Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Lh573FcCnfFIoe_qlVXL6ST1RPA.roa
File: Lh573FcCnfFIoe_qlVXL6ST1RPA.roa (raw, json)
Hash identifier: aoHV7WihgDIM++3uvV/jksS7J7brwTcMd6srPQMsfMg=
Subject key identifier: 2E:1E:7B:DC:57:02:9D:F1:48:A1:EF:EA:95:55:CB:E9:24:F5:44:F0
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E5CBB2D0B3E8586D56AE9EEB08BDC
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Lh573FcCnfFIoe_qlVXL6ST1RPA.roa
Signing time: Mon 02 Jan 2023 06:14:53 +0000
ROA not before: Mon 02 Jan 2023 06:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207036
IP address blocks: 2a0c:b641:3d0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:5c:bb:2d:0b:3e:85:86:d5:6a:e9:ee:b0:8b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e1e7bdc57029df148a1efea9555cbe924f544f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:4e:2e:b4:7f:ef:58:6b:dc:0b:94:aa:1d:
8a:cb:fa:46:1c:f2:59:73:64:46:03:26:2f:4f:65:
49:f3:86:da:cb:dd:98:b4:19:d4:03:03:73:38:54:
e7:33:eb:e7:cd:3f:48:39:c5:d4:c0:9f:ab:44:76:
ab:34:de:98:d2:f7:8f:64:25:9c:37:e9:19:67:ec:
b0:ca:60:b9:3c:39:3e:a2:25:cd:78:a7:7a:38:0d:
a3:e0:5e:12:8b:8f:33:45:df:94:9c:6a:d0:93:24:
b5:2a:86:49:bb:01:43:19:43:c8:83:81:38:09:92:
b7:1e:c1:20:74:c1:90:b7:96:a4:9f:6a:bc:27:45:
e0:f4:19:02:54:e8:32:7c:94:2a:df:66:11:5b:7d:
9d:5a:1d:91:40:e7:19:00:6d:03:15:d6:15:d8:35:
c5:4b:83:4a:1e:6f:23:2e:6d:f8:52:fa:9d:f2:10:
99:9d:c0:bc:65:fa:75:55:e7:70:ca:d3:09:f3:44:
e9:27:c5:a1:aa:71:76:2b:9e:8a:6d:11:c1:d7:a8:
99:30:35:17:df:2e:d1:1e:50:dd:a0:71:5e:b0:e9:
73:2c:c4:7a:ad:92:73:a8:56:ec:dd:43:7d:69:4a:
3f:08:57:97:08:af:98:fd:53:07:92:0a:40:d9:7f:
e3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1E:7B:DC:57:02:9D:F1:48:A1:EF:EA:95:55:CB:E9:24:F5:44:F0
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Lh573FcCnfFIoe_qlVXL6ST1RPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:3d0::/44
Signature Algorithm: sha256WithRSAEncryption
2f:ff:6a:32:4f:b7:54:1f:3d:0a:8f:96:87:89:1d:f2:e4:18:
e6:e6:5c:ed:16:52:80:67:db:12:0f:83:64:9d:df:b6:21:89:
e8:dc:3e:45:1f:07:71:d5:6a:af:29:13:82:f4:3b:83:29:1a:
9c:5e:e6:2a:f8:c8:a1:51:8d:8c:fe:18:9e:23:d3:d1:ed:ba:
34:86:a1:8e:62:77:d4:a7:25:20:9f:76:9a:a5:ef:21:49:c8:
aa:61:33:bd:02:77:2b:03:86:1d:dc:58:91:42:7a:c4:17:81:
ae:3c:09:b2:f4:67:35:3b:db:15:de:83:39:d5:2b:ad:2c:58:
fd:56:7e:29:b1:d7:de:74:bb:42:2e:41:bc:46:89:de:e6:12:
98:c1:3e:87:bf:b2:33:ce:fe:7f:6c:c6:17:72:34:a1:a4:32:
3c:91:59:c8:46:ba:66:4d:ff:3d:2b:91:6c:c2:30:23:45:15:
7a:31:74:f6:b9:d9:d4:27:af:90:47:f7:0c:8f:4b:f4:4a:68:
ad:c9:04:f1:b9:50:91:8f:2e:fb:11:0f:45:62:fe:c6:d2:01:
3f:9c:d3:45:08:56:ee:b9:0e:1f:fb:f3:ae:be:7f:3d:43:f4:
52:34:42:f6:04:af:db:2a:ab:19:57:cc:99:14:fa:2d:93:66:
13:9b:fb:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHly7LQs+hYbVaunusIvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFlN2JkYzU3MDI5ZGYxNDhhMWVmZWE5NTU1Y2JlOTI0ZjU0NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWVOLrR/71hr3AuUqh2Ky/pGHPJZ
c2RGAyYvT2VJ84bay92YtBnUAwNzOFTnM+vnzT9IOcXUwJ+rRHarNN6Y0vePZCWc
N+kZZ+ywymC5PDk+oiXNeKd6OA2j4F4Si48zRd+UnGrQkyS1KoZJuwFDGUPIg4E4
CZK3HsEgdMGQt5akn2q8J0Xg9BkCVOgyfJQq32YRW32dWh2RQOcZAG0DFdYV2DXF
S4NKHm8jLm34Uvqd8hCZncC8Zfp1VedwytMJ80TpJ8WhqnF2K56KbRHB16iZMDUX
3y7RHlDdoHFesOlzLMR6rZJzqFbs3UN9aUo/CFeXCK+Y/VMHkgpA2X/jEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC4ee9xXAp3xSKHv6pVVy+kk9UTwMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTGg1NzNGY0NuZkZJb2VfcWxWWEw2U1QxUlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQPQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAv/2oyT7dUHz0Kj5aHiR3y5Bjm5lztFlKAZ9sS
D4Nknd+2IYno3D5FHwdx1WqvKROC9DuDKRqcXuYq+MihUY2M/hieI9PR7bo0hqGO
YnfUpyUgn3aape8hSciqYTO9AncrA4Yd3FiRQnrEF4GuPAmy9Gc1O9sV3oM51Sut
LFj9Vn4psdfedLtCLkG8Rone5hKYwT6Hv7Izzv5/bMYXcjShpDI8kVnIRrpmTf89
K5FswjAjRRV6MXT2udnUJ6+QR/cMj0v0SmityQTxuVCRjy77EQ9FYv7G0gE/nNNF
CFbuuQ4f+/Ouvn89Q/RSNEL2BK/bKqsZV8yZFPotk2YTm/t0
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:06 2024 by rpki-client on console-fra.rpki-client.org