Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2jPXUyP3anqaNRjk8zLPoYCum3s.roa
File: 2jPXUyP3anqaNRjk8zLPoYCum3s.roa (raw, json)
Hash identifier: aX+xIAcyjVpFO0Wnc/fUKjHzC9RGBlOOp1Mgfjdnk+8=
Subject key identifier: DA:33:D7:53:23:F7:6A:7A:9A:35:18:E4:F3:32:CF:A1:80:AE:9B:7B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E8EB198E490CDF11CBE17F00DF645
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2jPXUyP3anqaNRjk8zLPoYCum3s.roa
Signing time: Mon 02 Jan 2023 06:15:05 +0000
ROA not before: Mon 02 Jan 2023 06:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212740
IP address blocks: 2a0c:b641:4d0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:8e:b1:98:e4:90:cd:f1:1c:be:17:f0:0d:f6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da33d75323f76a7a9a3518e4f332cfa180ae9b7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:ba:56:53:a6:6d:5e:df:f2:08:24:56:8f:
74:54:f6:db:04:19:32:a6:cf:9a:bf:ee:77:50:4d:
08:75:8f:95:a4:b2:87:d2:a4:0a:17:56:34:4d:98:
0b:44:7c:51:4c:c8:ce:28:7d:55:07:36:8c:5d:fa:
83:22:fc:5c:9b:56:ba:9a:fb:b1:8f:83:3b:cc:0c:
02:5e:eb:35:00:ef:33:7c:56:56:cb:77:3e:58:e7:
0e:96:07:ac:8d:a4:59:10:ad:69:1c:ab:a6:ca:ae:
53:b4:b2:b9:71:df:d2:49:2d:ff:72:20:6f:95:57:
01:48:cb:47:06:d4:f7:61:5a:c9:0b:05:d3:aa:8a:
a4:e4:39:07:63:6c:3a:df:a0:a8:ae:87:9d:ef:b8:
e5:d3:0c:6e:a4:b2:1e:04:57:1f:9b:36:dc:38:bf:
68:a5:67:1f:e5:a5:88:82:f1:2e:b8:c2:95:22:bd:
d5:97:b9:fc:f8:99:13:c0:c3:9f:cd:9c:74:d6:35:
51:0a:31:fa:10:49:5c:bf:21:71:ae:3a:c2:1c:ad:
c6:82:a0:76:69:4e:97:e4:19:13:74:0c:25:b7:3a:
1b:b0:57:5b:67:86:fb:28:66:fd:0d:24:74:ee:81:
fc:a9:1d:8b:2b:99:5e:65:5a:3f:91:39:a5:48:fa:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:33:D7:53:23:F7:6A:7A:9A:35:18:E4:F3:32:CF:A1:80:AE:9B:7B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2jPXUyP3anqaNRjk8zLPoYCum3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:4d0::/44
Signature Algorithm: sha256WithRSAEncryption
3f:ef:09:4f:b4:79:62:7e:98:d5:49:e1:97:4e:33:c1:65:13:
e9:99:f2:b4:7f:1c:6e:f6:a8:c1:41:33:4c:1c:82:9f:d9:32:
90:b0:8f:93:9d:03:92:6e:a0:bf:12:a7:fa:d2:d8:0e:91:1e:
f5:9e:7c:3b:b6:f7:31:99:db:9e:9f:e9:ae:e9:56:4d:ce:a8:
30:66:6f:b5:0d:65:f5:08:56:7f:d1:26:61:7f:ee:f6:92:9f:
60:82:ed:8e:8f:d1:3d:8a:0b:52:6d:7e:dd:e2:85:49:36:ad:
fe:04:3f:75:24:e8:74:d2:db:cd:da:48:7f:e6:45:8e:1e:79:
ac:a3:44:4f:5a:f2:43:7b:05:50:94:db:08:11:7a:8a:47:90:
b6:46:6f:e3:a8:a3:01:9b:4d:b4:c5:00:b2:c9:e2:e6:36:ee:
10:76:9e:cc:ed:c5:f3:9f:41:53:2b:3c:7a:08:9e:f7:16:af:
37:f9:b1:9e:07:aa:d8:90:8f:af:55:18:96:98:5d:5f:a4:5d:
e8:22:1a:d5:b0:78:38:bd:ef:c3:ef:7b:c2:f5:c7:27:5d:0e:
7b:e3:cb:93:33:c7:6b:0a:e7:cb:09:25:35:b7:cd:ab:e4:0d:
55:9d:67:87:45:b1:a2:0c:0f:0c:d6:fc:23:db:a9:ae:63:f0:
32:01:40:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHo6xmOSQzfEcvhfwDfZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTMzZDc1MzIzZjc2YTdhOWEzNTE4ZTRmMzMyY2ZhMTgwYWU5YjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAa6VlOmbV7f8ggkVo90VPbbBBky
ps+av+53UE0IdY+VpLKH0qQKF1Y0TZgLRHxRTMjOKH1VBzaMXfqDIvxcm1a6mvux
j4M7zAwCXus1AO8zfFZWy3c+WOcOlgesjaRZEK1pHKumyq5TtLK5cd/SSS3/ciBv
lVcBSMtHBtT3YVrJCwXTqoqk5DkHY2w636Coroed77jl0wxupLIeBFcfmzbcOL9o
pWcf5aWIgvEuuMKVIr3Vl7n8+JkTwMOfzZx01jVRCjH6EElcvyFxrjrCHK3GgqB2
aU6X5BkTdAwltzobsFdbZ4b7KGb9DSR07oH8qR2LK5leZVo/kTmlSPoJxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNoz11Mj92p6mjUY5PMyz6GArpt7MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMmpQWFV5UDNhbnFhTlJqazh6TFBvWUN1bTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQTQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA/7wlPtHlifpjVSeGXTjPBZRPpmfK0fxxu9qjB
QTNMHIKf2TKQsI+TnQOSbqC/Eqf60tgOkR71nnw7tvcxmduen+mu6VZNzqgwZm+1
DWX1CFZ/0SZhf+72kp9ggu2Oj9E9igtSbX7d4oVJNq3+BD91JOh00tvN2kh/5kWO
Hnmso0RPWvJDewVQlNsIEXqKR5C2Rm/jqKMBm020xQCyyeLmNu4Qdp7M7cXzn0FT
Kzx6CJ73Fq83+bGeB6rYkI+vVRiWmF1fpF3oIhrVsHg4ve/D73vC9ccnXQ5748uT
M8drCufLCSU1t82r5A1VnWeHRbGiDA8M1vwj26muY/AyAUAC
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:06 2024 by rpki-client on console-fra.rpki-client.org