXOhQa/rXeU0031II9rzuKbRVIXrVs3
B9YF88kZjEdpUTdeTOl+ja/ZIB45qXxYjt4YF2wKquNVUT88y4RtrkJ4i+BPpV5K
0nT+S4QXV4kyT6Sy2jrviadKwIlza3rWTvqNYq8iZjcbFomo7ne7L71CHly+L96y
tDAvaWv8SjBVBe0k/Kx+iSWYKhXGO8s2yI+VTejeq6jANDGvAJTZhqnsYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKAst1uPsxv2aAn63m2gyFxBi7L0MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvb0N5M1c0LXpHX1pvQ2ZyZWJhRElYRUdMc3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgyrAAMF
AyoQLsAwDQYJKoZIhvcNAQELBQADggEBAC4YHYB70agibgg+3syuxlHqaE7gxBnx
UN+CBqLdsq+/a/4egY+ZLH4jxDEG/F6tqwky6Nld6uuEgambSZKrwEg/7crFveui
dUCreV+kV08b7hq1b58MgaZV1o7dow/c2DTMoBosOJwptcpEZ5H+TMljje3H2DXW
a4c1B5/egwqE2aKTq0Dw72zOj9QFpGhq0fUbeRC5axLXh0nMBhJKKGtqbrZhBef6
JtsO/Dalt1A4mtY6x+N/wXHdcDA/GEiL/elrY79SIhyLQlA6GaC8muMLfBgcmuki
n97R4GqvqYMH0uxlAzfDE88JfpNMYUjChesZWnwJFWIAa03uc+3nAKM=
-----END CERTIFICATE-----
Generated at Tue Apr 9 18:16:47 2024 by rpki-client on console-ams.rpki-client.org