Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa
File: 0L5IfAUjHf2AbazGAaeuQQnct1k.roa (raw, json)
Hash identifier: HCHCrPPahGnzbLdXujj7UjVyDtgoHhcuWQNXKkdKHi4=
Subject key identifier: D0:BE:48:7C:05:23:1D:FD:80:6D:AC:C6:01:A7:AE:41:09:DC:B7:59
Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial: 018DEC09982746C975FB3022F900C1AE37A2
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa
Signing time: Tue 27 Feb 2024 19:27:48 +0000
ROA not before: Tue 27 Feb 2024 19:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216463
IP address blocks: 2a02:f680::/29 maxlen: 29
2a02:f680::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Mar 2024 03:09:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:09:98:27:46:c9:75:fb:30:22:f9:00:c1:ae:37:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
Validity
Not Before: Feb 27 19:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0be487c05231dfd806dacc601a7ae4109dcb759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:88:88:98:40:c0:2b:11:e5:b7:62:fd:3b:7a:
2f:9c:4b:02:6c:57:0c:4c:46:bb:33:4c:78:db:75:
c2:b5:8c:87:1f:12:58:c3:b8:c2:d1:4c:bd:05:f8:
f4:c0:5c:85:f6:ee:31:10:38:7f:29:f4:6b:c6:39:
4e:4a:46:8f:81:cc:50:3c:52:af:bf:e4:c6:f1:a4:
67:e1:c4:3c:36:08:d5:da:46:42:7a:b8:f3:6e:28:
5a:1a:25:9b:85:b7:71:63:65:fe:75:1c:c5:a3:90:
ab:72:9c:dc:d7:0a:cc:ae:41:ee:cb:b0:1b:a4:71:
1f:d2:df:87:d5:f7:59:88:fb:bd:39:c5:3e:d6:db:
c9:5d:95:7a:3b:05:4a:30:42:20:e1:e8:53:0d:1a:
84:c4:08:ea:c0:11:f0:a9:55:1a:46:0d:13:71:f1:
36:1f:f1:77:60:9a:fb:02:5b:01:98:27:e7:0f:1e:
fa:d7:4c:ee:92:e9:b0:2b:37:5d:e5:a9:97:c5:51:
7e:85:eb:27:be:20:d8:8f:0a:a1:07:0f:c1:a2:20:
a9:62:b2:87:55:c8:59:44:4a:fe:a9:06:24:a6:3e:
30:0f:0f:3a:be:32:9e:c7:c7:cb:27:f4:5f:5e:ad:
4a:a9:90:13:ac:17:6b:b9:f1:32:7b:1c:fa:3e:6c:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BE:48:7C:05:23:1D:FD:80:6D:AC:C6:01:A7:AE:41:09:DC:B7:59
X509v3 Authority Key Identifier:
keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/0L5IfAUjHf2AbazGAaeuQQnct1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f680::/29
Signature Algorithm: sha256WithRSAEncryption
1a:82:0d:7d:1c:77:de:ac:81:90:de:a4:fd:55:d8:ab:90:d6:
10:5b:5f:cb:29:af:c8:e7:09:50:d2:1b:f7:f2:68:7e:f8:4d:
5d:16:df:34:c1:e1:94:28:b0:a2:89:0c:79:56:a3:d9:b1:e9:
c9:2b:2e:8e:de:f3:ea:b9:a6:2d:e2:6e:17:da:6d:b1:b1:c0:
3a:99:0d:d1:7a:84:f1:f2:08:79:a8:2e:30:c8:47:cd:57:4f:
16:79:ce:f2:b4:2c:6a:10:a1:04:b4:b5:74:d8:be:75:bc:47:
97:81:29:0a:6d:6d:0a:6d:49:9f:3a:70:5b:3a:0b:e2:bc:33:
71:4e:e7:20:5b:39:82:b0:cc:fc:80:41:7d:5e:dc:31:53:b1:
07:05:2a:4e:24:b1:aa:73:c0:0b:f2:07:b3:12:1f:d4:ff:d4:
6b:88:6d:ae:aa:a4:17:20:71:5c:aa:cc:6e:bf:0f:e4:f9:50:
5a:f0:f4:75:a8:17:02:a5:e9:de:c7:d3:ef:be:52:ab:cb:12:
77:59:ba:d7:12:80:67:14:32:c0:4b:da:ba:5e:dd:fe:8b:2b:
41:49:9d:c5:23:1a:19:8a:33:42:e5:af:36:4b:b3:af:8a:10:
01:e1:30:bd:be:81:eb:ba:b5:c9:ef:30:27:6c:4a:c9:4a:35:
ea:94:e8:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3sCZgnRsl1+zAi+QDBrjeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjQwMjI3MTkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJlNDg3YzA1MjMxZGZkODA2ZGFjYzYwMWE3YWU0MTA5ZGNiNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloiImEDAKxHlt2L9O3ovnEsCbFcM
TEa7M0x423XCtYyHHxJYw7jC0Uy9Bfj0wFyF9u4xEDh/KfRrxjlOSkaPgcxQPFKv
v+TG8aRn4cQ8NgjV2kZCerjzbihaGiWbhbdxY2X+dRzFo5Crcpzc1wrMrkHuy7Ab
pHEf0t+H1fdZiPu9OcU+1tvJXZV6OwVKMEIg4ehTDRqExAjqwBHwqVUaRg0TcfE2
H/F3YJr7AlsBmCfnDx7610zukumwKzdd5amXxVF+hesnviDYjwqhBw/BoiCpYrKH
VchZREr+qQYkpj4wDw86vjKex8fLJ/RfXq1KqZATrBdrufEyexz6PmwBvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNC+SHwFIx39gG2sxgGnrkEJ3LdZMB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEvMEw1SWZBVWpIZjJBYmF6R0FhZXVRUW5jdDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgL2gDAN
BgkqhkiG9w0BAQsFAAOCAQEAGoINfRx33qyBkN6k/VXYq5DWEFtfyymvyOcJUNIb
9/JofvhNXRbfNMHhlCiwookMeVaj2bHpySsujt7z6rmmLeJuF9ptsbHAOpkN0XqE
8fIIeaguMMhHzVdPFnnO8rQsahChBLS1dNi+dbxHl4EpCm1tCm1JnzpwWzoL4rwz
cU7nIFs5grDM/IBBfV7cMVOxBwUqTiSxqnPAC/IHsxIf1P/Ua4htrqqkFyBxXKrM
br8P5PlQWvD0dagXAqXp3sfT775Sq8sSd1m61xKAZxQywEvaul7d/osrQUmdxSMa
GYozQuWvNkuzr4oQAeEwvb6B67q1ye8wJ2xKyUo16pTo5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:40 2024 by rpki-client on console-fra.rpki-client.org