Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/oFBmDW2vvYB_A6yokpFLvhjeZXQ.roa
File: oFBmDW2vvYB_A6yokpFLvhjeZXQ.roa (raw, json)
Hash identifier: fCjWZ2WSC+HBPNzQD8d57U6g2ScXS20fyNb9m6uLtdk=
Subject key identifier: A0:50:66:0D:6D:AF:BD:80:7F:03:AC:A8:92:91:4B:BE:18:DE:65:74
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 018CC8DF5EB886932E2D5BBD81C178D3C5BF
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/oFBmDW2vvYB_A6yokpFLvhjeZXQ.roa
Signing time: Tue 02 Jan 2024 06:32:11 +0000
ROA not before: Tue 02 Jan 2024 06:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 2a05:88c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Apr 2024 07:37:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:5e:b8:86:93:2e:2d:5b:bd:81:c1:78:d3:c5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 06:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a050660d6dafbd807f03aca892914bbe18de6574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:2c:29:26:be:59:d3:3f:8e:38:c4:67:e0:
44:11:a2:35:9f:b2:89:16:7f:03:a0:87:b3:51:aa:
9c:f5:41:03:5e:8b:28:96:0e:56:85:59:ce:8b:73:
82:59:13:9e:52:cd:9b:38:64:e2:c2:67:04:bb:94:
29:e8:35:78:c4:ba:5d:16:dd:c4:df:6c:93:47:10:
a0:35:a3:3a:d4:92:44:78:09:80:fd:81:d0:9e:d3:
2f:56:45:e6:d4:31:92:f6:55:94:0e:62:c7:09:e1:
8f:4d:a5:b8:c6:40:06:4d:8b:76:fc:63:bc:d7:15:
54:55:7a:33:16:0e:74:88:15:f1:d8:6f:0d:6e:1d:
8f:13:75:76:85:91:dd:c6:3c:a6:aa:d2:01:2d:c3:
9b:b8:9c:52:41:82:0e:ec:5c:d9:38:a1:aa:0c:4e:
12:cc:08:76:39:a0:2f:d9:0d:ce:89:45:c0:bf:66:
f8:31:86:e3:36:5b:c0:2c:c3:2a:a4:4e:cf:c4:a0:
96:04:27:47:54:06:ae:8c:7c:97:69:90:9c:f1:ec:
95:53:24:7f:22:b5:a9:19:c2:df:38:c1:ee:45:b6:
7f:70:17:65:c1:fb:d4:3d:1f:11:1f:37:c5:17:f2:
61:8e:84:89:71:9e:0a:3b:30:0b:f0:8c:10:81:03:
e2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:50:66:0D:6D:AF:BD:80:7F:03:AC:A8:92:91:4B:BE:18:DE:65:74
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/oFBmDW2vvYB_A6yokpFLvhjeZXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
c4:64:88:49:2d:2e:b9:89:21:39:ec:58:e9:68:da:ec:25:55:
00:13:24:44:5d:76:ab:10:65:97:81:38:67:20:2c:d8:fd:5d:
2f:84:78:4b:b7:35:96:a1:d2:cd:02:a4:54:50:ed:2a:f7:0a:
8a:dd:b0:32:91:43:bd:04:c1:e1:3f:31:fb:d8:e0:49:db:d4:
08:1a:73:87:10:d8:2d:65:9c:59:5d:34:db:74:08:56:4e:e5:
27:c5:78:65:0d:4c:c9:85:4b:97:fe:b1:00:90:65:e3:28:d1:
83:67:67:23:77:ea:67:ed:ab:1d:50:b7:03:f6:5b:40:da:92:
7e:3f:02:be:8f:97:87:c0:50:ac:6f:a0:43:27:0b:91:48:a2:
54:1e:e8:86:f3:21:93:6e:a4:a2:8e:c1:68:5a:3c:54:d7:cd:
e6:de:e6:a9:4b:ab:01:39:9b:55:74:29:23:66:f8:cc:20:bd:
ad:f7:52:4c:7d:d7:22:70:67:30:af:f3:89:4c:96:67:95:12:
d2:d9:c7:87:28:b9:19:c1:94:ba:b7:ad:01:26:61:4d:64:9d:
d1:51:1c:dd:57:b9:12:02:8b:51:9a:a1:34:9c:6c:fd:b4:85:
ad:eb:d6:ba:f5:3c:1c:43:db:03:ac:fc:f4:46:da:36:3d:ac:
9e:97:70:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3164hpMuLVu9gcF408W/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQwMTAyMDYzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUwNjYwZDZkYWZiZDgwN2YwM2FjYTg5MjkxNGJiZTE4ZGU2NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4AsKSa+WdM/jjjEZ+BEEaI1n7KJ
Fn8DoIezUaqc9UEDXosolg5WhVnOi3OCWROeUs2bOGTiwmcEu5Qp6DV4xLpdFt3E
32yTRxCgNaM61JJEeAmA/YHQntMvVkXm1DGS9lWUDmLHCeGPTaW4xkAGTYt2/GO8
1xVUVXozFg50iBXx2G8Nbh2PE3V2hZHdxjymqtIBLcObuJxSQYIO7FzZOKGqDE4S
zAh2OaAv2Q3OiUXAv2b4MYbjNlvALMMqpE7PxKCWBCdHVAaujHyXaZCc8eyVUyR/
IrWpGcLfOMHuRbZ/cBdlwfvUPR8RHzfFF/JhjoSJcZ4KOzAL8IwQgQPigQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKBQZg1tr72AfwOsqJKRS74Y3mV0MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvb0ZCbURXMnZ2WUJfQTZ5b2twRkx2aGplWlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxGSISS0uuYkhOexY6Wja7CVVABMkRF12qxBll4E4
ZyAs2P1dL4R4S7c1lqHSzQKkVFDtKvcKit2wMpFDvQTB4T8x+9jgSdvUCBpzhxDY
LWWcWV0023QIVk7lJ8V4ZQ1MyYVLl/6xAJBl4yjRg2dnI3fqZ+2rHVC3A/ZbQNqS
fj8Cvo+Xh8BQrG+gQycLkUiiVB7ohvMhk26koo7BaFo8VNfN5t7mqUurATmbVXQp
I2b4zCC9rfdSTH3XInBnMK/ziUyWZ5US0tnHhyi5GcGUuretASZhTWSd0VEc3Ve5
EgKLUZqhNJxs/bSFrevWuvU8HEPbA6z89EbaNj2snpdwNQ==
-----END CERTIFICATE-----
Generated at Mon Apr 8 11:23:21 2024 by rpki-client on console-ams.rpki-client.org