Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/oA8a-oXx9pow9BUhHBz5Gj2ey20.roa
File: oA8a-oXx9pow9BUhHBz5Gj2ey20.roa (raw, json)
Hash identifier: P8aucoPK4I7VKHqG892ZvmCWsbqYjRLXnCADjuBvAnE=
Subject key identifier: A0:0F:1A:FA:85:F1:F6:9A:30:F4:15:21:1C:1C:F9:1A:3D:9E:CB:6D
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 018E4858391B1ED51EA7831492CE42AF4ACE
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/oA8a-oXx9pow9BUhHBz5Gj2ey20.roa
Signing time: Sat 16 Mar 2024 17:38:45 +0000
ROA not before: Sat 16 Mar 2024 17:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 16 Nov 2024 18:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:58:39:1b:1e:d5:1e:a7:83:14:92:ce:42:af:4a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Mar 16 17:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a00f1afa85f1f69a30f415211c1cf91a3d9ecb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d3:7a:88:ba:e6:5b:13:c3:bb:48:4f:43:c8:
8a:b5:8b:d4:42:74:50:d0:57:0a:8d:2e:94:ab:67:
78:6d:bf:40:da:18:6b:94:f3:f5:61:68:ca:b0:6c:
4c:5c:b5:18:b4:2a:d4:53:e8:f1:8c:c1:aa:57:b5:
8b:c2:ab:76:ec:97:a2:e8:59:52:02:5c:5f:c3:d5:
dd:34:e6:c2:5e:bd:4c:e0:e7:d3:d7:0f:d9:bd:13:
06:b0:17:90:04:76:f2:b9:30:b6:70:95:bf:e4:40:
07:20:a2:ca:38:be:12:39:4e:26:a8:15:13:ff:4f:
f2:2f:df:2f:aa:1e:79:58:2d:51:e0:ef:1a:50:bc:
30:58:81:ea:98:1d:8f:79:a2:3a:87:80:56:19:25:
89:b0:7e:0a:41:eb:88:be:ee:a7:2e:20:35:eb:19:
04:0e:2a:8e:0e:32:58:d1:47:55:0d:8b:1a:f8:81:
73:ef:16:43:2e:5b:5b:69:fe:e9:90:74:36:3f:db:
75:e5:ac:c8:43:4e:9c:17:6a:df:26:c9:cd:12:4a:
c0:5c:28:22:ef:e7:73:56:50:f4:8d:7c:39:19:c0:
f7:01:cf:39:f6:e1:a9:c7:af:84:c6:5f:7d:72:5a:
91:0d:5c:8d:79:87:37:bc:0f:79:46:7d:e2:f7:d4:
de:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0F:1A:FA:85:F1:F6:9A:30:F4:15:21:1C:1C:F9:1A:3D:9E:CB:6D
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/oA8a-oXx9pow9BUhHBz5Gj2ey20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
9b:ee:f0:fa:11:55:cf:3d:b4:2c:27:dc:48:9c:93:65:18:49:
05:0b:81:b1:cb:01:c6:9b:88:a2:6b:7f:d6:fc:78:02:9c:97:
3c:08:4d:64:5b:ac:13:71:67:e9:aa:37:8e:95:2c:a8:4a:f5:
68:06:b3:ff:b0:b1:9c:0f:b1:6c:4c:18:d8:ec:0a:3f:05:6b:
5d:5f:9f:96:43:73:b7:c0:61:b0:fe:a9:6f:e9:a9:9a:8b:64:
6b:a9:72:0e:3e:77:73:02:21:f3:15:2a:e6:36:5d:51:fc:e0:
35:6e:76:d8:a6:a1:11:25:e5:e3:8c:34:99:97:d3:0f:98:23:
47:a0:2b:ea:ec:d7:c2:d7:ad:fd:b5:7b:be:f7:a3:91:0f:e1:
2f:0b:6b:f3:60:db:22:b2:1e:dc:63:ab:d9:25:49:86:16:1f:
95:d1:fd:da:96:af:dc:33:87:df:99:ce:2b:e9:74:34:e0:ef:
30:45:1b:92:10:23:f9:82:f3:48:e7:f3:a4:0c:99:31:85:5e:
1c:be:6b:66:1b:cb:71:f1:77:73:85:19:08:da:a5:f5:e6:3d:
ee:d9:f6:ef:e8:48:2f:bf:fc:c8:f9:cc:b0:40:96:ae:37:9b:
91:37:58:89:17:46:c7:be:cb:44:2a:07:be:40:d5:63:5f:15:
06:ab:d2:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY5IWDkbHtUep4MUks5Cr0rOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjQwMzE2MTczODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBmMWFmYTg1ZjFmNjlhMzBmNDE1MjExYzFjZjkxYTNkOWVjYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotN6iLrmWxPDu0hPQ8iKtYvUQnRQ
0FcKjS6Uq2d4bb9A2hhrlPP1YWjKsGxMXLUYtCrUU+jxjMGqV7WLwqt27Jei6FlS
Alxfw9XdNObCXr1M4OfT1w/ZvRMGsBeQBHbyuTC2cJW/5EAHIKLKOL4SOU4mqBUT
/0/yL98vqh55WC1R4O8aULwwWIHqmB2PeaI6h4BWGSWJsH4KQeuIvu6nLiA16xkE
DiqODjJY0UdVDYsa+IFz7xZDLltbaf7pkHQ2P9t15azIQ06cF2rfJsnNEkrAXCgi
7+dzVlD0jXw5GcD3Ac859uGpx6+Exl99clqRDVyNeYc3vA95Rn3i99Te9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKAPGvqF8faaMPQVIRwc+Ro9nsttMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvb0E4YS1vWHg5cG93OUJVaEhCejVHajJleTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCb7vD6EVXPPbQsJ9xInJNlGEkFC4GxywHGm4ii
a3/W/HgCnJc8CE1kW6wTcWfpqjeOlSyoSvVoBrP/sLGcD7FsTBjY7Ao/BWtdX5+W
Q3O3wGGw/qlv6amai2RrqXIOPndzAiHzFSrmNl1R/OA1bnbYpqERJeXjjDSZl9MP
mCNHoCvq7NfC1639tXu+96ORD+EvC2vzYNsish7cY6vZJUmGFh+V0f3alq/cM4ff
mc4r6XQ04O8wRRuSECP5gvNI5/OkDJkxhV4cvmtmG8tx8XdzhRkI2qX15j3u2fbv
6Egvv/zI+cywQJauN5uRN1iJF0bHvstEKge+QNVjXxUGq9J/
-----END CERTIFICATE-----
Generated at Sat Nov 16 19:55:58 2024 by rpki-client on console-ams.rpki-client.org