Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/l1tDcrlsACOs3aKlR9oVASuBzP0.roa
File: l1tDcrlsACOs3aKlR9oVASuBzP0.roa (raw, json)
Hash identifier: 2BihAkIeKwzW4SRAMpiLM1zUetgjb4Z+66T7QNBMhjc=
Subject key identifier: 97:5B:43:72:B9:6C:00:23:AC:DD:A2:A5:47:DA:15:01:2B:81:CC:FD
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0190A5B35FD38DB2944A1948464211811143
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/l1tDcrlsACOs3aKlR9oVASuBzP0.roa
Signing time: Fri 12 Jul 2024 06:48:34 +0000
ROA not before: Fri 12 Jul 2024 06:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 329249
IP address blocks: 2a12:8fc6:dc00::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jul 2024 12:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a5:b3:5f:d3:8d:b2:94:4a:19:48:46:42:11:81:11:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jul 12 06:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=975b4372b96c0023acdda2a547da15012b81ccfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ec:cd:85:fb:95:eb:d4:0a:26:34:83:e0:41:
74:16:7d:3a:33:6c:8c:ee:dc:1b:8b:9b:ba:af:b5:
23:a3:8a:b4:cd:03:40:c8:d9:58:3b:14:fd:75:9b:
02:39:82:b2:57:cf:94:b1:52:66:58:e2:e4:dc:27:
bf:48:c7:84:fd:fc:3f:1c:d0:71:d3:dd:1a:44:ab:
07:9c:a3:df:49:f0:35:57:0b:62:61:6e:98:4d:5c:
b6:f3:ad:c6:87:dd:af:4b:22:14:e4:9b:90:95:94:
b0:45:20:b7:9c:27:d8:b8:e4:62:97:53:c8:a6:05:
a9:9e:e0:fe:ea:f2:e3:f2:4f:ed:23:51:d2:45:b6:
a0:01:44:6c:8e:02:6d:05:72:5f:b7:88:95:70:ec:
6a:01:c9:ce:32:03:6c:0b:21:c3:a9:07:3f:e0:47:
49:a3:11:c2:eb:86:47:7e:f8:dc:e9:76:15:8a:83:
1b:54:97:f4:30:1a:fe:e8:52:8b:6c:fd:38:9c:b4:
60:b4:38:d0:a1:08:15:0d:96:57:1b:62:00:db:29:
71:53:d9:bb:86:47:ff:fa:de:b9:85:8e:31:13:4b:
ac:01:02:51:90:e0:10:cd:1e:6d:f3:5a:a9:6a:e3:
14:7c:cc:05:15:2a:7a:a5:eb:58:4e:bd:7f:df:56:
e3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:43:72:B9:6C:00:23:AC:DD:A2:A5:47:DA:15:01:2B:81:CC:FD
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/l1tDcrlsACOs3aKlR9oVASuBzP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:dc00::/48
Signature Algorithm: sha256WithRSAEncryption
86:35:7e:80:dd:b9:80:bf:17:d7:1e:ba:47:68:21:dd:da:2d:
f7:c8:4b:08:c3:d6:d7:f2:7c:a2:ef:3a:e8:05:e0:52:91:be:
f1:ae:ed:8b:ac:ab:b3:8b:df:df:f5:72:99:ce:90:38:fd:9c:
3f:51:f3:d4:3e:83:53:22:f8:c6:2c:e2:82:2d:1e:ab:6a:55:
83:70:f1:12:10:93:56:bd:7c:09:8d:89:21:51:fe:0f:c6:af:
ad:ce:a8:63:1c:48:d2:76:69:59:3e:4e:43:3f:84:aa:5a:aa:
ec:e2:4f:87:7c:0a:42:dd:a9:21:3a:6d:11:80:a8:75:4e:b8:
f8:8a:53:45:4c:87:61:33:87:76:a7:15:e2:30:23:7a:57:fa:
11:13:da:f4:db:f9:49:9a:4c:b3:25:22:92:42:18:b4:f6:ef:
c4:75:25:06:c9:f0:02:41:75:79:7f:43:41:85:4d:de:a6:e6:
6c:d4:cb:ca:44:19:79:2b:b2:75:82:80:de:f7:e8:12:9f:02:
46:e9:b5:02:8b:38:5e:d5:8b:ac:b3:93:db:a5:8d:91:db:5b:
95:33:ce:ab:7a:c3:df:82:d9:56:ac:64:11:4c:67:be:93:ec:
ef:57:03:8f:b8:91:db:17:7d:bb:9b:ff:fc:ce:83:ec:d2:5b:
73:41:6f:60
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZCls1/TjbKUShlIRkIRgRFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjQwNzEyMDY0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzViNDM3MmI5NmMwMDIzYWNkZGEyYTU0N2RhMTUwMTJiODFjY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgezNhfuV69QKJjSD4EF0Fn06M2yM
7twbi5u6r7Ujo4q0zQNAyNlYOxT9dZsCOYKyV8+UsVJmWOLk3Ce/SMeE/fw/HNBx
090aRKsHnKPfSfA1VwtiYW6YTVy2863Gh92vSyIU5JuQlZSwRSC3nCfYuORil1PI
pgWpnuD+6vLj8k/tI1HSRbagAURsjgJtBXJft4iVcOxqAcnOMgNsCyHDqQc/4EdJ
oxHC64ZHfvjc6XYVioMbVJf0MBr+6FKLbP04nLRgtDjQoQgVDZZXG2IA2ylxU9m7
hkf/+t65hY4xE0usAQJRkOAQzR5t81qpauMUfMwFFSp6petYTr1/31bjXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJdbQ3K5bAAjrN2ipUfaFQErgcz9MB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvbDF0RGNybHNBQ09zM2FLbFI5b1ZBU3VCelAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxtwA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGNX6A3bmAvxfXHrpHaCHd2i33yEsIw9bX8nyi
7zroBeBSkb7xru2LrKuzi9/f9XKZzpA4/Zw/UfPUPoNTIvjGLOKCLR6ralWDcPES
EJNWvXwJjYkhUf4Pxq+tzqhjHEjSdmlZPk5DP4SqWqrs4k+HfApC3akhOm0RgKh1
Trj4ilNFTIdhM4d2pxXiMCN6V/oRE9r02/lJmkyzJSKSQhi09u/EdSUGyfACQXV5
f0NBhU3epuZs1MvKRBl5K7J1goDe9+gSnwJG6bUCizhe1Yuss5PbpY2R21uVM86r
esPfgtlWrGQRTGe+k+zvVwOPuJHbF327m//8zoPs0ltzQW9g
-----END CERTIFICATE-----
Generated at Wed Jul 31 14:29:33 2024 by rpki-client on console-fra.rpki-client.org