Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3le2XdjpyEALBKeEctqrflfbBIM.roa
File: 3le2XdjpyEALBKeEctqrflfbBIM.roa (raw, json)
Hash identifier: 2e0B0L0M2xN3ESkr6eM9s7FWrcZkZrv9KqWU7WFUbSs=
Subject key identifier: DE:57:B6:5D:D8:E9:C8:40:0B:04:A7:84:72:DA:AB:7E:57:DB:04:83
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185E43CE2AECB5192807CB50FB113398847
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3le2XdjpyEALBKeEctqrflfbBIM.roa
Signing time: Tue 24 Jan 2023 14:44:33 +0000
ROA not before: Tue 24 Jan 2023 14:44:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200153
IP address blocks: 2a0c:b641:930::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:3c:e2:ae:cb:51:92:80:7c:b5:0f:b1:13:39:88:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 24 14:44:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de57b65dd8e9c8400b04a78472daab7e57db0483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f7:c6:ec:a9:ae:ae:0a:7b:03:d0:27:70:e7:
06:f7:65:3c:0c:ae:29:b5:fa:2a:94:bd:dd:66:22:
36:19:23:ff:a5:b3:ca:bd:ff:8a:61:a4:27:5d:2b:
5f:5c:6c:3c:08:0d:f1:fc:c3:29:75:77:3a:5f:e1:
97:19:5b:f3:3e:79:6e:28:42:13:5c:c1:1a:00:d0:
21:7b:6c:b8:2c:fa:39:cf:b4:aa:87:47:d6:de:3b:
bb:fb:64:88:23:ae:31:f7:2a:d5:1b:1c:f2:c4:e2:
23:31:83:ef:98:64:b2:c3:60:5d:be:63:3e:cf:b9:
9a:59:f7:da:85:79:b6:99:24:39:a5:1e:ae:2f:db:
34:b9:b2:e9:80:53:2e:3e:9f:8e:89:12:4a:e6:c3:
b8:66:74:4d:c5:2e:c0:29:a0:46:a9:9e:cc:a9:f4:
77:eb:0c:43:16:3d:79:6d:36:24:04:7b:84:7f:e4:
66:91:43:33:12:16:b0:74:02:b4:ab:26:28:78:08:
1a:6b:14:47:e3:8b:ba:8f:37:b3:c9:81:34:93:3a:
27:fc:29:7e:73:21:d1:b2:f7:b8:ca:be:74:99:c2:
42:54:d7:2b:8a:76:13:21:0f:01:3d:62:5b:e2:4d:
62:c2:7e:a7:dd:30:75:0c:c7:32:05:9c:88:5d:57:
47:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:57:B6:5D:D8:E9:C8:40:0B:04:A7:84:72:DA:AB:7E:57:DB:04:83
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3le2XdjpyEALBKeEctqrflfbBIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:930::/44
Signature Algorithm: sha256WithRSAEncryption
87:74:4d:11:31:79:3f:48:d6:65:e3:20:8f:c4:af:4a:4d:9a:
04:9c:1a:6e:86:fe:d0:50:d6:9c:50:02:1f:19:b6:98:32:51:
38:f0:91:4d:c2:a1:b9:b9:a0:c9:4d:95:1a:ee:51:17:e4:f2:
52:b0:20:06:a7:e4:86:56:1b:10:84:fd:15:59:91:cb:c8:4b:
52:ba:da:c8:3b:a9:ff:9a:34:36:4a:52:b3:94:15:e6:05:93:
70:09:8a:f1:6d:7f:86:fa:18:32:dd:63:39:47:fa:f6:c4:5c:
7e:ab:f6:df:73:7b:31:f1:ab:30:b1:f4:57:89:b5:4c:f8:90:
dc:9d:83:2d:78:7b:c1:a3:85:2f:b9:62:6a:25:46:15:90:26:
81:d7:aa:3f:fa:c7:08:06:fe:d9:32:6f:26:fd:7c:65:ce:c0:
2e:b2:e1:ab:a6:f4:41:23:9a:a8:dc:d9:2c:ee:52:5f:75:92:
bc:04:32:d2:ab:ad:06:66:e8:72:7d:9b:f4:69:7d:be:45:e7:
78:2b:f3:e7:95:4f:2d:c5:bf:3b:72:d9:6e:4c:a8:a9:03:fb:
02:f3:e5:81:48:93:95:b4:37:76:df:36:16:d4:34:62:b1:f9:
ea:80:f7:15:83:a5:e5:e3:67:7d:7a:9a:05:f3:72:9e:fd:c1:
6f:b9:d8:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkPOKuy1GSgHy1D7ETOYhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTI0MTQ0NDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU3YjY1ZGQ4ZTljODQwMGIwNGE3ODQ3MmRhYWI3ZTU3ZGIwNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vfG7Kmurgp7A9AncOcG92U8DK4p
tfoqlL3dZiI2GSP/pbPKvf+KYaQnXStfXGw8CA3x/MMpdXc6X+GXGVvzPnluKEIT
XMEaANAhe2y4LPo5z7Sqh0fW3ju7+2SII64x9yrVGxzyxOIjMYPvmGSyw2BdvmM+
z7maWffahXm2mSQ5pR6uL9s0ubLpgFMuPp+OiRJK5sO4ZnRNxS7AKaBGqZ7MqfR3
6wxDFj15bTYkBHuEf+RmkUMzEhawdAK0qyYoeAgaaxRH44u6jzezyYE0kzon/Cl+
cyHRsve4yr50mcJCVNcrinYTIQ8BPWJb4k1iwn6n3TB1DMcyBZyIXVdHJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5Xtl3Y6chACwSnhHLaq35X2wSDMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM2xlMlhkanB5RUFMQktlRWN0cXJmbGZiQklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQkw
MA0GCSqGSIb3DQEBCwUAA4IBAQCHdE0RMXk/SNZl4yCPxK9KTZoEnBpuhv7QUNac
UAIfGbaYMlE48JFNwqG5uaDJTZUa7lEX5PJSsCAGp+SGVhsQhP0VWZHLyEtSutrI
O6n/mjQ2SlKzlBXmBZNwCYrxbX+G+hgy3WM5R/r2xFx+q/bfc3sx8aswsfRXibVM
+JDcnYMteHvBo4UvuWJqJUYVkCaB16o/+scIBv7ZMm8m/XxlzsAusuGrpvRBI5qo
3Nks7lJfdZK8BDLSq60GZuhyfZv0aX2+Red4K/PnlU8txb87ctluTKipA/sC8+WB
SJOVtDd23zYW1DRisfnqgPcVg6Xl42d9epoF83Ke/cFvudiq
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:06 2024 by rpki-client on console-fra.rpki-client.org