Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa
File: 1luxWKPVzQJmHlL0RByoT9_D0Ts.roa (raw, json)
Hash identifier: DsPuNQmm5oOjjXdmb8argIyV+8HIC6IDWjXsdG0pzTg=
Subject key identifier: D6:5B:B1:58:A3:D5:CD:02:66:1E:52:F4:44:1C:A8:4F:DF:C3:D1:3B
Certificate issuer: /CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Certificate serial: 0187949A6E81926EF36DBA1BC4F295938814
Authority key identifier: E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa
Signing time: Tue 18 Apr 2023 13:42:41 +0000
ROA not before: Tue 18 Apr 2023 13:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199685
IP address blocks: 2001:67c:2aa0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:9a:6e:81:92:6e:f3:6d:ba:1b:c4:f2:95:93:88:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Validity
Not Before: Apr 18 13:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d65bb158a3d5cd02661e52f4441ca84fdfc3d13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:37:ff:f5:e8:b8:1d:68:33:be:88:4c:bc:51:
1c:b6:bb:01:3f:a9:86:71:30:0d:3a:d4:d0:3d:4c:
ce:22:da:72:db:88:fb:aa:98:23:f0:dc:22:cc:0e:
c8:a0:ec:b6:5d:c6:33:29:97:15:b8:78:ef:0b:3a:
c4:15:50:d4:ec:31:a9:b6:7d:e6:5f:20:71:6c:a8:
24:d6:88:c9:f1:d9:1c:7d:06:4f:b2:ae:a4:71:92:
fd:19:14:f0:01:5e:19:10:6b:8b:14:b5:e3:47:54:
ab:ba:a2:82:d2:05:e9:a0:9d:3b:f2:21:b1:1d:58:
a8:87:c2:ea:a0:ac:f8:99:10:2e:3a:37:98:e1:29:
7a:75:a8:62:c7:b1:f5:1f:73:17:ee:ea:d0:de:be:
d4:9a:3a:26:7c:f0:3e:66:63:a4:b4:a7:be:91:ca:
5a:f6:f2:87:6e:f0:ac:f2:33:d4:d2:70:ce:cb:df:
b6:d6:bd:29:32:b1:dc:9c:d2:04:78:3b:cb:03:0b:
95:27:40:92:91:9a:9b:3f:24:7c:84:5f:62:98:0f:
1b:04:fe:3f:ba:86:18:12:8c:14:40:eb:27:e2:1f:
48:90:65:a1:69:76:43:50:46:f2:01:c1:f5:2d:1a:
48:ea:f6:7e:6d:12:ca:fe:47:3c:7b:3f:45:12:df:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5B:B1:58:A3:D5:CD:02:66:1E:52:F4:44:1C:A8:4F:DF:C3:D1:3B
X509v3 Authority Key Identifier:
keyid:E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/1luxWKPVzQJmHlL0RByoT9_D0Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/4S9k9_aXqptumYLAt2u3hCEzh2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2aa0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:0a:1e:76:2f:3f:10:40:9a:73:4c:1a:18:bd:14:d2:d4:d0:
a0:0a:7a:63:37:8e:16:52:00:08:bf:0c:67:ad:2f:e1:89:84:
22:91:35:cf:c6:5d:71:ac:ce:b0:0e:b4:65:b3:f7:fd:2a:8c:
fd:bc:fe:0e:6f:53:6a:38:0d:e7:bf:99:a7:53:2c:ca:39:96:
66:37:d2:fb:b5:62:f1:18:91:51:6e:ae:d4:99:69:fe:ed:a1:
68:50:d6:c6:fe:43:e2:77:1a:30:47:79:a1:c1:96:7c:58:84:
1a:1c:14:ca:fc:a9:96:bb:cc:09:d0:50:30:8e:41:2e:ba:0e:
93:d3:57:81:f6:68:e9:7e:96:77:99:d3:7d:cc:76:5a:24:ee:
81:f0:f8:80:ed:1c:5a:2e:1e:3e:e6:01:50:a9:0e:8d:ea:55:
ab:8e:ba:7e:4a:26:e3:de:21:60:3b:42:ae:2f:92:5e:7e:5b:
a2:55:fb:70:00:35:62:66:e7:82:e1:f6:e0:f4:1e:eb:d7:73:
35:63:c7:f8:b8:3b:91:d4:0b:74:67:39:d8:cc:c2:d5:32:19:
b8:c9:d7:04:70:b8:38:8a:8d:86:0a:d4:a5:0b:56:36:b9:11:
ab:85:3c:a2:01:6b:97:ae:3f:99:da:ab:b2:2b:f5:07:2a:b5:
c7:68:e9:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeUmm6Bkm7zbbobxPKVk4gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmY2NGY3ZjY5N2FhOWI2ZTk5ODJjMGI3NmJiNzg0MjEz
Mzg3NmEwHhcNMjMwNDE4MTM0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjViYjE1OGEzZDVjZDAyNjYxZTUyZjQ0NDFjYTg0ZmRmYzNkMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTf/9ei4HWgzvohMvFEctrsBP6mG
cTANOtTQPUzOItpy24j7qpgj8NwizA7IoOy2XcYzKZcVuHjvCzrEFVDU7DGptn3m
XyBxbKgk1ojJ8dkcfQZPsq6kcZL9GRTwAV4ZEGuLFLXjR1SruqKC0gXpoJ078iGx
HVioh8LqoKz4mRAuOjeY4Sl6dahix7H1H3MX7urQ3r7UmjomfPA+ZmOktKe+kcpa
9vKHbvCs8jPU0nDOy9+21r0pMrHcnNIEeDvLAwuVJ0CSkZqbPyR8hF9imA8bBP4/
uoYYEowUQOsn4h9IkGWhaXZDUEbyAcH1LRpI6vZ+bRLK/kc8ez9FEt9mPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNZbsVij1c0CZh5S9EQcqE/fw9E7MB8GA1UdIwQY
MBaAFOEvZPf2l6qbbpmCwLdrt4QhM4dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUt
NDdjMTBhNWNlNTM0LzEvMWx1eFdLUFZ6UUptSGxMMFJCeW9UOV9EMFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUtNDdjMTBhNWNlNTM0
LzEvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCqg
MA0GCSqGSIb3DQEBCwUAA4IBAQA9Ch52Lz8QQJpzTBoYvRTS1NCgCnpjN44WUgAI
vwxnrS/hiYQikTXPxl1xrM6wDrRls/f9Koz9vP4Ob1NqOA3nv5mnUyzKOZZmN9L7
tWLxGJFRbq7UmWn+7aFoUNbG/kPidxowR3mhwZZ8WIQaHBTK/KmWu8wJ0FAwjkEu
ug6T01eB9mjpfpZ3mdN9zHZaJO6B8PiA7RxaLh4+5gFQqQ6N6lWrjrp+Sibj3iFg
O0KuL5JefluiVftwADViZueC4fbg9B7r13M1Y8f4uDuR1At0ZznYzMLVMhm4ydcE
cLg4io2GCtSlC1Y2uRGrhTyiAWuXrj+Z2quyK/UHKrXHaOmW
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:38 2024 by rpki-client on console-fra.rpki-client.org