Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OlswBy5u1QOYx60pmnl8IuER21g.roa
File: OlswBy5u1QOYx60pmnl8IuER21g.roa (raw, json)
Hash identifier: owUha/UVOgyYxfI2Ogd5u4wGZi2HGzj9AGigxAwewfU=
Subject key identifier: 3A:5B:30:07:2E:6E:D5:03:98:C7:AD:29:9A:79:7C:22:E1:11:DB:58
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42F3203E94647C7FD708955DB55FAC
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OlswBy5u1QOYx60pmnl8IuER21g.roa
Signing time: Sun 01 Jan 2023 21:35:36 +0000
ROA not before: Sun 01 Jan 2023 21:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213045
IP address blocks: 2a0e:8f02:2000::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f3:20:3e:94:64:7c:7f:d7:08:95:5d:b5:5f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a5b30072e6ed50398c7ad299a797c22e111db58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:58:21:fd:ed:e2:34:87:c6:09:f1:30:94:b9:
cc:8e:8b:16:ce:c9:99:34:79:57:76:9f:4a:42:ff:
78:22:66:9d:1c:d3:09:a4:2d:3a:1a:50:de:96:6e:
90:3a:ca:95:18:f9:0c:72:43:9b:c8:d7:3a:47:82:
fb:dc:3c:9f:a7:dc:2d:89:58:a2:e0:90:0b:25:60:
56:63:e3:63:ec:80:66:72:15:08:af:43:05:ae:9e:
6e:83:eb:13:25:f7:2c:cc:6c:28:06:0d:30:19:9b:
7d:34:bc:08:a4:d3:07:a0:25:4c:19:76:8e:2d:15:
32:80:e3:0a:e6:0f:23:73:5b:38:44:f6:c0:f0:d6:
29:74:0b:1d:87:14:8b:6d:b3:b3:cf:d3:b9:08:8a:
fa:c5:d5:43:9f:4f:1b:3e:9e:d3:e2:da:85:53:af:
38:09:10:a7:56:37:46:e8:01:4e:90:74:63:0d:cd:
ec:c2:5c:21:07:9b:68:bd:ce:d2:c2:56:ed:d0:52:
32:37:32:ab:f8:9d:e5:6c:ed:af:5d:3b:1a:e7:fd:
dc:7f:80:99:cb:a5:84:d3:f5:dd:af:ce:da:dc:8e:
01:5d:26:d8:97:e2:51:da:e8:85:d9:24:c7:50:9c:
8c:24:cb:31:a2:69:c2:62:f4:3d:8e:35:86:c7:17:
e9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5B:30:07:2E:6E:D5:03:98:C7:AD:29:9A:79:7C:22:E1:11:DB:58
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OlswBy5u1QOYx60pmnl8IuER21g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2000::/44
Signature Algorithm: sha256WithRSAEncryption
6b:aa:25:b1:4d:c9:6d:d2:ab:24:be:eb:3e:c9:58:34:a0:fe:
62:87:57:c8:f1:13:cc:fc:3b:d8:0a:c1:50:b2:2b:6d:95:da:
a4:82:a9:45:34:85:7a:62:9e:69:ca:81:a5:2d:44:9b:ea:90:
c6:ec:fd:80:46:25:0e:ad:98:86:dc:ec:0d:4b:84:7e:73:e1:
49:77:0a:19:15:c7:14:3b:72:dc:3d:53:3e:f9:46:18:a4:2d:
c7:56:f4:72:6a:ae:36:13:3a:3f:56:14:c5:86:ee:f6:f0:7a:
70:bc:41:af:ac:84:65:a7:2f:53:3f:77:f2:7a:b2:12:bd:93:
73:61:36:5b:7a:5c:cf:07:d5:e3:f7:d7:d9:3f:9e:32:26:a7:
8f:11:cb:23:f0:02:86:80:2a:fe:24:0d:66:76:66:04:7c:fe:
49:3b:04:70:a4:fc:e5:55:e0:69:5e:69:0b:e3:a4:c2:08:84:
1d:7e:fe:24:2f:25:97:b9:4c:25:13:96:91:12:e3:32:38:dc:
f9:03:71:9c:a8:49:8d:31:b4:4d:f3:8c:f8:c1:a7:37:80:10:
b8:e5:46:37:d4:84:4b:7f:70:8f:7d:ea:12:66:2a:47:84:e8:
24:7a:eb:5b:14:78:c0:11:97:ad:25:60:02:be:11:26:c2:ca:
43:67:13:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQvMgPpRkfH/XCJVdtV+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTViMzAwNzJlNmVkNTAzOThjN2FkMjk5YTc5N2MyMmUxMTFkYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1gh/e3iNIfGCfEwlLnMjosWzsmZ
NHlXdp9KQv94ImadHNMJpC06GlDelm6QOsqVGPkMckObyNc6R4L73Dyfp9wtiVii
4JALJWBWY+Nj7IBmchUIr0MFrp5ug+sTJfcszGwoBg0wGZt9NLwIpNMHoCVMGXaO
LRUygOMK5g8jc1s4RPbA8NYpdAsdhxSLbbOzz9O5CIr6xdVDn08bPp7T4tqFU684
CRCnVjdG6AFOkHRjDc3swlwhB5tovc7Swlbt0FIyNzKr+J3lbO2vXTsa5/3cf4CZ
y6WE0/Xdr87a3I4BXSbYl+JR2uiF2STHUJyMJMsxomnCYvQ9jjWGxxfp3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDpbMAcubtUDmMetKZp5fCLhEdtYMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvT2xzd0J5NXUxUU9ZeDYwcG1ubDhJdUVSMjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBrqiWxTclt0qskvus+yVg0oP5ih1fI8RPM/DvY
CsFQsittldqkgqlFNIV6Yp5pyoGlLUSb6pDG7P2ARiUOrZiG3OwNS4R+c+FJdwoZ
FccUO3LcPVM++UYYpC3HVvRyaq42Ezo/VhTFhu728HpwvEGvrIRlpy9TP3fyerIS
vZNzYTZbelzPB9Xj99fZP54yJqePEcsj8AKGgCr+JA1mdmYEfP5JOwRwpPzlVeBp
XmkL46TCCIQdfv4kLyWXuUwlE5aREuMyONz5A3GcqEmNMbRN84z4wac3gBC45UY3
1IRLf3CPfeoSZipHhOgkeutbFHjAEZetJWACvhEmwspDZxPv
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org