Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/LB8X1B0qs2z2dTHrOnwY4_smpB4.roa
File: LB8X1B0qs2z2dTHrOnwY4_smpB4.roa (raw, json)
Hash identifier: ZPuGPzgukjN8rqXwf/B42VGTmhkySaZxnypf62TAIdQ=
Subject key identifier: 2C:1F:17:D4:1D:2A:B3:6C:F6:75:31:EB:3A:7C:18:E3:FB:26:A4:1E
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0190C55C8A5A3163369E9541A5A8CC0393B9
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/LB8X1B0qs2z2dTHrOnwY4_smpB4.roa
Signing time: Thu 18 Jul 2024 10:21:34 +0000
ROA not before: Thu 18 Jul 2024 10:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 05 Oct 2024 18:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:5c:8a:5a:31:63:36:9e:95:41:a5:a8:cc:03:93:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jul 18 10:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c1f17d41d2ab36cf67531eb3a7c18e3fb26a41e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:fe:26:62:84:4b:34:3c:e8:a7:98:9d:3e:be:
e5:e8:a5:35:9e:e8:ed:b0:a2:37:7a:c1:b4:ae:59:
fb:29:ff:d3:25:f7:6a:ea:b0:69:b3:bf:7b:9c:8e:
9e:99:06:14:3f:db:3a:ca:ef:60:ae:af:d7:55:f7:
3f:d2:79:28:21:23:b2:ca:31:26:96:af:6c:fd:ab:
11:83:85:41:ad:a1:a3:f2:46:eb:f3:42:ce:34:93:
fa:90:0d:eb:85:d3:f6:7b:8c:a6:92:e3:ef:9c:c7:
ae:c1:5f:c6:0b:fc:e0:e2:d1:42:81:56:10:61:5f:
b5:cf:8b:9f:08:f8:37:5c:00:87:94:3c:dc:c1:3a:
a7:34:79:25:c6:0e:13:24:60:f4:ad:c4:f0:6c:57:
8d:85:f6:67:c8:66:ef:ef:42:f9:c4:90:ad:fd:2d:
a9:ac:5a:c7:a7:27:11:ef:bb:79:f2:7e:6d:7e:c0:
7e:1a:5a:46:e0:c4:ca:92:a0:ca:0f:c2:40:5d:79:
d4:1a:5f:27:aa:b2:76:71:2f:c0:d2:08:77:2a:e5:
d1:56:7a:89:51:bb:2f:28:71:88:cc:4d:92:89:2d:
12:34:ce:dd:d2:8e:f7:8e:7d:6e:02:33:3c:98:56:
21:b5:c7:9e:f8:a2:12:a3:62:49:88:62:1e:ae:76:
23:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1F:17:D4:1D:2A:B3:6C:F6:75:31:EB:3A:7C:18:E3:FB:26:A4:1E
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/LB8X1B0qs2z2dTHrOnwY4_smpB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
56:b2:a3:63:67:6b:54:03:20:ef:d5:29:3e:30:38:ca:e3:ed:
c9:1a:c1:0c:c5:c0:6e:a2:69:83:b8:f3:99:6b:01:85:e9:32:
2a:3a:12:00:0b:24:ed:1f:f8:bf:11:c8:1a:db:71:ae:09:fa:
53:b6:56:57:60:38:4f:87:cc:02:16:7d:46:42:63:48:08:44:
22:af:6e:fc:50:12:ff:51:f2:e2:05:94:3c:ba:34:fb:4f:7f:
8b:0f:ab:75:4e:b9:eb:46:6e:b9:6f:c3:1f:b0:74:3e:78:87:
2c:9a:c9:a3:35:9c:f4:01:20:b1:bf:6c:69:a0:bc:54:3c:94:
1e:71:f7:5b:7c:aa:f0:61:f9:77:5f:27:08:2d:71:39:0f:fa:
94:60:6e:0c:8c:dc:64:da:40:5f:44:7d:fa:85:57:d5:37:18:
3b:c1:ed:5a:f0:77:9b:a2:ff:22:31:77:fe:f6:af:80:16:73:
eb:80:44:30:97:48:e0:77:2a:7a:40:b4:81:73:40:ea:47:c2:
af:f1:63:b0:b3:7b:98:59:b9:dc:12:0f:2e:7f:2d:f8:79:52:
7c:bf:74:7c:6b:bd:c2:99:bc:53:ba:42:fb:04:c9:d0:31:96:
d0:d3:6f:75:d6:f4:28:59:1a:c8:37:9b:00:c8:38:59:25:da:
ed:73:66:37
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZDFXIpaMWM2npVBpajMA5O5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwNzE4MTAyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFmMTdkNDFkMmFiMzZjZjY3NTMxZWIzYTdjMThlM2ZiMjZhNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8/4mYoRLNDzop5idPr7l6KU1nujt
sKI3esG0rln7Kf/TJfdq6rBps797nI6emQYUP9s6yu9grq/XVfc/0nkoISOyyjEm
lq9s/asRg4VBraGj8kbr80LONJP6kA3rhdP2e4ymkuPvnMeuwV/GC/zg4tFCgVYQ
YV+1z4ufCPg3XACHlDzcwTqnNHklxg4TJGD0rcTwbFeNhfZnyGbv70L5xJCt/S2p
rFrHpycR77t58n5tfsB+GlpG4MTKkqDKD8JAXXnUGl8nqrJ2cS/A0gh3KuXRVnqJ
UbsvKHGIzE2SiS0SNM7d0o73jn1uAjM8mFYhtcee+KISo2JJiGIernYjIQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCwfF9QdKrNs9nUx6zp8GOP7JqQeMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvTEI4WDFCMHFzMnoyZFRIck9ud1k0X3NtcEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcBKgckhgAA
AwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAVrKjY2drVAMg79UpPjA4yuPtyRrB
DMXAbqJpg7jzmWsBhekyKjoSAAsk7R/4vxHIGttxrgn6U7ZWV2A4T4fMAhZ9RkJj
SAhEIq9u/FAS/1Hy4gWUPLo0+09/iw+rdU6560ZuuW/DH7B0PniHLJrJozWc9AEg
sb9saaC8VDyUHnH3W3yq8GH5d18nCC1xOQ/6lGBuDIzcZNpAX0R9+oVX1TcYO8Ht
WvB3m6L/IjF3/vavgBZz64BEMJdI4HcqekC0gXNA6kfCr/FjsLN7mFm53BIPLn8t
+HlSfL90fGu9wpm8U7pC+wTJ0DGW0NNvddb0KFkayDebAMg4WSXa7XNmNw==
-----END CERTIFICATE-----
Generated at Sat Oct 5 23:39:19 2024 by rpki-client on console-ams.rpki-client.org