Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lOQzcUE_NKdZmjtA1Mz9KThTxKI.roa
File: lOQzcUE_NKdZmjtA1Mz9KThTxKI.roa (raw, json)
Hash identifier: uuOZPl2ZiAYgcd/tPTA2RhETmHTXoVt4xvh1x8cowOg=
Subject key identifier: 94:E4:33:71:41:3F:34:A7:59:9A:3B:40:D4:CC:FD:29:38:53:C4:A2
Certificate issuer: /CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Certificate serial: 018CCA2B873C6E8023C1B4AEB775E9B8067F
Authority key identifier: E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lOQzcUE_NKdZmjtA1Mz9KThTxKI.roa
Signing time: Tue 02 Jan 2024 12:34:59 +0000
ROA not before: Tue 02 Jan 2024 12:34:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51500
IP address blocks: 2a07:f3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 27 Oct 2024 16:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:87:3c:6e:80:23:c1:b4:ae:b7:75:e9:b8:06:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23494e0cc12c75aed1d01deb15be4e2662b485a
Validity
Not Before: Jan 2 12:34:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e43371413f34a7599a3b40d4ccfd293853c4a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0a:7d:00:ac:72:67:25:0a:df:15:ec:4b:b8:
c1:3d:ef:8c:1d:50:c2:47:b2:7b:85:49:e6:cf:eb:
a2:7f:98:3e:22:b3:7e:34:d7:b8:bf:ce:0b:58:8c:
77:8d:f2:9a:68:c4:3e:d2:ab:2d:5a:a1:72:12:1c:
05:bf:33:06:f7:66:ae:f1:f7:7e:f5:4f:0d:28:bf:
5e:9b:42:dc:6b:66:2f:f0:f4:35:b8:e6:50:9c:fa:
dc:ba:4c:ef:fa:b5:3d:02:8e:98:6c:ff:38:74:d0:
dd:15:42:55:04:08:74:b1:81:95:08:dd:ac:81:ed:
bc:dc:8d:04:aa:05:e6:3f:a2:14:60:54:7e:11:23:
80:10:0f:c2:71:9e:9e:c4:b8:f6:2f:c0:d9:2b:3f:
b1:e9:4b:1e:41:50:d7:3d:6f:24:8b:f7:f5:58:da:
fb:0c:9d:e4:b7:57:92:e3:c9:48:ac:90:53:aa:c2:
6b:99:d0:ea:2c:f3:85:a9:e9:d4:bc:5d:7d:2e:7e:
b0:36:94:b2:17:5e:46:40:ad:c5:6c:76:bb:f9:16:
c6:2b:44:2a:51:b4:cc:e8:b3:55:93:cd:7e:70:f6:
fe:8d:e2:de:bf:cb:b1:06:ac:94:61:77:03:31:b0:
9c:0e:20:1d:36:23:2f:92:8f:39:3a:98:06:49:f0:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E4:33:71:41:3F:34:A7:59:9A:3B:40:D4:CC:FD:29:38:53:C4:A2
X509v3 Authority Key Identifier:
keyid:E2:34:94:E0:CC:12:C7:5A:ED:1D:01:DE:B1:5B:E4:E2:66:2B:48:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jSU4MwSx1rtHQHesVvk4mYrSFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/lOQzcUE_NKdZmjtA1Mz9KThTxKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0db5e6-867c-4c3c-bb4e-22740bf2d5ea/1/4jSU4MwSx1rtHQHesVvk4mYrSFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:92:21:3d:29:5c:ce:f2:5c:d1:59:0c:9b:da:27:87:2a:96:
18:ca:5a:85:46:4a:13:d7:91:0a:1b:3a:60:45:3d:cd:9c:ce:
43:2f:86:91:fa:7c:e6:b0:29:0b:80:19:1c:68:a7:8c:4b:1a:
90:40:2e:fe:5c:62:77:0d:a3:08:b9:c3:bf:03:02:76:73:50:
bc:45:6b:44:3b:ee:41:7f:35:2e:46:3c:63:7d:4c:77:dd:59:
2a:a0:a0:ec:6e:cd:8d:5f:40:f1:43:ed:54:51:ff:7d:d1:e1:
db:cd:2e:93:ce:af:fa:6a:df:f6:f2:3b:9c:84:00:5a:f1:d7:
aa:6f:3a:95:7c:52:bd:ce:63:8d:4a:0a:ea:1d:7c:83:a1:83:
3c:4f:70:9a:90:46:58:37:01:87:53:9a:de:61:60:27:fe:a3:
e4:2d:9c:af:c7:2e:26:02:e5:f0:b4:7e:c9:fc:ba:21:80:73:
bd:ef:94:e5:83:b9:ce:3d:b2:ee:63:d7:e9:24:ad:32:76:d4:
de:05:93:b2:a4:eb:15:b9:0a:46:32:74:69:cf:e6:88:10:d8:
95:75:f7:4d:84:4d:7a:dd:63:d3:da:d3:8a:b9:8f:e6:13:c5:
25:ea:d7:f7:ed:f8:7e:fb:19:fd:32:02:1b:e2:52:dc:e3:90:
dd:be:c8:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKK4c8boAjwbSut3XpuAZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMzQ5NGUwY2MxMmM3NWFlZDFkMDFkZWIxNWJlNGUyNjYy
YjQ4NWEwHhcNMjQwMTAyMTIzNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU0MzM3MTQxM2YzNGE3NTk5YTNiNDBkNGNjZmQyOTM4NTNjNGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAp9AKxyZyUK3xXsS7jBPe+MHVDC
R7J7hUnmz+uif5g+IrN+NNe4v84LWIx3jfKaaMQ+0qstWqFyEhwFvzMG92au8fd+
9U8NKL9em0Lca2Yv8PQ1uOZQnPrcukzv+rU9Ao6YbP84dNDdFUJVBAh0sYGVCN2s
ge283I0EqgXmP6IUYFR+ESOAEA/CcZ6exLj2L8DZKz+x6UseQVDXPW8ki/f1WNr7
DJ3kt1eS48lIrJBTqsJrmdDqLPOFqenUvF19Ln6wNpSyF15GQK3FbHa7+RbGK0Qq
UbTM6LNVk81+cPb+jeLev8uxBqyUYXcDMbCcDiAdNiMvko85OpgGSfCkZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJTkM3FBPzSnWZo7QNTM/Sk4U8SiMB8GA1UdIwQY
MBaAFOI0lODMEsda7R0B3rFb5OJmK0haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUt
MjI3NDBiZjJkNWVhLzEvbE9RemNVRV9OS2RabWp0QTFNejlLVGhUeEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wZGI1ZTYtODY3Yy00YzNjLWJiNGUtMjI3NDBiZjJkNWVh
LzEvNGpTVTRNd1N4MXJ0SFFIZXNWdms0bVlyU0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgfzwDAN
BgkqhkiG9w0BAQsFAAOCAQEASpIhPSlczvJc0VkMm9onhyqWGMpahUZKE9eRChs6
YEU9zZzOQy+Gkfp85rApC4AZHGinjEsakEAu/lxidw2jCLnDvwMCdnNQvEVrRDvu
QX81LkY8Y31Md91ZKqCg7G7NjV9A8UPtVFH/fdHh280uk86v+mrf9vI7nIQAWvHX
qm86lXxSvc5jjUoK6h18g6GDPE9wmpBGWDcBh1Oa3mFgJ/6j5C2cr8cuJgLl8LR+
yfy6IYBzve+U5YO5zj2y7mPX6SStMnbU3gWTsqTrFbkKRjJ0ac/miBDYlXX3TYRN
et1j09rTirmP5hPFJerX9+34fvsZ/TICG+JS3OOQ3b7IDw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:19 2025 by rpki-client