Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/O8y8uxo2UtIsJlU05_S3jkoqSxQ.roa
File: O8y8uxo2UtIsJlU05_S3jkoqSxQ.roa (raw, json)
Hash identifier: 5eTJyetbOF3jP5YEQe83BFWStMGU/44l5V7vqekCDlc=
Subject key identifier: 3B:CC:BC:BB:1A:36:52:D2:2C:26:55:34:E7:F4:B7:8E:4A:2A:4B:14
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 018571D7B929CE99EF0660B71AC23D35C83F
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/O8y8uxo2UtIsJlU05_S3jkoqSxQ.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202283
IP address blocks: 2a02:1041:2000::/35 maxlen: 35
2a02:1041::/35 maxlen: 35
Validation: Failed, certificate revoked on Fri 10 Mar 2023 13:15:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b9:29:ce:99:ef:06:60:b7:1a:c2:3d:35:c8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bccbcbb1a3652d22c265534e7f4b78e4a2a4b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:03:b3:7b:a7:47:f8:0f:a7:32:e2:11:e0:a3:
d8:72:1d:99:18:ed:63:ce:bb:6d:41:80:61:83:e3:
60:86:b1:4b:c5:bc:11:81:45:23:12:3b:3a:c5:26:
2b:a8:83:7c:12:e7:d3:d5:c0:27:dd:d3:e1:81:21:
bd:a9:91:28:e5:1f:60:45:5d:20:a0:69:7f:ff:68:
18:2a:69:45:75:50:3c:d7:ec:e4:3c:e9:46:38:a7:
62:8e:0f:8e:2d:bd:21:b2:56:9e:eb:e7:83:35:3c:
d8:80:94:88:f9:6b:9b:fb:da:aa:e2:40:70:e5:1b:
6f:ae:db:58:49:dc:07:71:38:35:d1:2c:41:47:4b:
3d:61:bb:7d:68:43:2b:a1:a1:49:60:f1:c9:a0:ec:
22:21:ce:45:0c:30:b8:9f:75:8f:3f:a0:54:7c:57:
3f:d2:99:ca:36:42:2b:97:02:91:62:f2:7f:36:5c:
e4:1b:38:64:e1:ea:e6:54:d2:1b:78:44:22:aa:da:
90:39:9f:3a:44:6b:bb:c0:c2:ef:b4:02:ab:93:f4:
a1:fe:41:9a:3f:d5:cf:bd:fe:7e:ea:47:bd:d6:46:
05:c2:b5:04:c3:32:bf:a3:50:c7:6c:1c:33:1f:c1:
8f:d1:f5:b2:96:9b:67:57:20:42:2a:d8:de:5e:b7:
8f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CC:BC:BB:1A:36:52:D2:2C:26:55:34:E7:F4:B7:8E:4A:2A:4B:14
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/O8y8uxo2UtIsJlU05_S3jkoqSxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:1041::/34
Signature Algorithm: sha256WithRSAEncryption
99:8d:70:7c:6a:73:33:05:c4:c0:eb:a6:44:d3:68:74:79:ab:
56:0a:06:cf:b3:54:dc:c5:45:62:7a:23:9c:c6:b1:ad:57:95:
ce:e4:e8:90:7e:18:a1:ee:95:24:29:23:3a:25:f5:f8:8c:d1:
d2:f7:0f:06:0a:da:ed:e6:10:31:23:5f:c8:ce:d2:3d:0a:43:
f6:82:7e:91:97:67:27:76:42:f7:4d:1b:0b:50:3d:b4:de:d7:
aa:b3:67:57:d9:17:2d:27:39:22:d1:2a:e9:8c:9f:fa:16:5a:
73:9e:1a:25:b5:f8:01:ef:05:d9:8f:57:6b:e0:67:70:be:b5:
08:fa:cc:63:16:52:10:f1:3a:ad:28:4c:29:09:fe:67:ec:6b:
83:a7:7c:21:3f:fe:ce:3f:a2:99:8f:6d:54:8d:34:8a:a7:3d:
19:f3:2e:b6:a9:e0:fd:22:f2:de:b7:bd:26:f4:a4:04:e2:81:
95:a3:cf:92:ba:fc:c8:9d:13:61:36:86:62:17:14:d6:01:ea:
9a:a4:d8:35:da:d5:36:af:05:d9:cc:f4:2f:f4:e2:37:63:bc:
1e:d4:ce:64:83:ab:45:a0:ee:a4:c7:b5:bf:6d:02:d0:1f:cf:
cc:b8:4e:1d:68:51:2a:13:4c:86:dc:81:0c:f5:41:45:ba:6b:
b3:4e:cc:b8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVx17kpzpnvBmC3GsI9Ncg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNjYmNiYjFhMzY1MmQyMmMyNjU1MzRlN2Y0Yjc4ZTRhMmE0YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwOze6dH+A+nMuIR4KPYch2ZGO1j
zrttQYBhg+NghrFLxbwRgUUjEjs6xSYrqIN8EufT1cAn3dPhgSG9qZEo5R9gRV0g
oGl//2gYKmlFdVA81+zkPOlGOKdijg+OLb0hslae6+eDNTzYgJSI+Wub+9qq4kBw
5RtvrttYSdwHcTg10SxBR0s9Ybt9aEMroaFJYPHJoOwiIc5FDDC4n3WPP6BUfFc/
0pnKNkIrlwKRYvJ/NlzkGzhk4ermVNIbeEQiqtqQOZ86RGu7wMLvtAKrk/Sh/kGa
P9XPvf5+6ke91kYFwrUEwzK/o1DHbBwzH8GP0fWylptnVyBCKtjeXrePQwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDvMvLsaNlLSLCZVNOf0t45KKksUMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvTzh5OHV4bzJVdElzSmxVMDVfUzNqa29xU3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgIQQQAw
DQYJKoZIhvcNAQELBQADggEBAJmNcHxqczMFxMDrpkTTaHR5q1YKBs+zVNzFRWJ6
I5zGsa1Xlc7k6JB+GKHulSQpIzol9fiM0dL3DwYK2u3mEDEjX8jO0j0KQ/aCfpGX
Zyd2QvdNGwtQPbTe16qzZ1fZFy0nOSLRKumMn/oWWnOeGiW1+AHvBdmPV2vgZ3C+
tQj6zGMWUhDxOq0oTCkJ/mfsa4OnfCE//s4/opmPbVSNNIqnPRnzLrap4P0i8t63
vSb0pATigZWjz5K6/MidE2E2hmIXFNYB6pqk2DXa1TavBdnM9C/04jdjvB7UzmSD
q0Wg7qTHtb9tAtAfz8y4Th1oUSoTTIbcgQz1QUW6a7NOzLg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:30 2024 by rpki-client on console-ams.rpki-client.org