Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/oXSB3_464oenUm3dnVrfbQmk6Cw.roa
File: oXSB3_464oenUm3dnVrfbQmk6Cw.roa (raw, json)
Hash identifier: vOt8QKphGpZjWIYjhuiXfMwWRPgLx9DhjZ0t+BYweiE=
Subject key identifier: A1:74:81:DF:FE:3A:E2:87:A7:52:6D:DD:9D:5A:DF:6D:09:A4:E8:2C
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 01929B163678F2E9751E8CA5B8C87EF0C577
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/oXSB3_464oenUm3dnVrfbQmk6Cw.roa
Signing time: Thu 17 Oct 2024 15:26:16 +0000
ROA not before: Thu 17 Oct 2024 15:26:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214046
IP address blocks: 2a01:ecc0:40::/42 maxlen: 42
Validation: Failed, certificate revoked on Tue 12 Nov 2024 08:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:16:36:78:f2:e9:75:1e:8c:a5:b8:c8:7e:f0:c5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Oct 17 15:26:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a17481dffe3ae287a7526ddd9d5adf6d09a4e82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8e:0a:99:c4:cf:49:94:dd:97:f9:28:d3:5f:
0d:4b:88:4a:c2:86:c6:51:ea:2a:84:65:b3:73:72:
46:1b:18:4c:4d:7a:2b:62:4e:0f:d7:82:6b:80:c0:
23:70:cd:8a:50:41:14:ba:57:38:bc:78:a1:a5:60:
e4:7a:07:c9:35:72:46:02:75:e2:bd:51:f1:60:7c:
96:de:c9:bf:0c:f5:27:2b:18:8a:5f:cc:3e:7c:19:
cc:c5:1d:fe:83:50:8f:fb:97:4b:7f:71:a0:92:72:
10:dc:80:91:fe:43:52:86:b4:9f:9d:78:07:87:56:
7a:1e:0d:20:92:c2:07:8e:cf:a6:11:77:d8:6c:82:
66:56:86:01:ee:8e:35:b7:50:41:75:25:65:06:94:
2a:ed:6e:ef:c7:71:08:f4:c9:30:75:34:5b:83:1d:
2f:08:8e:6b:3d:e4:d8:a7:39:c7:00:9e:d2:55:4e:
b1:2a:94:b7:59:a3:e2:72:83:43:d4:73:db:aa:9c:
5d:22:54:50:54:11:f1:ff:20:35:23:f2:9c:6a:49:
90:30:67:27:82:8c:31:06:70:02:77:cd:06:5d:74:
97:e0:14:d9:7d:74:62:06:bd:fb:c6:0e:87:ba:8a:
3c:84:e6:4c:45:52:b2:b1:24:ad:14:58:fc:dd:bf:
e9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:74:81:DF:FE:3A:E2:87:A7:52:6D:DD:9D:5A:DF:6D:09:A4:E8:2C
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/oXSB3_464oenUm3dnVrfbQmk6Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:40::/42
Signature Algorithm: sha256WithRSAEncryption
79:d9:cc:72:7e:9b:a4:d6:85:d5:bc:52:a0:95:6d:3d:50:e2:
a4:6c:da:ca:9a:40:e3:9f:3d:ee:c1:73:da:8b:13:62:78:20:
a9:e5:da:13:03:36:31:2b:e9:00:89:3e:77:22:fd:c3:a6:b1:
e6:75:88:34:02:0d:60:78:e8:4e:f6:47:99:71:2c:b8:17:98:
7e:8e:df:82:8d:00:b4:65:ab:b5:ef:49:fa:39:2e:2d:4a:2c:
b3:7c:c2:da:81:91:1d:b9:6c:fc:8c:2f:40:da:e6:d8:97:6c:
96:38:13:58:61:70:d9:43:83:ad:26:e2:2b:89:25:bc:1d:44:
b4:24:1c:a3:bf:04:ce:a7:78:1e:ac:e3:a2:2d:3c:8d:1e:bd:
76:8e:5e:19:f7:21:09:8f:24:95:bf:02:5f:03:68:f8:1b:14:
8f:57:05:de:0d:f8:94:5a:69:5d:ce:a8:67:9b:d0:10:83:26:
51:02:06:89:51:12:9b:f8:63:80:17:3d:2e:e7:4b:8a:90:5b:
b0:d0:ee:d2:62:1a:78:59:69:46:64:59:38:6b:89:31:35:a3:
39:16:37:19:30:3d:21:d1:fa:27:4e:fc:8a:f5:0d:33:51:4d:
54:fd:80:fa:af:9e:54:26:80:c6:07:7d:95:c5:0a:a9:7d:ce:
69:69:b3:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZKbFjZ48ul1HoyluMh+8MV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjQxMDE3MTUyNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc0ODFkZmZlM2FlMjg3YTc1MjZkZGQ5ZDVhZGY2ZDA5YTRlODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI4KmcTPSZTdl/ko018NS4hKwobG
UeoqhGWzc3JGGxhMTXorYk4P14JrgMAjcM2KUEEUulc4vHihpWDkegfJNXJGAnXi
vVHxYHyW3sm/DPUnKxiKX8w+fBnMxR3+g1CP+5dLf3GgknIQ3ICR/kNShrSfnXgH
h1Z6Hg0gksIHjs+mEXfYbIJmVoYB7o41t1BBdSVlBpQq7W7vx3EI9MkwdTRbgx0v
CI5rPeTYpznHAJ7SVU6xKpS3WaPicoND1HPbqpxdIlRQVBHx/yA1I/KcakmQMGcn
gowxBnACd80GXXSX4BTZfXRiBr37xg6Huoo8hOZMRVKysSStFFj83b/pzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKF0gd/+OuKHp1Jt3Z1a320JpOgsMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvb1hTQjNfNDY0b2VuVW0zZG5WcmZiUW1rNkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgHswABA
MA0GCSqGSIb3DQEBCwUAA4IBAQB52cxyfpuk1oXVvFKglW09UOKkbNrKmkDjnz3u
wXPaixNieCCp5doTAzYxK+kAiT53Iv3DprHmdYg0Ag1geOhO9keZcSy4F5h+jt+C
jQC0Zau170n6OS4tSiyzfMLagZEduWz8jC9A2ubYl2yWOBNYYXDZQ4OtJuIriSW8
HUS0JByjvwTOp3gerOOiLTyNHr12jl4Z9yEJjySVvwJfA2j4GxSPVwXeDfiUWmld
zqhnm9AQgyZRAgaJURKb+GOAFz0u50uKkFuw0O7SYhp4WWlGZFk4a4kxNaM5FjcZ
MD0h0fonTvyK9Q0zUU1U/YD6r55UJoDGB32VxQqpfc5pabNB
-----END CERTIFICATE-----
Generated at Tue Nov 12 10:08:34 2024 by rpki-client on console-fra.rpki-client.org