Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lOZFCh53-EYCW2Hg-0kuG43lBQY.roa
File: lOZFCh53-EYCW2Hg-0kuG43lBQY.roa (raw, json)
Hash identifier: t+sqCsDnAZbTJCv2p84JfuYfez3adSqvcLyPm3DsNMs=
Subject key identifier: 94:E6:45:0A:1E:77:F8:46:02:5B:61:E0:FB:49:2E:1B:8D:E5:05:06
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E51FA47B789EAD4E9A925EBA87F52
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lOZFCh53-EYCW2Hg-0kuG43lBQY.roa
Signing time: Mon 02 Jan 2023 06:14:50 +0000
ROA not before: Mon 02 Jan 2023 06:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204625
IP address blocks: 2a0c:b642:900::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:51:fa:47:b7:89:ea:d4:e9:a9:25:eb:a8:7f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94e6450a1e77f846025b61e0fb492e1b8de50506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cc:72:cd:74:86:38:8b:5f:b3:60:09:df:cf:
7d:a3:30:c8:19:55:9c:40:f0:26:11:44:14:81:70:
2f:d8:f3:46:f5:bf:83:82:ce:c0:52:2b:69:a6:2d:
49:06:88:75:f9:02:7f:49:5c:d5:5e:5b:02:ac:91:
3f:12:d4:8e:f7:0c:b3:12:3e:f6:5b:79:d1:02:0d:
c8:7c:83:3c:9d:54:a7:70:88:7a:9e:c5:ec:3a:a9:
49:e4:60:a0:68:8e:7d:26:2d:15:e5:39:6f:34:c0:
1e:d0:3e:0d:44:ca:61:69:98:76:73:08:47:f1:e0:
57:1c:0e:51:23:95:2d:e7:07:ea:86:12:4c:e1:ce:
6e:bb:61:8b:23:0c:9e:f0:6f:4e:25:fe:99:b9:ff:
49:73:b9:fa:56:76:02:8b:7c:4d:6c:b3:17:65:ba:
00:d0:6c:92:98:60:e4:f0:2f:fc:ee:70:20:eb:5f:
ad:a3:69:b2:5d:84:fd:00:ef:99:0c:da:56:a1:b7:
78:b7:88:fa:47:ef:52:38:5e:46:81:aa:75:9f:29:
24:fb:70:b3:ca:92:85:5d:13:62:84:65:43:58:5c:
51:6c:5d:ee:61:a1:7c:be:d5:2a:23:c8:07:b8:88:
ff:e3:0e:b0:84:bd:0c:2b:36:87:82:d7:97:0a:92:
50:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E6:45:0A:1E:77:F8:46:02:5B:61:E0:FB:49:2E:1B:8D:E5:05:06
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lOZFCh53-EYCW2Hg-0kuG43lBQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:900::/40
Signature Algorithm: sha256WithRSAEncryption
7c:80:08:a3:23:1e:dc:78:54:ba:68:95:cf:db:4e:5b:36:5c:
76:ed:5e:32:65:6f:c4:4c:d3:24:45:b9:80:ed:3d:f9:95:fa:
5e:64:0e:bd:87:d3:32:01:8b:ca:85:ce:db:e7:ef:a6:4a:a3:
ce:32:b2:7a:08:45:29:e7:fa:bc:3f:91:79:e4:cd:b6:0c:dc:
a6:55:af:68:d0:da:f2:65:d5:48:e8:be:af:55:3c:c3:09:9f:
b7:52:d6:d4:4b:26:a1:f3:70:40:c7:42:fb:be:e8:e1:0e:3f:
76:83:ff:d3:c1:3b:ef:32:e4:68:74:35:20:34:3f:09:bb:f6:
7e:75:ba:cf:41:aa:42:71:95:52:9d:cd:99:55:1f:4f:33:4a:
76:4f:89:54:37:1d:50:ad:82:11:84:63:98:62:f7:65:82:78:
5c:62:e9:34:a2:13:ba:e6:df:15:33:c1:16:b8:32:79:85:69:
66:b9:5f:75:15:d8:65:7c:3c:8c:56:f7:de:86:63:4f:24:32:
4e:69:58:8f:50:85:7e:6d:3d:02:5d:12:e5:cc:45:91:dc:07:
3b:ca:21:03:fa:3e:16:8d:d0:a2:b4:91:09:f3:4f:14:e9:25:
a0:70:4e:f1:ab:41:ac:4e:3d:4c:eb:ff:b2:5e:83:20:a5:31:
35:5b:b2:9a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxHlH6R7eJ6tTpqSXrqH9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU2NDUwYTFlNzdmODQ2MDI1YjYxZTBmYjQ5MmUxYjhkZTUwNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMxyzXSGOItfs2AJ3899ozDIGVWc
QPAmEUQUgXAv2PNG9b+Dgs7AUitppi1JBoh1+QJ/SVzVXlsCrJE/EtSO9wyzEj72
W3nRAg3IfIM8nVSncIh6nsXsOqlJ5GCgaI59Ji0V5TlvNMAe0D4NRMphaZh2cwhH
8eBXHA5RI5Ut5wfqhhJM4c5uu2GLIwye8G9OJf6Zuf9Jc7n6VnYCi3xNbLMXZboA
0GySmGDk8C/87nAg61+to2myXYT9AO+ZDNpWobd4t4j6R+9SOF5Ggap1nykk+3Cz
ypKFXRNihGVDWFxRbF3uYaF8vtUqI8gHuIj/4w6whL0MKzaHgteXCpJQAQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJTmRQoed/hGAlth4PtJLhuN5QUGMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbE9aRkNoNTMtRVlDVzJIZy0wa3VHNDNsQlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgy2Qgkw
DQYJKoZIhvcNAQELBQADggEBAHyACKMjHtx4VLpolc/bTls2XHbtXjJlb8RM0yRF
uYDtPfmV+l5kDr2H0zIBi8qFztvn76ZKo84ysnoIRSnn+rw/kXnkzbYM3KZVr2jQ
2vJl1Ujovq9VPMMJn7dS1tRLJqHzcEDHQvu+6OEOP3aD/9PBO+8y5Gh0NSA0Pwm7
9n51us9BqkJxlVKdzZlVH08zSnZPiVQ3HVCtghGEY5hi92WCeFxi6TSiE7rm3xUz
wRa4MnmFaWa5X3UV2GV8PIxW996GY08kMk5pWI9QhX5tPQJdEuXMRZHcBzvKIQP6
PhaN0KK0kQnzTxTpJaBwTvGrQaxOPUzr/7JegyClMTVbspo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:06 2024 by rpki-client on console-fra.rpki-client.org