Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OEKXT-r_Y01Na6dGHt2eyArjlZY.roa
File: OEKXT-r_Y01Na6dGHt2eyArjlZY.roa (raw, json)
Hash identifier: mYjNA0DiOyqaaCZ68TCn4TgMaH9BFG3Cc6w+3rVlstA=
Subject key identifier: 38:42:97:4F:EA:FF:63:4D:4D:6B:A7:46:1E:DD:9E:C8:0A:E3:95:96
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018B2E88718ADF0DDF8C69C9824F94DC9BBD
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OEKXT-r_Y01Na6dGHt2eyArjlZY.roa
Signing time: Sat 14 Oct 2023 14:12:55 +0000
ROA not before: Sat 14 Oct 2023 14:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 2a0a:2e00::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:88:71:8a:df:0d:df:8c:69:c9:82:4f:94:dc:9b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Oct 14 14:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3842974feaff634d4d6ba7461edd9ec80ae39596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:4b:08:92:f5:32:c1:a8:ac:92:96:3d:ce:
f7:1a:08:e1:63:98:87:eb:2d:93:8a:c4:c6:ba:b9:
12:13:8d:2a:d5:a5:df:31:84:77:3a:5f:93:2c:0b:
44:e8:54:8d:cc:3b:d8:12:80:54:9b:52:af:4f:33:
67:aa:d7:2b:e2:29:67:4a:ad:0e:41:bc:24:42:88:
70:2a:ff:8e:32:88:0c:34:0b:99:bc:63:d3:17:75:
fc:e1:5b:7b:c1:93:04:9f:cf:87:4b:39:ab:84:e6:
12:1d:72:76:39:b2:ae:c3:0e:af:61:39:d9:0d:b5:
cb:2b:f8:e9:89:0b:71:ea:85:4f:0f:a3:69:31:3d:
67:6f:79:40:ef:3f:d7:1c:c2:f3:3e:e1:14:7d:15:
36:ee:03:09:2a:e2:eb:00:f5:db:9b:32:f0:64:10:
10:aa:b9:a9:45:5b:d8:c0:20:e6:0b:43:13:51:d8:
e6:f9:0b:81:80:2f:a5:23:ce:25:e6:38:b0:e4:a2:
2a:ff:f7:b0:9f:d6:f4:02:9f:d0:fe:f8:56:0c:e5:
71:25:b3:66:e4:36:75:ee:d4:74:a2:3d:65:5a:5c:
a4:f3:f5:e3:f7:29:f2:15:9c:97:ec:64:7f:89:a7:
de:6b:03:6c:47:c0:2c:7e:93:de:2f:20:82:cf:c0:
dc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:42:97:4F:EA:FF:63:4D:4D:6B:A7:46:1E:DD:9E:C8:0A:E3:95:96
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OEKXT-r_Y01Na6dGHt2eyArjlZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2e00::/48
Signature Algorithm: sha256WithRSAEncryption
6f:78:5b:28:6f:6e:c6:39:bc:12:4a:f5:76:2f:56:dc:a5:f2:
3e:d3:f1:b5:6f:d0:f7:69:98:e9:39:7d:0f:b4:64:65:5b:34:
9c:5b:b7:a6:e8:a8:86:dd:ce:74:2f:14:f3:3f:08:b1:a6:be:
79:91:df:ab:ab:ef:4f:32:60:9b:0f:06:0d:1f:50:14:15:8b:
8a:91:5c:6e:cb:5d:1a:be:79:ce:8e:f1:6e:a0:f9:ce:e4:44:
61:26:2d:4c:63:4d:8d:55:a1:08:82:35:c8:ed:22:22:a8:33:
0d:77:ac:87:12:7a:a6:f4:37:f0:82:5f:e3:1e:6d:66:35:ce:
f0:26:e4:13:85:bc:b9:b3:4c:7c:97:46:76:cc:a5:e0:f5:85:
b9:23:29:0b:03:fd:34:30:d9:a7:1b:af:69:71:a2:e2:3d:c8:
7d:b5:f7:4b:b4:6f:e5:68:63:46:36:e9:31:8e:96:b2:72:11:
60:a3:63:10:89:9d:71:e0:e7:c0:1c:97:5d:fd:c4:02:7e:d4:
97:6c:eb:92:bc:9b:fc:74:1e:40:b2:1f:42:78:47:25:1b:dc:
5e:c3:ab:4f:18:a5:58:b2:ed:c1:73:da:86:9e:c0:62:26:e9:
97:5a:ba:98:e6:77:63:28:15:30:f4:39:dd:66:fb:89:59:6e:
b2:93:84:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYsuiHGK3w3fjGnJgk+U3Ju9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjMxMDE0MTQxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQyOTc0ZmVhZmY2MzRkNGQ2YmE3NDYxZWRkOWVjODBhZTM5NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsONLCJL1MsGorJKWPc73GgjhY5iH
6y2TisTGurkSE40q1aXfMYR3Ol+TLAtE6FSNzDvYEoBUm1KvTzNnqtcr4ilnSq0O
QbwkQohwKv+OMogMNAuZvGPTF3X84Vt7wZMEn8+HSzmrhOYSHXJ2ObKuww6vYTnZ
DbXLK/jpiQtx6oVPD6NpMT1nb3lA7z/XHMLzPuEUfRU27gMJKuLrAPXbmzLwZBAQ
qrmpRVvYwCDmC0MTUdjm+QuBgC+lI84l5jiw5KIq//ewn9b0Ap/Q/vhWDOVxJbNm
5DZ17tR0oj1lWlyk8/Xj9ynyFZyX7GR/iafeawNsR8AsfpPeLyCCz8DcewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDhCl0/q/2NNTWunRh7dnsgK45WWMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvT0VLWFQtcl9ZMDFOYTZkR0h0MmV5QXJqbFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgouAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBveFsob27GObwSSvV2L1bcpfI+0/G1b9D3aZjp
OX0PtGRlWzScW7em6KiG3c50LxTzPwixpr55kd+rq+9PMmCbDwYNH1AUFYuKkVxu
y10avnnOjvFuoPnO5ERhJi1MY02NVaEIgjXI7SIiqDMNd6yHEnqm9Dfwgl/jHm1m
Nc7wJuQThby5s0x8l0Z2zKXg9YW5IykLA/00MNmnG69pcaLiPch9tfdLtG/laGNG
NukxjpaychFgo2MQiZ1x4OfAHJdd/cQCftSXbOuSvJv8dB5Ash9CeEclG9xew6tP
GKVYsu3Bc9qGnsBiJumXWrqY5ndjKBUw9DndZvuJWW6yk4QO
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:31 2024 by rpki-client on console-ams.rpki-client.org