Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/Lrlym_udqwDbX8qk3zGUzPqvqVo.roa
File: Lrlym_udqwDbX8qk3zGUzPqvqVo.roa (raw, json)
Hash identifier: PK/aKI1lgliDXXXW/TQslJ2WpQiR4bvt933QQ2gZmVM=
Subject key identifier: 2E:B9:72:9B:FB:9D:AB:00:DB:5F:CA:A4:DF:31:94:CC:FA:AF:A9:5A
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 01857139CD2C7844F0B07E6EB68E680BD094
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/Lrlym_udqwDbX8qk3zGUzPqvqVo.roa
Signing time: Mon 02 Jan 2023 06:44:51 +0000
ROA not before: Mon 02 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209669
IP address blocks: 2a09:d2c1:1::/48 maxlen: 48
2a09:d2c1:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:cd:2c:78:44:f0:b0:7e:6e:b6:8e:68:0b:d0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Jan 2 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eb9729bfb9dab00db5fcaa4df3194ccfaafa95a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:51:e9:27:21:61:38:ff:b0:61:2e:c9:14:04:
d5:13:bf:00:a5:0f:e9:f0:b5:bb:8d:69:ba:8d:a0:
c5:63:40:e2:e4:2d:ae:15:86:e1:93:10:d4:91:9d:
e4:0a:60:96:33:19:33:fc:dc:b5:c2:5e:03:fd:6a:
cc:6c:96:e1:a7:1b:7b:98:e7:c7:bd:bb:1a:47:50:
92:87:03:90:08:7f:93:40:41:9b:d4:cb:32:4e:4c:
df:7d:f1:09:77:40:e5:19:d7:bb:df:73:8f:f6:cd:
56:9f:e3:e5:34:95:ef:70:ad:43:53:cf:87:de:74:
19:b0:31:31:9e:0c:45:bb:32:2e:0d:54:d7:bd:69:
89:5a:86:58:a0:0c:14:72:14:d8:a8:28:89:cb:df:
08:a5:f4:60:a7:e7:b0:ea:34:2b:2b:9f:2a:37:21:
a7:6f:6e:9a:f7:96:fb:40:0c:c2:55:7c:0e:d1:d0:
b8:00:14:8b:a3:c3:45:fb:1c:aa:e1:50:59:cd:b3:
da:b5:70:67:11:6b:cb:dd:f1:4f:c7:e4:44:51:20:
2a:a3:93:a6:1f:8e:5a:c5:af:39:06:58:f3:32:30:
56:95:76:87:30:c4:c2:29:fa:21:c8:69:dc:e0:62:
73:56:1a:d7:e4:2e:55:5d:6e:69:65:4e:45:07:f5:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B9:72:9B:FB:9D:AB:00:DB:5F:CA:A4:DF:31:94:CC:FA:AF:A9:5A
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/Lrlym_udqwDbX8qk3zGUzPqvqVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d2c1:1::/48
2a09:d2c1:a::/48
Signature Algorithm: sha256WithRSAEncryption
8c:3a:b3:11:d3:67:16:b2:60:50:14:83:b9:fb:5f:be:23:b9:
f1:4e:39:d3:60:57:af:c9:97:83:ab:e2:7a:76:e7:88:99:2a:
c1:57:f3:eb:6c:3e:66:52:76:1a:8d:9c:28:43:ed:5d:ab:30:
0a:4a:ce:f6:74:16:e5:d0:65:d5:07:91:4c:56:3f:b5:27:1b:
c2:ba:44:e0:7c:19:48:fa:3c:99:51:8f:4e:4e:7a:e6:25:6a:
4a:67:a9:31:d0:ed:fa:af:a0:26:0a:5a:fd:d5:8d:48:ae:b6:
99:1d:7d:78:7b:0a:9a:f7:40:33:1a:32:27:d7:24:f9:4c:02:
5f:3c:64:dc:e7:62:87:c6:6f:77:f3:72:a5:af:a8:45:45:74:
e5:28:5e:3c:82:24:55:d1:04:b1:cc:da:fe:40:91:80:bf:5b:
6b:42:10:14:87:17:29:80:cb:ee:e0:95:f1:7a:71:ff:dc:73:
ff:b0:ff:81:fb:92:12:6a:04:84:57:64:0b:e5:50:80:74:49:
b9:d3:ad:a7:4c:5a:ea:5b:d2:02:62:a4:6f:71:91:a8:e5:d3:
bd:15:89:5c:9d:5e:b4:de:a0:7c:98:c8:8b:35:3c:69:df:b9:
ac:34:fc:cd:01:93:8d:09:cf:74:cd:cf:e6:71:94:d4:7e:b8:
e3:90:2a:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxOc0seETwsH5uto5oC9CUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjMwMTAyMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI5NzI5YmZiOWRhYjAwZGI1ZmNhYTRkZjMxOTRjY2ZhYWZhOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1HpJyFhOP+wYS7JFATVE78ApQ/p
8LW7jWm6jaDFY0Di5C2uFYbhkxDUkZ3kCmCWMxkz/Ny1wl4D/WrMbJbhpxt7mOfH
vbsaR1CShwOQCH+TQEGb1MsyTkzfffEJd0DlGde733OP9s1Wn+PlNJXvcK1DU8+H
3nQZsDExngxFuzIuDVTXvWmJWoZYoAwUchTYqCiJy98IpfRgp+ew6jQrK58qNyGn
b26a95b7QAzCVXwO0dC4ABSLo8NF+xyq4VBZzbPatXBnEWvL3fFPx+REUSAqo5Om
H45axa85BljzMjBWlXaHMMTCKfohyGnc4GJzVhrX5C5VXW5pZU5FB/WgAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC65cpv7nasA21/KpN8xlMz6r6laMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvTHJseW1fdWRxd0RiWDhxazN6R1V6UHF2cVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgnSwQAB
AwcAKgnSwQAKMA0GCSqGSIb3DQEBCwUAA4IBAQCMOrMR02cWsmBQFIO5+1++I7nx
TjnTYFevyZeDq+J6dueImSrBV/PrbD5mUnYajZwoQ+1dqzAKSs72dBbl0GXVB5FM
Vj+1JxvCukTgfBlI+jyZUY9OTnrmJWpKZ6kx0O36r6AmClr91Y1IrraZHX14ewqa
90AzGjIn1yT5TAJfPGTc52KHxm9383Klr6hFRXTlKF48giRV0QSxzNr+QJGAv1tr
QhAUhxcpgMvu4JXxenH/3HP/sP+B+5ISagSEV2QL5VCAdEm5062nTFrqW9ICYqRv
cZGo5dO9FYlcnV603qB8mMiLNTxp37msNPzNAZONCc90zc/mcZTUfrjjkCpb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org