Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/o-08RHxBCI40X7oD931dETW12Ak.roa
File: o-08RHxBCI40X7oD931dETW12Ak.roa (raw, json)
Hash identifier: fEhLywH24x6cfWIUUgE7n+6KpSzpK3lmAgwt2Wh7VHs=
Subject key identifier: A3:ED:3C:44:7C:41:08:8E:34:5F:BA:03:F7:7D:5D:11:35:B5:D8:09
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 01856E81F45F8A6EF47AA550CA1916227490
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/o-08RHxBCI40X7oD931dETW12Ak.roa
Signing time: Sun 01 Jan 2023 18:04:48 +0000
ROA not before: Sun 01 Jan 2023 18:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208661
IP address blocks: 2a0c:b6c3::/32 maxlen: 32
2a0c:b6c5::/32 maxlen: 32
2a0c:b6c1::/32 maxlen: 32
2a0c:b6c4::/32 maxlen: 32
2a0c:b6c2::/32 maxlen: 32
2a0c:b6c0::/32 maxlen: 32
2a0c:b6c6::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f4:5f:8a:6e:f4:7a:a5:50:ca:19:16:22:74:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Jan 1 18:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ed3c447c41088e345fba03f77d5d1135b5d809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b8:9b:d6:28:6d:49:d1:83:d8:73:c8:76:44:
bd:0e:21:4a:6a:c8:da:49:65:98:10:b3:d2:34:2e:
b1:33:e2:03:88:a7:de:5d:9a:d1:aa:9c:01:38:fe:
3c:ea:19:15:43:cd:64:8e:31:d5:d5:e5:3b:aa:8a:
7e:73:70:3b:77:45:29:0f:3a:ef:24:24:50:2f:44:
5e:6d:af:16:5e:0b:74:04:53:49:f7:d4:31:ca:e3:
d9:22:ee:00:d8:1e:fe:f4:84:fa:34:75:8d:4d:9a:
07:6a:b3:9c:5a:1b:8a:aa:80:8c:ee:c4:46:87:33:
e0:f1:a5:e2:fc:81:98:15:3e:38:5c:b3:87:d1:32:
e3:76:b5:dd:4b:14:8e:fb:a6:cf:dc:65:94:2f:e9:
77:f1:0b:2d:3b:2a:46:49:05:0a:54:e3:f7:25:74:
00:e2:33:9a:15:bb:df:73:7f:35:ae:25:70:d8:84:
f0:45:65:dd:0a:cf:b1:0a:f4:e1:d0:0f:27:69:78:
6c:a4:bd:3d:bc:7a:36:d3:95:a0:7c:1a:e6:71:3e:
11:5b:62:a1:27:71:89:87:df:40:5d:3e:67:04:13:
2d:2e:5b:91:aa:0c:e3:bd:85:36:7a:5e:89:e1:d7:
f3:e5:0f:62:70:f2:df:32:c9:4f:67:f7:04:9a:67:
97:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:ED:3C:44:7C:41:08:8E:34:5F:BA:03:F7:7D:5D:11:35:B5:D8:09
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/o-08RHxBCI40X7oD931dETW12Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c0::-2a0c:b6c6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
65:06:a9:5b:15:34:cb:7d:dc:cd:84:f1:bf:1f:d4:09:26:66:
1b:a7:14:70:f5:b5:f8:6c:6a:c6:40:4a:65:8a:6d:b6:86:33:
c9:11:61:de:4a:b2:08:09:1e:29:3a:30:96:33:fd:b5:93:05:
00:89:96:fc:18:87:ba:e4:5e:85:69:e7:06:c3:a9:76:90:bb:
4e:72:73:25:ee:9f:45:67:32:5c:c5:c4:e8:c2:5c:16:b8:87:
7a:11:d0:f1:84:eb:ed:72:c9:bd:23:ef:7b:83:c7:df:58:15:
d9:99:44:88:ee:e0:7a:b6:39:c6:62:e9:0e:ab:93:8c:ac:9d:
29:76:b8:ae:f4:08:b7:16:cd:c0:97:b6:d8:11:2e:45:6f:f4:
86:fe:b8:5b:ce:c2:18:0c:e9:a6:ae:80:02:e9:4c:db:27:47:
0c:a6:49:50:69:ea:90:87:fb:a3:0b:e5:58:eb:aa:7d:19:dd:
f0:84:37:8a:1e:71:2e:56:48:d2:e3:9d:b6:b3:9e:96:3f:53:
8c:11:e6:ff:8f:f8:98:c7:cc:c4:b8:48:45:8c:8d:71:1d:f3:
6d:3f:9f:20:c1:38:f3:f9:1c:b7:da:66:b1:4c:7f:1d:39:b5:
3b:6a:1e:fb:47:11:2e:ad:aa:fd:11:8d:6d:c6:a4:76:bb:1a:
e9:1b:c6:2b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVugfRfim70eqVQyhkWInSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjMwMTAxMTgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VkM2M0NDdjNDEwODhlMzQ1ZmJhMDNmNzdkNWQxMTM1YjVkODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7ib1ihtSdGD2HPIdkS9DiFKasja
SWWYELPSNC6xM+IDiKfeXZrRqpwBOP486hkVQ81kjjHV1eU7qop+c3A7d0UpDzrv
JCRQL0Reba8WXgt0BFNJ99QxyuPZIu4A2B7+9IT6NHWNTZoHarOcWhuKqoCM7sRG
hzPg8aXi/IGYFT44XLOH0TLjdrXdSxSO+6bP3GWUL+l38QstOypGSQUKVOP3JXQA
4jOaFbvfc381riVw2ITwRWXdCs+xCvTh0A8naXhspL09vHo205WgfBrmcT4RW2Kh
J3GJh99AXT5nBBMtLluRqgzjvYU2el6J4dfz5Q9icPLfMslPZ/cEmmeXAwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFKPtPER8QQiONF+6A/d9XRE1tdgJMB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvby0wOFJIeEJDSTQwWDdvRDkzMWRFVFcxMkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQYqDLbA
AwUAKgy2xjANBgkqhkiG9w0BAQsFAAOCAQEAZQapWxU0y33czYTxvx/UCSZmG6cU
cPW1+GxqxkBKZYpttoYzyRFh3kqyCAkeKTowljP9tZMFAImW/BiHuuRehWnnBsOp
dpC7TnJzJe6fRWcyXMXE6MJcFriHehHQ8YTr7XLJvSPve4PH31gV2ZlEiO7gerY5
xmLpDquTjKydKXa4rvQItxbNwJe22BEuRW/0hv64W87CGAzppq6AAulM2ydHDKZJ
UGnqkIf7owvlWOuqfRnd8IQ3ih5xLlZI0uOdtrOelj9TjBHm/4/4mMfMxLhIRYyN
cR3zbT+fIME48/kct9pmsUx/HTm1O2oe+0cRLq2q/RGNbcakdrsa6RvGKw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org