Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/db21NDBVX9OZQcEhmXYlN0_iNRk.roa
File: db21NDBVX9OZQcEhmXYlN0_iNRk.roa (raw, json)
Hash identifier: q2lVH7S5v3pjK/hYZTuL+YrvrtW6Vw5EsjOR6Imc53k=
Subject key identifier: 75:BD:B5:34:30:55:5F:D3:99:41:C1:21:99:76:25:37:4F:E2:35:19
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E872476D97650D9BE8C3F369EC726
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/db21NDBVX9OZQcEhmXYlN0_iNRk.roa
Signing time: Mon 02 Jan 2023 06:15:04 +0000
ROA not before: Mon 02 Jan 2023 06:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212196
IP address blocks: 2a0c:b641:d0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:87:24:76:d9:76:50:d9:be:8c:3f:36:9e:c7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75bdb53430555fd39941c121997625374fe23519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:4b:cb:96:9a:d7:64:f0:92:db:f0:6d:24:
ce:40:57:dd:6b:a5:0a:05:7b:8d:27:69:e8:c6:d4:
01:51:c1:32:f6:d0:da:93:76:17:7b:ef:69:d0:6c:
c2:97:0a:f2:d0:a7:df:38:42:02:67:09:e6:ba:78:
97:b5:65:ce:de:56:64:fb:ea:df:48:5a:d5:34:a7:
1b:22:a0:44:e6:a5:7c:43:57:9c:d3:b5:90:ee:e7:
ac:0a:e5:0f:0b:32:c7:0e:27:67:27:57:03:88:bf:
5f:57:b0:a6:2b:cd:80:ed:8b:cd:c6:60:56:d7:b2:
b2:a4:b8:03:39:97:bb:35:2d:de:9e:2e:8e:6a:da:
a4:d4:df:d6:de:cd:dd:fe:fe:ba:6a:c9:25:a9:7d:
bc:1d:9a:c8:b5:f8:97:f6:55:f4:f9:42:e1:0c:ec:
4e:c8:93:7b:cd:6c:76:51:1b:31:2c:da:75:73:c7:
95:62:56:fa:14:ef:98:08:1e:bb:c5:1d:2c:50:e5:
98:7a:8b:5e:6f:35:88:61:7f:6a:db:ab:4b:8b:d7:
4b:07:fb:72:71:73:c1:d8:e2:f9:41:9d:d7:c5:86:
f0:31:95:96:b9:00:4d:fd:55:fc:bf:48:15:1c:8c:
c0:7e:a6:ab:89:7d:7e:9b:b8:44:c1:4a:05:5c:1a:
06:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BD:B5:34:30:55:5F:D3:99:41:C1:21:99:76:25:37:4F:E2:35:19
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/db21NDBVX9OZQcEhmXYlN0_iNRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:d0::/44
Signature Algorithm: sha256WithRSAEncryption
74:b0:75:ec:ab:ec:92:bc:b7:06:0b:df:2b:29:4f:5b:4b:65:
f5:d5:9d:56:47:c7:e1:66:bc:99:f2:be:6d:87:a9:75:a0:c1:
46:2b:45:76:1c:48:63:3b:2b:24:b7:0b:d4:99:38:9e:88:49:
17:6e:17:87:3b:1a:96:39:a6:d2:2d:96:5d:7d:9c:41:fe:af:
09:16:7e:4a:df:fe:09:bc:fc:c0:21:04:20:d6:b9:27:ca:8f:
14:66:c6:60:4e:8d:50:ce:25:95:55:d4:18:ad:06:6f:da:be:
30:3b:94:03:08:e8:38:98:c1:f3:be:3b:92:49:fa:22:f8:c5:
e7:20:b1:4a:1c:a0:29:97:9c:22:c9:0d:a8:26:d8:a8:7a:62:
88:72:7f:bc:8f:e2:71:27:2f:a6:1a:f2:0d:2a:f0:75:98:5c:
a2:05:fa:fd:70:1e:3f:26:a3:c2:4f:45:0f:07:47:eb:f7:72:
c3:f5:e4:ff:66:2a:ee:f2:08:b9:a9:68:2f:b8:6e:45:87:b8:
3d:53:63:4d:a9:74:22:5a:fa:e3:c0:aa:4c:da:a9:21:36:71:
6b:8e:9a:35:41:6c:1a:c9:22:b4:64:f5:ec:33:00:f0:27:56:
c2:65:9b:6f:69:13:e1:7d:33:1e:6b:b2:49:e6:0a:8e:27:9a:
15:4b:c4:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHockdtl2UNm+jD82nscmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJkYjUzNDMwNTU1ZmQzOTk0MWMxMjE5OTc2MjUzNzRmZTIzNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgBLy5aa12TwktvwbSTOQFfda6UK
BXuNJ2noxtQBUcEy9tDak3YXe+9p0GzClwry0KffOEICZwnmuniXtWXO3lZk++rf
SFrVNKcbIqBE5qV8Q1ec07WQ7uesCuUPCzLHDidnJ1cDiL9fV7CmK82A7YvNxmBW
17KypLgDOZe7NS3eni6Oatqk1N/W3s3d/v66asklqX28HZrItfiX9lX0+ULhDOxO
yJN7zWx2URsxLNp1c8eVYlb6FO+YCB67xR0sUOWYeotebzWIYX9q26tLi9dLB/ty
cXPB2OL5QZ3XxYbwMZWWuQBN/VX8v0gVHIzAfqariX1+m7hEwUoFXBoGLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHW9tTQwVV/TmUHBIZl2JTdP4jUZMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZGIyMU5EQlZYOU9aUWNFaG1YWWxOMF9pTlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQDQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB0sHXsq+ySvLcGC98rKU9bS2X11Z1WR8fhZryZ
8r5th6l1oMFGK0V2HEhjOysktwvUmTieiEkXbheHOxqWOabSLZZdfZxB/q8JFn5K
3/4JvPzAIQQg1rknyo8UZsZgTo1QziWVVdQYrQZv2r4wO5QDCOg4mMHzvjuSSfoi
+MXnILFKHKApl5wiyQ2oJtioemKIcn+8j+JxJy+mGvINKvB1mFyiBfr9cB4/JqPC
T0UPB0fr93LD9eT/Ziru8gi5qWgvuG5Fh7g9U2NNqXQiWvrjwKpM2qkhNnFrjpo1
QWwaySK0ZPXsMwDwJ1bCZZtvaRPhfTMea7JJ5gqOJ5oVS8T1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org