Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/O4HAkH6ynRmFsB3iJ-M3xVVMZKY.roa
File: O4HAkH6ynRmFsB3iJ-M3xVVMZKY.roa (raw, json)
Hash identifier: xSAmplQhrxlpgimaaKoVtlbSrrXJN1B5rW9/LfBqm+A=
Subject key identifier: 3B:81:C0:90:7E:B2:9D:19:85:B0:1D:E2:27:E3:37:C5:55:4C:64:A6
Certificate issuer: /CN=00150b6aed6dd43d748d77033cfd01846136ef14
Certificate serial: 018BA60B9B7D623A05D89129FE414AE90B41
Authority key identifier: 00:15:0B:6A:ED:6D:D4:3D:74:8D:77:03:3C:FD:01:84:61:36:EF:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABULau1t1D10jXcDPP0BhGE27xQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/O4HAkH6ynRmFsB3iJ-M3xVVMZKY.roa
Signing time: Mon 06 Nov 2023 19:11:00 +0000
ROA not before: Mon 06 Nov 2023 19:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205884
IP address blocks: 2a13:7f80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:0b:9b:7d:62:3a:05:d8:91:29:fe:41:4a:e9:0b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00150b6aed6dd43d748d77033cfd01846136ef14
Validity
Not Before: Nov 6 19:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b81c0907eb29d1985b01de227e337c5554c64a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:45:b6:eb:8d:8a:f5:9d:33:73:15:4b:35:47:
cb:09:d2:df:9b:43:cc:27:86:92:1b:b8:d1:df:5e:
38:bf:2b:ce:ac:0c:81:9d:aa:78:fc:16:47:70:a0:
f6:88:8d:6f:81:88:4e:0e:3a:cd:38:60:7f:7f:52:
2d:b3:73:70:b4:91:84:b8:2c:ef:ac:22:dd:f1:1e:
3d:b0:97:d1:7d:0c:82:2b:cb:12:54:a4:db:08:78:
ed:09:e1:32:46:ee:f1:8b:a1:51:5b:45:f2:75:97:
d7:c5:2b:13:db:b5:e9:6c:60:91:69:a1:dd:56:ab:
3d:17:50:97:9a:be:23:4a:83:17:d7:9f:e7:af:1f:
e5:6e:24:36:4d:47:a2:c8:09:ae:6c:cc:d4:6b:d7:
d1:eb:c7:d8:12:ac:3a:93:99:0e:f0:43:17:d7:7a:
d5:c0:65:a8:35:7a:91:0a:fe:9d:e9:69:54:44:3f:
c6:6b:a4:7d:5a:9b:cd:5c:5d:5a:ad:57:d3:59:cb:
cb:ff:6f:37:3c:2a:8e:0f:7d:87:87:e9:80:60:be:
65:ac:d4:f6:d4:8e:cb:ca:ff:c2:d6:6b:fb:5a:19:
3e:97:04:5c:c6:2c:8a:d1:e6:5a:2b:aa:89:03:ba:
00:1c:c8:db:43:fc:36:3c:28:f0:2e:26:c0:cd:33:
92:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:81:C0:90:7E:B2:9D:19:85:B0:1D:E2:27:E3:37:C5:55:4C:64:A6
X509v3 Authority Key Identifier:
keyid:00:15:0B:6A:ED:6D:D4:3D:74:8D:77:03:3C:FD:01:84:61:36:EF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABULau1t1D10jXcDPP0BhGE27xQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/O4HAkH6ynRmFsB3iJ-M3xVVMZKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/ABULau1t1D10jXcDPP0BhGE27xQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
33:4d:64:67:63:22:38:9b:32:34:4c:e9:cc:9a:e3:38:ba:be:
d7:f6:a4:07:88:93:7b:8e:39:7e:61:c9:3f:ec:9b:51:d3:ca:
3b:23:6d:d2:aa:dc:4a:41:cf:3d:5a:b3:cd:2f:7d:34:cd:75:
c4:53:2e:3b:17:28:7d:d0:a9:18:29:f6:a1:22:46:c7:cf:46:
74:22:f1:97:d2:cd:19:b8:41:74:dc:da:e4:43:ac:38:2b:7d:
e9:eb:26:eb:08:2b:6e:47:d0:38:43:0a:34:75:fd:53:58:1c:
46:ba:c3:8a:db:f4:2e:f4:d7:2c:9a:79:97:63:4b:54:f9:f7:
b9:2a:b6:3f:a1:32:ff:24:ba:87:61:aa:7d:85:42:30:29:33:
05:08:ab:84:3f:58:57:d3:50:6f:d0:a0:e1:6f:17:4b:9c:94:
4f:e1:88:a8:0f:07:cc:8f:d4:39:c0:f5:19:4c:a8:39:33:c8:
ce:16:26:69:a7:48:80:bd:d7:1f:fe:d9:8d:1f:0c:bc:9b:57:
97:b0:3d:43:d7:08:12:36:bb:5e:95:55:f0:0a:ef:4b:f1:4d:
fc:ff:59:6a:7a:11:be:6f:95:31:db:3c:2e:28:5b:bf:af:dd:
63:05:fb:83:a6:62:98:f7:ab:ff:f9:b8:a4:2c:c5:e3:75:f5:
61:da:fc:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYumC5t9YjoF2JEp/kFK6QtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTUwYjZhZWQ2ZGQ0M2Q3NDhkNzcwMzNjZmQwMTg0NjEz
NmVmMTQwHhcNMjMxMTA2MTkxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgxYzA5MDdlYjI5ZDE5ODViMDFkZTIyN2UzMzdjNTU1NGM2NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikW2642K9Z0zcxVLNUfLCdLfm0PM
J4aSG7jR3144vyvOrAyBnap4/BZHcKD2iI1vgYhODjrNOGB/f1Its3NwtJGEuCzv
rCLd8R49sJfRfQyCK8sSVKTbCHjtCeEyRu7xi6FRW0XydZfXxSsT27XpbGCRaaHd
Vqs9F1CXmr4jSoMX15/nrx/lbiQ2TUeiyAmubMzUa9fR68fYEqw6k5kO8EMX13rV
wGWoNXqRCv6d6WlURD/Ga6R9WpvNXF1arVfTWcvL/283PCqOD32Hh+mAYL5lrNT2
1I7Lyv/C1mv7Whk+lwRcxiyK0eZaK6qJA7oAHMjbQ/w2PCjwLibAzTOSEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDuBwJB+sp0ZhbAd4ifjN8VVTGSmMB8GA1UdIwQY
MBaAFAAVC2rtbdQ9dI13Azz9AYRhNu8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJVTGF1MXQxRDEwalhjRFBQMEJoR0UyN3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OGJhZGMtNDNhMy00MWQ3LTg4OWQt
YTZkN2VkNGFhODM2LzEvTzRIQWtINnluUm1Gc0IzaUotTTN4VlZNWktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82OGJhZGMtNDNhMy00MWQ3LTg4OWQtYTZkN2VkNGFhODM2
LzEvQUJVTGF1MXQxRDEwalhjRFBQMEJoR0UyN3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhN/gDAN
BgkqhkiG9w0BAQsFAAOCAQEAM01kZ2MiOJsyNEzpzJrjOLq+1/akB4iTe445fmHJ
P+ybUdPKOyNt0qrcSkHPPVqzzS99NM11xFMuOxcofdCpGCn2oSJGx89GdCLxl9LN
GbhBdNza5EOsOCt96esm6wgrbkfQOEMKNHX9U1gcRrrDitv0LvTXLJp5l2NLVPn3
uSq2P6Ey/yS6h2GqfYVCMCkzBQirhD9YV9NQb9Cg4W8XS5yUT+GIqA8HzI/UOcD1
GUyoOTPIzhYmaadIgL3XH/7ZjR8MvJtXl7A9Q9cIEja7XpVV8ArvS/FN/P9ZanoR
vm+VMds8Lihbv6/dYwX7g6ZimPer//m4pCzF43X1Ydr8ow==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:54 2024 by rpki-client on console-fra.rpki-client.org