Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/0wO1Jx3UZAZC70ozd8xG5ezuQLI.roa
File: 0wO1Jx3UZAZC70ozd8xG5ezuQLI.roa (raw, json)
Hash identifier: WK+4lLRLwKrvsevUSMAThuVoxyBGgzdgeOVIMBeOblg=
Subject key identifier: D3:03:B5:27:1D:D4:64:06:42:EF:4A:33:77:CC:46:E5:EC:EE:40:B2
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 018570DE2F2F9D0DF39FD8A235F42A0CE063
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/0wO1Jx3UZAZC70ozd8xG5ezuQLI.roa
Signing time: Mon 02 Jan 2023 05:04:47 +0000
ROA not before: Mon 02 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 2a06:6541:2002::/48 maxlen: 48
2a06:6540:2002::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:2f:2f:9d:0d:f3:9f:d8:a2:35:f4:2a:0c:e0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 2 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d303b5271dd4640642ef4a3377cc46e5ecee40b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9b:0a:77:fc:92:10:7a:6f:aa:d9:d0:67:82:
6b:70:7d:07:dd:a2:4d:d4:41:cb:b0:fd:19:25:7c:
54:8b:28:2e:46:36:62:68:f4:32:79:ae:2d:56:6c:
36:fc:05:f8:d0:a8:9b:f1:1f:2f:01:9b:c7:86:74:
7e:93:5c:3b:4b:75:2d:e0:2f:ed:ce:4e:f7:88:0f:
d7:89:68:e0:61:b1:07:27:33:e8:3d:b8:e8:ca:4a:
64:38:ca:18:c7:16:90:cd:46:96:3d:95:fb:70:83:
f1:f8:3c:3f:61:96:f4:10:81:fe:0f:31:28:2f:aa:
6a:ba:5f:a0:20:e0:37:f6:18:87:05:77:e0:f0:92:
22:87:84:90:69:ec:43:51:c8:b6:cf:72:9f:c2:5e:
17:53:3f:1d:a2:42:d7:e6:29:e2:8a:e6:c5:22:96:
60:df:bf:b0:3b:6a:21:36:cf:36:ad:46:66:71:89:
41:20:cf:6f:a7:05:1f:ab:1e:e1:c0:16:02:5b:f1:
6b:3d:95:b9:71:b3:b0:65:4d:c4:51:f4:e6:ca:e3:
db:32:b2:a0:ac:41:13:80:2d:5d:52:c8:15:dd:4f:
c6:78:4b:7a:1f:df:84:8f:49:05:d6:d3:90:05:25:
d7:94:88:c7:52:ba:b2:7e:a6:5a:6d:9c:30:8a:e2:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:03:B5:27:1D:D4:64:06:42:EF:4A:33:77:CC:46:E5:EC:EE:40:B2
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/0wO1Jx3UZAZC70ozd8xG5ezuQLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2002::/48
2a06:6541:2002::/48
Signature Algorithm: sha256WithRSAEncryption
0c:2e:e6:c3:93:3e:59:98:2a:74:d3:d8:3d:1f:ca:8f:50:1e:
c7:7f:c1:ca:7b:37:c0:6b:8b:b3:db:58:02:c5:36:27:43:6e:
5b:ec:a6:13:b6:57:3a:bb:18:ca:19:ca:09:ad:e1:7a:3e:47:
a9:71:3c:be:f8:78:ef:75:28:7d:98:b3:5b:62:9f:1c:2c:62:
54:a9:d3:34:e1:ca:1d:44:ab:86:a4:16:67:04:c4:bb:af:7f:
2a:ef:8a:13:77:d5:aa:16:bf:08:c9:ed:a2:ee:cc:b3:f5:cd:
02:29:46:eb:a7:8c:c3:c0:f5:57:6d:0e:21:da:a4:50:26:3f:
c7:d4:20:0a:3c:ac:63:5e:dd:d7:ac:a5:9b:cb:50:31:37:7e:
6d:2b:4d:c1:e0:39:29:38:82:b4:9a:4b:b4:d6:8c:14:46:34:
36:20:90:fc:64:b2:d9:17:db:ce:63:48:d9:96:62:87:05:c8:
cf:8d:23:25:2a:f8:eb:88:85:e4:9e:11:6e:2e:07:19:6a:9c:
c6:45:01:87:f7:dc:86:ac:74:57:68:f9:f0:36:ec:f9:84:4f:
db:f7:9b:6c:6d:9f:18:bc:5a:e3:a1:2c:b0:88:c6:de:cb:d6:
de:ed:8d:60:6c:ef:82:e7:35:c4:f1:03:f0:d3:b2:63:a6:81:
e8:95:c6:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw3i8vnQ3zn9iiNfQqDOBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjMwMTAyMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzAzYjUyNzFkZDQ2NDA2NDJlZjRhMzM3N2NjNDZlNWVjZWU0MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZsKd/ySEHpvqtnQZ4JrcH0H3aJN
1EHLsP0ZJXxUiyguRjZiaPQyea4tVmw2/AX40Kib8R8vAZvHhnR+k1w7S3Ut4C/t
zk73iA/XiWjgYbEHJzPoPbjoykpkOMoYxxaQzUaWPZX7cIPx+Dw/YZb0EIH+DzEo
L6pqul+gIOA39hiHBXfg8JIih4SQaexDUci2z3Kfwl4XUz8dokLX5iniiubFIpZg
37+wO2ohNs82rUZmcYlBIM9vpwUfqx7hwBYCW/FrPZW5cbOwZU3EUfTmyuPbMrKg
rEETgC1dUsgV3U/GeEt6H9+Ej0kF1tOQBSXXlIjHUrqyfqZabZwwiuIBDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNMDtScd1GQGQu9KM3fMRuXs7kCyMB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvMHdPMUp4M1VaQVpDNzBvemQ4eEc1ZXp1UUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgZlQCAC
AwcAKgZlQSACMA0GCSqGSIb3DQEBCwUAA4IBAQAMLubDkz5ZmCp009g9H8qPUB7H
f8HKezfAa4uz21gCxTYnQ25b7KYTtlc6uxjKGcoJreF6PkepcTy++HjvdSh9mLNb
Yp8cLGJUqdM04codRKuGpBZnBMS7r38q74oTd9WqFr8Iye2i7syz9c0CKUbrp4zD
wPVXbQ4h2qRQJj/H1CAKPKxjXt3XrKWby1AxN35tK03B4DkpOIK0mku01owURjQ2
IJD8ZLLZF9vOY0jZlmKHBcjPjSMlKvjriIXknhFuLgcZapzGRQGH99yGrHRXaPnw
Nuz5hE/b95tsbZ8YvFrjoSywiMbey9be7Y1gbO+C5zXE8QPw07JjpoHolcaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:08 2024 by rpki-client on console-fra.rpki-client.org