Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/0idcmcp-Orb--ldxXTIn2yBwZ64.roa
File: 0idcmcp-Orb--ldxXTIn2yBwZ64.roa (raw, json)
Hash identifier: qImlfyq/w7xdxChZyj8ahYVBNMUk0IMdYfREt2aJlT0=
Subject key identifier: D2:27:5C:99:CA:7E:3A:B6:FE:FA:57:71:5D:32:27:DB:20:70:67:AE
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 018B61EEB6941131C77B26FAC7C56731DCA1
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/0idcmcp-Orb--ldxXTIn2yBwZ64.roa
Signing time: Tue 24 Oct 2023 13:45:16 +0000
ROA not before: Tue 24 Oct 2023 13:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200373
IP address blocks: 2a07:db81::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Nov 2023 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:ee:b6:94:11:31:c7:7b:26:fa:c7:c5:67:31:dc:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Oct 24 13:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2275c99ca7e3ab6fefa57715d3227db207067ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:a8:e5:34:b6:14:96:55:b1:28:a7:87:92:
8b:04:46:65:6e:e9:78:27:34:01:3b:29:7a:8a:b8:
2f:01:5d:75:9e:46:42:9a:63:80:61:37:84:47:0a:
f8:9b:7e:7b:4a:4e:33:f4:fe:0c:d4:e7:ca:1b:37:
28:fd:68:85:4e:d2:54:c8:56:6f:24:20:28:da:1b:
04:c3:eb:84:75:0a:63:b8:50:e3:6b:b7:d6:46:c4:
5a:8e:f5:65:2f:0c:90:70:d6:fd:98:e5:ca:f5:3d:
14:db:76:f9:e9:e4:b9:e2:9e:ff:18:20:17:96:de:
ad:76:1a:1b:51:18:ae:c9:a9:9f:65:75:a5:c9:4e:
8d:4b:d8:6d:6b:1c:49:c8:3f:d8:fb:e5:a8:ae:c6:
b6:d8:5f:b9:0a:89:bf:8d:23:ce:a4:0a:22:f5:e1:
e7:8d:05:1e:6f:55:de:46:c8:74:06:7e:45:ad:ad:
e3:bb:f9:dd:6b:c5:be:36:60:c8:25:44:5b:23:13:
2d:bc:b1:24:33:33:b6:ce:5e:0e:1a:12:b5:6e:a3:
09:de:a1:e2:ef:a2:99:30:c5:b2:8f:5f:28:36:9d:
78:77:5e:98:54:e6:c9:48:87:72:a8:2e:ad:21:d7:
4e:74:ee:1a:23:dc:fc:00:e8:08:7a:64:48:d2:fe:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:27:5C:99:CA:7E:3A:B6:FE:FA:57:71:5D:32:27:DB:20:70:67:AE
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/0idcmcp-Orb--ldxXTIn2yBwZ64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db81::-2a07:db82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b4:6f:dd:3e:b4:68:6e:38:50:18:35:c7:52:9f:f6:72:f9:1f:
7c:28:d0:ec:b0:d0:6a:6f:db:68:37:f4:ce:8d:d2:03:21:03:
45:e0:23:ae:09:35:e3:28:30:ee:3f:55:95:59:c4:af:f2:4a:
80:02:db:3f:fc:0c:14:2a:1a:73:e3:82:7e:9c:e7:ac:bf:20:
f2:b9:58:f9:0c:3c:9e:71:ff:7a:31:cd:24:e3:91:d4:a0:ed:
e6:33:15:f3:30:90:3a:93:36:be:6c:f6:e2:36:ef:85:02:08:
9b:5c:35:a4:fd:a7:86:1c:d4:74:37:8d:64:ad:24:d2:c0:4f:
5d:b5:9c:8a:21:d8:99:7f:0b:2c:b8:6d:e8:67:87:33:6a:a8:
08:fe:85:93:33:f5:85:89:5d:ac:e4:c9:d1:ac:d3:f3:8b:f0:
d9:32:72:c3:b5:b1:c5:37:4b:70:c2:76:b2:86:1f:6e:c9:57:
f0:3c:b1:a3:de:b5:d9:64:ce:67:9c:a9:6c:fc:7a:08:0c:33:
84:81:5e:67:4a:d8:c1:52:e9:76:13:dd:b5:ef:7e:96:3c:9d:
6e:ec:d4:82:4a:1e:6c:4b:e9:9a:a0:9a:3c:a5:96:a6:bd:b8:
29:69:a4:3f:47:a1:c1:b3:8a:8f:cb:9c:c3:a0:85:22:e5:e6:
f3:34:79:4b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYth7raUETHHeyb6x8VnMdyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMxMDI0MTM0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI3NWM5OWNhN2UzYWI2ZmVmYTU3NzE1ZDMyMjdkYjIwNzA2N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZGo5TS2FJZVsSinh5KLBEZlbul4
JzQBOyl6irgvAV11nkZCmmOAYTeERwr4m357Sk4z9P4M1OfKGzco/WiFTtJUyFZv
JCAo2hsEw+uEdQpjuFDja7fWRsRajvVlLwyQcNb9mOXK9T0U23b56eS54p7/GCAX
lt6tdhobURiuyamfZXWlyU6NS9htaxxJyD/Y++Worsa22F+5Com/jSPOpAoi9eHn
jQUeb1XeRsh0Bn5Fra3ju/nda8W+NmDIJURbIxMtvLEkMzO2zl4OGhK1bqMJ3qHi
76KZMMWyj18oNp14d16YVObJSIdyqC6tIddOdO4aI9z8AOgIemRI0v6LZwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNInXJnKfjq2/vpXcV0yJ9sgcGeuMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvMGlkY21jcC1PcmItLWxkeFhUSW4yeUJ3WjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqB9uB
AwUAKgfbgjANBgkqhkiG9w0BAQsFAAOCAQEAtG/dPrRobjhQGDXHUp/2cvkffCjQ
7LDQam/baDf0zo3SAyEDReAjrgk14ygw7j9VlVnEr/JKgALbP/wMFCoac+OCfpzn
rL8g8rlY+Qw8nnH/ejHNJOOR1KDt5jMV8zCQOpM2vmz24jbvhQIIm1w1pP2nhhzU
dDeNZK0k0sBPXbWciiHYmX8LLLht6GeHM2qoCP6FkzP1hYldrOTJ0azT84vw2TJy
w7WxxTdLcMJ2soYfbslX8Dyxo9612WTOZ5ypbPx6CAwzhIFeZ0rYwVLpdhPdte9+
ljydbuzUgkoebEvpmqCaPKWWpr24KWmkP0ehwbOKj8ucw6CFIuXm8zR5Sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org