Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/oLK_atnCNSTQIoDU75XKXDcE4Y0.roa
File: oLK_atnCNSTQIoDU75XKXDcE4Y0.roa (raw, json)
Hash identifier: 2np/Ekd5wy00BNxNaOvq/lyDWfG0f7jVnC1DTOyBQvs=
Subject key identifier: A0:B2:BF:6A:D9:C2:35:24:D0:22:80:D4:EF:95:CA:5C:37:04:E1:8D
Certificate issuer: /CN=710068d5bf1bffd79174e37501bfa17f917b313d
Certificate serial: 01878E767805C32FB5DA1E0BFEE0E3C88373
Authority key identifier: 71:00:68:D5:BF:1B:FF:D7:91:74:E3:75:01:BF:A1:7F:91:7B:31:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQBo1b8b_9eRdON1Ab-hf5F7MT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/oLK_atnCNSTQIoDU75XKXDcE4Y0.roa
Signing time: Mon 17 Apr 2023 09:05:41 +0000
ROA not before: Mon 17 Apr 2023 09:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1712
IP address blocks: 2a04:8ec0::/48 maxlen: 48
2a04:8ec0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:76:78:05:c3:2f:b5:da:1e:0b:fe:e0:e3:c8:83:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=710068d5bf1bffd79174e37501bfa17f917b313d
Validity
Not Before: Apr 17 09:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b2bf6ad9c23524d02280d4ef95ca5c3704e18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:63:97:3c:82:75:86:ae:fd:87:5e:76:5e:0e:
6a:4d:4c:b7:36:19:e8:1d:0f:ec:b8:28:66:c2:42:
5f:82:65:7b:6c:87:98:a0:24:60:48:b6:1f:e8:b3:
30:0a:5d:b8:d3:9f:b0:97:06:f4:09:16:0d:91:84:
f0:e0:bf:f8:11:83:75:a6:85:83:6e:e8:19:af:ea:
6c:bb:88:8e:97:b6:84:12:24:76:65:13:41:99:29:
68:28:99:61:28:29:65:21:0d:8b:20:dc:15:0f:fe:
e3:46:c9:c6:62:54:10:95:05:7d:9d:33:f6:4d:a3:
43:df:a7:65:e9:ed:b2:ba:12:2e:b3:f7:63:17:c7:
d9:30:83:40:05:7f:fc:34:bc:82:26:81:eb:b9:04:
a4:89:1b:0a:c3:26:db:0c:95:a5:51:81:0c:5f:dc:
14:29:c6:d2:10:78:92:89:d1:cb:70:89:e0:ce:eb:
5d:78:36:31:52:19:00:64:e6:5d:c8:b1:f8:19:b2:
70:10:05:a4:74:d0:2d:47:bf:a9:e9:a7:30:d2:9b:
31:04:2b:88:8c:cb:87:4a:9c:73:c2:96:b7:7b:98:
9f:77:f5:88:f0:29:3f:f5:2f:cf:a1:c4:7e:79:43:
36:6c:99:68:b2:47:7c:e5:b8:2a:35:31:97:d1:35:
88:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B2:BF:6A:D9:C2:35:24:D0:22:80:D4:EF:95:CA:5C:37:04:E1:8D
X509v3 Authority Key Identifier:
keyid:71:00:68:D5:BF:1B:FF:D7:91:74:E3:75:01:BF:A1:7F:91:7B:31:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQBo1b8b_9eRdON1Ab-hf5F7MT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/oLK_atnCNSTQIoDU75XKXDcE4Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/cQBo1b8b_9eRdON1Ab-hf5F7MT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:8ec0::/47
Signature Algorithm: sha256WithRSAEncryption
2d:c4:e0:8b:5a:1f:88:12:1f:02:4d:2f:17:ed:5e:dc:d5:40:
ab:f1:15:0d:fe:a1:28:cb:f1:73:da:1a:da:aa:26:b4:6c:3d:
90:0d:df:02:9b:10:4a:c5:46:6d:28:09:9d:15:ff:86:e2:69:
7c:7d:2a:d7:7c:3a:20:fe:17:5d:98:7c:62:64:6f:8f:54:53:
ef:ea:b9:b1:2e:36:86:bb:13:0f:3f:0b:ca:dd:90:79:7a:1b:
20:79:38:65:20:4b:5f:42:1d:9a:ac:98:21:f3:bd:1d:68:26:
3c:57:86:c8:5d:02:fd:30:7c:ec:b3:95:e7:a7:ee:3a:cc:b1:
85:8d:0c:3f:9b:27:cc:00:c8:c2:de:98:0d:f3:a5:37:59:11:
e5:03:47:7c:72:c2:65:ff:0e:f9:26:ac:d4:f4:6e:87:5c:d7:
5d:09:cf:0d:c8:c5:43:fe:de:73:38:04:e7:c5:97:7c:45:fb:
f7:bc:d4:fd:1e:15:61:b4:74:2d:e2:9b:63:75:67:03:66:3c:
14:7a:ed:f7:b3:13:72:20:9b:1d:88:2d:f6:65:cf:1b:db:6d:
40:2a:d7:34:75:34:ec:6d:69:80:60:0b:c1:e7:a3:a0:6c:e8:
8f:08:1a:46:5e:5f:b3:4a:83:5a:c6:2b:2a:2f:cb:6e:a5:c9:
4e:40:d0:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeOdngFwy+12h4L/uDjyINzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDA2OGQ1YmYxYmZmZDc5MTc0ZTM3NTAxYmZhMTdmOTE3
YjMxM2QwHhcNMjMwNDE3MDkwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIyYmY2YWQ5YzIzNTI0ZDAyMjgwZDRlZjk1Y2E1YzM3MDRlMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02OXPIJ1hq79h152Xg5qTUy3Nhno
HQ/suChmwkJfgmV7bIeYoCRgSLYf6LMwCl2405+wlwb0CRYNkYTw4L/4EYN1poWD
bugZr+psu4iOl7aEEiR2ZRNBmSloKJlhKCllIQ2LINwVD/7jRsnGYlQQlQV9nTP2
TaND36dl6e2yuhIus/djF8fZMINABX/8NLyCJoHruQSkiRsKwybbDJWlUYEMX9wU
KcbSEHiSidHLcIngzutdeDYxUhkAZOZdyLH4GbJwEAWkdNAtR7+p6acw0psxBCuI
jMuHSpxzwpa3e5ifd/WI8Ck/9S/PocR+eUM2bJloskd85bgqNTGX0TWIQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKCyv2rZwjUk0CKA1O+Vylw3BOGNMB8GA1UdIwQY
MBaAFHEAaNW/G//XkXTjdQG/oX+RezE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FCbzFiOGJfOWVSZE9OMUFiLWhmNUY3TVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny83NGQ3Y2QtMDRlMS00OWQ4LWFhZDkt
ODIwNDNiOWU0ZjcxLzEvb0xLX2F0bkNOU1RRSW9EVTc1WEtYRGNFNFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny83NGQ3Y2QtMDRlMS00OWQ4LWFhZDktODIwNDNiOWU0Zjcx
LzEvY1FCbzFiOGJfOWVSZE9OMUFiLWhmNUY3TVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgSOwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAtxOCLWh+IEh8CTS8X7V7c1UCr8RUN/qEoy/Fz
2hraqia0bD2QDd8CmxBKxUZtKAmdFf+G4ml8fSrXfDog/hddmHxiZG+PVFPv6rmx
LjaGuxMPPwvK3ZB5ehsgeThlIEtfQh2arJgh870daCY8V4bIXQL9MHzss5Xnp+46
zLGFjQw/myfMAMjC3pgN86U3WRHlA0d8csJl/w75JqzU9G6HXNddCc8NyMVD/t5z
OATnxZd8Rfv3vNT9HhVhtHQt4ptjdWcDZjwUeu33sxNyIJsdiC32Zc8b221AKtc0
dTTsbWmAYAvB56OgbOiPCBpGXl+zSoNaxisqL8tupclOQNA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org