Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/oFmXKT6JTi2fCpdUMInmfyjis54.roa
File: oFmXKT6JTi2fCpdUMInmfyjis54.roa (raw, json)
Hash identifier: 4AUkSiz+ZXaGyGn85/Q3eCb1fpD/ZUPDbr0m313lO5E=
Subject key identifier: A0:59:97:29:3E:89:4E:2D:9F:0A:97:54:30:89:E6:7F:28:E2:B3:9E
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 01856FA71B0D38D58D26C683FBA3165F57EA
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/oFmXKT6JTi2fCpdUMInmfyjis54.roa
Signing time: Sun 01 Jan 2023 23:25:00 +0000
ROA not before: Sun 01 Jan 2023 23:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207846
IP address blocks: 2a0e:1cc0:9::/48 maxlen: 48
2a0e:1cc1:100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:1b:0d:38:d5:8d:26:c6:83:fb:a3:16:5f:57:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 23:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a05997293e894e2d9f0a97543089e67f28e2b39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9a:b4:73:34:33:fd:f4:14:c8:7b:78:ae:9b:
75:17:8a:ab:fe:ec:82:b4:5a:75:f7:50:b4:54:9f:
72:a4:75:3f:be:a2:5d:9d:d4:7a:c7:1c:99:f0:04:
69:8e:04:45:55:1a:41:99:30:e2:bc:82:85:00:0b:
88:3f:24:ac:c5:ce:8b:45:8c:42:9d:cc:46:ad:70:
95:f4:22:1b:96:7a:ce:12:41:65:4d:57:0d:c4:6d:
ff:e8:51:21:90:66:84:4e:15:db:09:ee:ab:09:4d:
41:47:58:17:ae:59:2b:a2:bc:2d:ba:b6:2e:61:d1:
65:b8:be:0f:b9:c1:e9:ae:2d:89:e2:3a:ff:73:cc:
a5:1c:d1:00:44:d7:11:21:7b:dc:28:3c:de:d5:1f:
d0:b5:61:42:cc:f5:b5:d7:30:f3:37:bc:2a:99:83:
d5:b8:73:c7:23:ef:ef:e9:3e:cd:5f:aa:ad:1e:58:
58:48:f8:c2:9d:b9:06:24:c5:4d:00:53:52:df:80:
e6:b0:ec:64:aa:22:4b:3d:1f:03:41:fe:c6:6e:84:
b6:61:b1:35:b7:da:6f:66:25:54:5b:b7:41:41:c6:
04:ae:7c:56:3f:cd:08:03:12:ea:2e:d5:ab:8f:76:
40:22:73:4e:94:d7:3d:99:4f:7b:b8:97:c5:f9:9d:
36:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:59:97:29:3E:89:4E:2D:9F:0A:97:54:30:89:E6:7F:28:E2:B3:9E
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/oFmXKT6JTi2fCpdUMInmfyjis54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:9::/48
2a0e:1cc1:100::/40
Signature Algorithm: sha256WithRSAEncryption
ab:3a:f5:83:45:aa:fd:5b:3f:e3:ff:1e:65:1d:c5:0c:e9:28:
fb:cc:55:d8:b1:3f:eb:e0:ba:db:bb:3f:e5:30:92:96:38:f5:
9f:d7:f7:3e:8b:be:bf:ed:8d:bd:5b:92:b5:12:fc:aa:98:76:
a7:45:51:7d:d0:1e:5e:50:bc:0e:5f:7b:2e:1f:b3:58:1e:67:
49:ed:fd:89:37:98:b1:6f:fc:c2:21:7b:4e:bf:fc:db:74:2b:
25:25:36:da:f9:86:b5:d4:22:b5:4d:a4:e8:70:f1:65:e8:b2:
a6:f2:55:b3:7e:2f:dc:1c:cf:79:45:7d:2e:84:1b:8b:e0:20:
b8:f1:87:7e:33:fe:25:2d:c6:e2:d7:54:bd:16:92:4b:c8:94:
8f:de:16:f6:cb:54:70:cb:36:d1:c6:1f:ae:08:88:d0:a2:58:
7e:fb:de:82:93:91:46:78:17:4b:47:55:64:ad:4f:4d:1c:59:
d7:84:da:29:43:fd:2e:15:1c:09:58:fa:47:14:67:fc:7f:f6:
fb:f7:d3:20:36:09:79:e5:5f:3b:7b:fa:c9:4e:e3:17:4b:50:
49:f7:ee:15:f0:ae:d0:a3:8e:58:23:35:50:a6:ce:ce:2c:d8:
6e:81:4b:79:fa:33:f7:e0:57:eb:31:1c:1e:b5:5f:29:12:d3:
29:99:6d:6d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVvpxsNONWNJsaD+6MWX1fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU5OTcyOTNlODk0ZTJkOWYwYTk3NTQzMDg5ZTY3ZjI4ZTJiMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZq0czQz/fQUyHt4rpt1F4qr/uyC
tFp191C0VJ9ypHU/vqJdndR6xxyZ8ARpjgRFVRpBmTDivIKFAAuIPySsxc6LRYxC
ncxGrXCV9CIblnrOEkFlTVcNxG3/6FEhkGaEThXbCe6rCU1BR1gXrlkrorwturYu
YdFluL4PucHpri2J4jr/c8ylHNEARNcRIXvcKDze1R/QtWFCzPW11zDzN7wqmYPV
uHPHI+/v6T7NX6qtHlhYSPjCnbkGJMVNAFNS34DmsOxkqiJLPR8DQf7GboS2YbE1
t9pvZiVUW7dBQcYErnxWP80IAxLqLtWrj3ZAInNOlNc9mU97uJfF+Z02QwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKBZlyk+iU4tnwqXVDCJ5n8o4rOeMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvb0ZtWEtUNkpUaTJmQ3BkVU1Jbm1meWppczU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKg4cwAAJ
AwYAKg4cwQEwDQYJKoZIhvcNAQELBQADggEBAKs69YNFqv1bP+P/HmUdxQzpKPvM
VdixP+vgutu7P+UwkpY49Z/X9z6Lvr/tjb1bkrUS/KqYdqdFUX3QHl5QvA5fey4f
s1geZ0nt/Yk3mLFv/MIhe06//Nt0KyUlNtr5hrXUIrVNpOhw8WXosqbyVbN+L9wc
z3lFfS6EG4vgILjxh34z/iUtxuLXVL0WkkvIlI/eFvbLVHDLNtHGH64IiNCiWH77
3oKTkUZ4F0tHVWStT00cWdeE2ilD/S4VHAlY+kcUZ/x/9vv30yA2CXnlXzt7+slO
4xdLUEn37hXwrtCjjlgjNVCmzs4s2G6BS3n6M/fgV+sxHB61XykS0ymZbW0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:28 2024 by rpki-client on console-fra.rpki-client.org