Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lOZmlIYgTDO1tt3ZoDPO9YLJ7kE.roa
File: lOZmlIYgTDO1tt3ZoDPO9YLJ7kE.roa (raw, json)
Hash identifier: XDx6E/29ElFi+16W0RhmCElxgcsGUZVGeyOTSyN8TlQ=
Subject key identifier: 94:E6:66:94:86:20:4C:33:B5:B6:DD:D9:A0:33:CE:F5:82:C9:EE:41
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018CC64B28FEF72246F1ABB9C1BCB5F21697
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lOZmlIYgTDO1tt3ZoDPO9YLJ7kE.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15626
IP address blocks: 2a05:9407::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Feb 2024 23:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:28:fe:f7:22:46:f1:ab:b9:c1:bc:b5:f2:16:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94e6669486204c33b5b6ddd9a033cef582c9ee41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f9:bc:06:8b:b1:12:77:10:e0:f9:71:1f:35:
d1:1e:31:79:d9:ea:ef:81:77:58:f5:2e:b6:86:58:
e0:fd:84:f8:db:af:29:af:b3:c3:c8:57:53:64:73:
48:cc:06:f4:89:ec:ee:1f:c7:f2:98:ae:37:01:f4:
c2:8c:32:9c:9e:64:60:d8:d7:52:86:26:ad:51:45:
e6:70:4b:91:29:ab:44:e6:cb:a1:35:0c:34:02:6a:
43:a9:41:e4:9c:73:19:74:54:d5:1e:b0:63:26:49:
b7:68:4a:32:6f:54:8c:26:f1:0c:c1:7d:81:c5:fe:
b6:8e:9b:b5:3d:c8:fb:a5:29:bf:0d:2b:7a:41:6d:
f1:41:a3:26:bd:8b:5b:3f:7c:20:97:4d:4f:8b:7e:
15:35:de:80:79:00:75:00:6a:55:69:01:1d:e3:ba:
33:e0:ec:e2:df:d8:04:0d:29:88:08:1f:c9:58:03:
92:5a:3c:42:00:27:76:aa:0a:f8:36:12:a3:06:09:
2b:42:dd:eb:35:64:a4:38:97:2d:ef:15:71:ed:f9:
36:11:87:6b:00:c2:d7:3c:c6:cc:fd:0d:a3:88:47:
a8:ce:93:35:f7:6e:12:ae:37:59:18:82:20:4b:4b:
55:e2:85:ce:dd:a9:76:ae:4a:cf:ac:51:34:40:55:
2b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E6:66:94:86:20:4C:33:B5:B6:DD:D9:A0:33:CE:F5:82:C9:EE:41
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lOZmlIYgTDO1tt3ZoDPO9YLJ7kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
43:9f:b9:78:69:eb:03:c9:be:00:41:bb:7c:d2:47:4d:49:ed:
1a:84:0e:e0:00:91:6f:e8:69:2a:8c:eb:a2:1a:c2:83:b8:71:
25:be:bd:80:f8:0e:c6:fc:f5:2f:c3:52:a7:61:d8:2c:11:24:
91:76:da:df:99:78:ee:ce:f6:3e:61:6b:e7:a7:76:b3:c1:38:
ee:f7:a3:35:62:82:4d:d9:4f:9c:cd:50:7e:47:61:49:fc:32:
e3:6c:1d:57:fd:75:de:53:92:48:e7:07:99:0b:e9:d2:e9:6b:
ae:6a:ff:25:7a:f1:70:9e:ab:66:71:13:7f:d0:0d:72:1d:81:
c3:85:9e:84:c6:19:90:73:94:58:6d:02:bd:20:9e:29:62:00:
60:c6:1b:96:c4:16:88:0a:cb:07:c1:72:e0:11:46:76:f9:03:
d0:3e:39:0c:3b:2e:04:ee:e8:97:66:b8:28:20:08:48:ef:0a:
bb:63:87:77:6f:b7:f1:74:6d:8b:b5:8b:15:7d:b5:fc:a7:2f:
37:97:71:14:63:59:94:b8:53:bc:f4:05:61:ff:cf:80:25:16:
2b:31:76:ee:77:5c:32:df:59:5b:08:61:6e:c2:fd:f7:d9:51:
a0:b0:fd:59:da:48:9a:8e:6a:66:45:2d:eb:f3:fd:4b:af:73:
98:2c:13:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSyj+9yJG8au5wby18haXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU2NjY5NDg2MjA0YzMzYjViNmRkZDlhMDMzY2VmNTgyYzllZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fm8BouxEncQ4PlxHzXRHjF52erv
gXdY9S62hljg/YT4268pr7PDyFdTZHNIzAb0iezuH8fymK43AfTCjDKcnmRg2NdS
hiatUUXmcEuRKatE5suhNQw0AmpDqUHknHMZdFTVHrBjJkm3aEoyb1SMJvEMwX2B
xf62jpu1Pcj7pSm/DSt6QW3xQaMmvYtbP3wgl01Pi34VNd6AeQB1AGpVaQEd47oz
4Ozi39gEDSmICB/JWAOSWjxCACd2qgr4NhKjBgkrQt3rNWSkOJct7xVx7fk2EYdr
AMLXPMbM/Q2jiEeozpM1924SrjdZGIIgS0tV4oXO3al2rkrPrFE0QFUriQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJTmZpSGIEwztbbd2aAzzvWCye5BMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvbE9abWxJWWdURE8xdHQzWm9EUE85WUxKN2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWUBzAN
BgkqhkiG9w0BAQsFAAOCAQEAQ5+5eGnrA8m+AEG7fNJHTUntGoQO4ACRb+hpKozr
ohrCg7hxJb69gPgOxvz1L8NSp2HYLBEkkXba35l47s72PmFr56d2s8E47vejNWKC
TdlPnM1QfkdhSfwy42wdV/113lOSSOcHmQvp0ulrrmr/JXrxcJ6rZnETf9ANch2B
w4WehMYZkHOUWG0CvSCeKWIAYMYblsQWiArLB8Fy4BFGdvkD0D45DDsuBO7ol2a4
KCAISO8Ku2OHd2+38XRti7WLFX21/KcvN5dxFGNZlLhTvPQFYf/PgCUWKzF27ndc
Mt9ZWwhhbsL999lRoLD9WdpImo5qZkUt6/P9S69zmCwTRQ==
-----END CERTIFICATE-----
Generated at Tue Feb 13 02:45:16 2024 by rpki-client on console-fra.rpki-client.org