Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/lbxm9UqiWzIZpQv7ApS6CVYl0qU.roa
File: lbxm9UqiWzIZpQv7ApS6CVYl0qU.roa (raw, json)
Hash identifier: uV+0SMHUDScXFZqm9DhqXCOUV5ICM7jWi8UwaAr3r4E=
Subject key identifier: 95:BC:66:F5:4A:A2:5B:32:19:A5:0B:FB:02:94:BA:09:56:25:D2:A5
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 0189E9672384CC912C6E3A8DB9A826B7E472
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/lbxm9UqiWzIZpQv7ApS6CVYl0qU.roa
Signing time: Sat 12 Aug 2023 10:59:57 +0000
ROA not before: Sat 12 Aug 2023 10:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142551
IP address blocks: 2a13:a5c7:1200::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e9:67:23:84:cc:91:2c:6e:3a:8d:b9:a8:26:b7:e4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Aug 12 10:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95bc66f54aa25b3219a50bfb0294ba095625d2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:52:00:4e:fa:17:e4:a5:68:74:b2:ce:db:
93:16:08:56:55:13:5d:41:c7:68:c7:52:06:5c:55:
be:ca:26:94:01:d7:59:62:3d:54:20:b0:78:43:a7:
5a:0f:a2:2b:2a:7e:4b:d8:0e:b3:5c:22:6b:eb:9f:
67:81:8f:69:37:d2:df:4f:bc:f9:f3:58:c2:6d:61:
9b:73:75:26:0c:33:48:e2:ee:57:84:88:08:eb:55:
c4:45:c7:00:25:08:56:da:aa:fb:16:0e:cb:ff:6d:
c4:44:26:6f:13:66:fb:ad:80:6a:32:ca:16:1d:91:
eb:bb:cf:ff:b0:b1:b3:1c:29:0a:56:89:f3:18:83:
46:d4:e6:e4:71:80:b0:67:09:af:06:cd:3f:13:91:
ea:b8:8c:43:0c:2d:70:3b:ae:31:78:20:ae:4e:9d:
81:24:e9:0d:7a:0b:6c:6d:2d:e2:34:cf:e5:b6:da:
53:37:cc:08:8c:f7:38:38:f6:cf:8b:3b:90:f5:07:
94:86:eb:a6:0b:a6:10:aa:49:d8:9d:dc:e7:a2:46:
cc:71:20:06:74:9e:e6:4a:1d:1c:7f:7d:e4:e4:e3:
05:6c:f7:d5:62:24:7b:76:96:af:5c:2b:67:89:34:
da:bb:dc:64:65:1b:5f:e7:81:8d:93:a8:68:bd:40:
16:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BC:66:F5:4A:A2:5B:32:19:A5:0B:FB:02:94:BA:09:56:25:D2:A5
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/lbxm9UqiWzIZpQv7ApS6CVYl0qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:1200::/40
Signature Algorithm: sha256WithRSAEncryption
14:e0:b0:ca:0b:87:c8:8c:b9:48:40:3d:e4:a7:ae:31:03:a5:
79:50:2a:ba:6a:90:84:8a:c7:af:7e:ea:04:eb:a8:78:aa:e6:
b5:36:da:bb:9f:b1:f4:2a:1f:da:db:64:58:c2:e2:85:01:2d:
09:52:51:2f:06:ae:ef:f1:21:ff:02:19:61:cf:b9:6d:ac:cd:
b0:1c:dc:f2:4e:d6:7a:76:ee:e3:a2:ca:d0:07:40:cb:f3:9c:
26:da:14:70:4e:57:58:f1:1e:c1:b0:05:3c:a7:c7:d5:b6:7f:
f8:94:96:7f:c2:35:03:85:71:1c:a7:50:23:14:c4:64:af:2f:
0d:58:67:41:72:72:47:8f:ae:4e:d5:15:92:60:aa:74:63:11:
ec:d6:4e:d3:d4:25:64:79:be:92:1f:8f:71:e5:6c:8c:29:90:
bd:ea:91:bc:07:a5:3d:bf:d1:6d:97:18:b4:ed:59:c3:6a:e6:
d4:ac:2b:ca:d9:1a:9c:f0:0a:3a:b9:37:c2:8d:a6:7b:3b:ac:
af:ee:3b:f5:2c:65:cc:70:4e:9f:6d:06:84:d2:28:80:07:47:
17:de:ea:17:38:5b:0d:95:42:24:b0:ff:f0:15:f6:f9:5b:cf:
db:1e:7d:f2:d8:2b:da:9a:45:4b:e3:4e:e0:2f:87:af:6a:8e:
39:c9:dc:17
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYnpZyOEzJEsbjqNuagmt+RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjMwODEyMTA1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJjNjZmNTRhYTI1YjMyMTlhNTBiZmIwMjk0YmEwOTU2MjVkMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWFSAE76F+SlaHSyztuTFghWVRNd
Qcdox1IGXFW+yiaUAddZYj1UILB4Q6daD6IrKn5L2A6zXCJr659ngY9pN9LfT7z5
81jCbWGbc3UmDDNI4u5XhIgI61XERccAJQhW2qr7Fg7L/23ERCZvE2b7rYBqMsoW
HZHru8//sLGzHCkKVonzGING1ObkcYCwZwmvBs0/E5HquIxDDC1wO64xeCCuTp2B
JOkNegtsbS3iNM/lttpTN8wIjPc4OPbPizuQ9QeUhuumC6YQqknYndznokbMcSAG
dJ7mSh0cf33k5OMFbPfVYiR7dpavXCtniTTau9xkZRtf54GNk6hovUAW8QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJW8ZvVKolsyGaUL+wKUuglWJdKlMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvbGJ4bTlVcWlXeklacFF2N0FwUzZDVllsMHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxxIw
DQYJKoZIhvcNAQELBQADggEBABTgsMoLh8iMuUhAPeSnrjEDpXlQKrpqkISKx69+
6gTrqHiq5rU22rufsfQqH9rbZFjC4oUBLQlSUS8Gru/xIf8CGWHPuW2szbAc3PJO
1np27uOiytAHQMvznCbaFHBOV1jxHsGwBTynx9W2f/iUln/CNQOFcRynUCMUxGSv
Lw1YZ0FyckePrk7VFZJgqnRjEezWTtPUJWR5vpIfj3HlbIwpkL3qkbwHpT2/0W2X
GLTtWcNq5tSsK8rZGpzwCjq5N8KNpns7rK/uO/UsZcxwTp9tBoTSKIAHRxfe6hc4
Ww2VQiSw//AV9vlbz9seffLYK9qaRUvjTuAvh69qjjnJ3Bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:52 2024 by rpki-client on console-ams.rpki-client.org