Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Ovt1bkE4XRi7QINwk4TmHm3PnIg.roa
File: Ovt1bkE4XRi7QINwk4TmHm3PnIg.roa (raw, json)
Hash identifier: a5JbQIUl83w7hGu/fHNSStJtrP1nFxFzPipdhxUJSgI=
Subject key identifier: 3A:FB:75:6E:41:38:5D:18:BB:40:83:70:93:84:E6:1E:6D:CF:9C:88
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 018750A970569BAB006DA724CCCA3E7D87D7
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Ovt1bkE4XRi7QINwk4TmHm3PnIg.roa
Signing time: Wed 05 Apr 2023 09:04:54 +0000
ROA not before: Wed 05 Apr 2023 09:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205036
IP address blocks: 2a0f:5fc0:beef::/48 maxlen: 48
2a0f:5fc0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Apr 2023 09:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:a9:70:56:9b:ab:00:6d:a7:24:cc:ca:3e:7d:87:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Apr 5 09:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3afb756e41385d18bb4083709384e61e6dcf9c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:00:b8:5d:dd:45:6e:80:86:b1:0f:fd:71:cf:
8c:6a:50:94:28:87:2f:97:b1:f8:28:55:24:bc:70:
e9:bf:b8:25:b9:9b:04:63:a8:6b:3c:19:e0:7f:b8:
96:66:35:01:e8:ca:18:96:64:2a:0b:af:8e:07:7d:
14:f9:cd:ba:5c:fd:75:49:34:88:b8:0d:f0:b5:09:
13:7e:25:2f:ac:83:e6:87:10:75:c7:5d:bb:71:28:
35:35:64:bd:57:1e:43:f9:d4:0c:11:de:86:54:06:
f8:6d:0d:1b:41:c9:4b:d6:bf:40:43:4d:b4:0f:80:
37:2e:2c:fb:6c:da:6d:19:59:88:89:79:4d:9f:6b:
f2:92:cd:ab:e3:dd:cc:d7:e0:e4:b2:fd:3b:35:88:
56:63:51:49:37:73:8c:91:aa:0e:b5:27:29:e1:1b:
bc:12:32:fe:5a:29:f5:57:7d:8f:43:81:b3:18:32:
41:86:3b:ff:60:61:15:67:cd:10:c0:c1:0e:fb:47:
d5:72:25:6e:46:1e:ec:2c:88:61:90:2f:5d:c1:b3:
c9:07:a2:64:fd:28:0f:a8:57:e7:db:3c:80:34:91:
41:57:d0:de:10:15:08:1f:16:f7:87:f0:75:d1:15:
73:13:8d:8a:5f:17:d7:5b:29:25:af:3b:c4:d1:4a:
a4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FB:75:6E:41:38:5D:18:BB:40:83:70:93:84:E6:1E:6D:CF:9C:88
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/Ovt1bkE4XRi7QINwk4TmHm3PnIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:b00b::/48
2a0f:5fc0:beef::/48
Signature Algorithm: sha256WithRSAEncryption
04:ac:f6:72:20:5c:88:d1:48:8d:c7:51:ba:4e:d1:64:b0:0e:
49:32:11:51:99:f4:24:08:1b:5b:ad:df:47:38:74:24:9b:7c:
3d:a1:20:08:6b:9d:6f:fe:dd:b5:95:6f:11:34:44:25:77:9b:
5c:14:90:3c:d8:cd:aa:3f:77:77:e2:ce:13:6e:4a:79:b3:04:
10:07:7f:dd:47:0a:2c:6a:20:7f:21:d6:4e:59:e6:e2:fc:6f:
2e:f9:f2:6c:a1:e9:a2:04:af:7e:75:37:d8:55:5e:af:32:f6:
78:93:ca:a2:d6:14:fc:ce:18:cf:52:1e:55:97:50:bf:bd:1a:
a2:ae:e2:30:dc:96:54:cc:e0:11:5e:49:d5:60:6c:27:16:33:
c9:75:aa:59:f6:0b:4f:d0:f6:9d:b4:21:da:6c:42:32:b0:ef:
f7:7a:26:48:14:bc:da:9e:29:4f:16:e5:0f:7b:9d:28:0a:e9:
52:2c:96:d3:1d:b4:47:1d:45:a6:d6:ff:d0:0a:1b:65:e7:70:
d8:12:c4:21:18:79:c7:cd:7b:4f:93:e4:2d:ca:0b:61:4d:d1:
06:ae:cd:ab:d7:d1:82:2e:8a:93:2c:d6:7e:ea:40:7f:c2:11:
20:03:32:64:42:97:38:7b:b2:db:19:25:17:0c:76:97:17:77:
fc:59:47:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdQqXBWm6sAbackzMo+fYfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjMwNDA1MDkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZiNzU2ZTQxMzg1ZDE4YmI0MDgzNzA5Mzg0ZTYxZTZkY2Y5Yzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAC4Xd1FboCGsQ/9cc+MalCUKIcv
l7H4KFUkvHDpv7gluZsEY6hrPBngf7iWZjUB6MoYlmQqC6+OB30U+c26XP11STSI
uA3wtQkTfiUvrIPmhxB1x127cSg1NWS9Vx5D+dQMEd6GVAb4bQ0bQclL1r9AQ020
D4A3Liz7bNptGVmIiXlNn2vyks2r493M1+Dksv07NYhWY1FJN3OMkaoOtScp4Ru8
EjL+Win1V32PQ4GzGDJBhjv/YGEVZ80QwMEO+0fVciVuRh7sLIhhkC9dwbPJB6Jk
/SgPqFfn2zyANJFBV9DeEBUIHxb3h/B10RVzE42KXxfXWyklrzvE0UqkIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDr7dW5BOF0Yu0CDcJOE5h5tz5yIMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvT3Z0MWJrRTRYUmk3UUlOd2s0VG1IbTNQbklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9fwLAL
AwcAKg9fwL7vMA0GCSqGSIb3DQEBCwUAA4IBAQAErPZyIFyI0UiNx1G6TtFksA5J
MhFRmfQkCBtbrd9HOHQkm3w9oSAIa51v/t21lW8RNEQld5tcFJA82M2qP3d34s4T
bkp5swQQB3/dRwosaiB/IdZOWebi/G8u+fJsoemiBK9+dTfYVV6vMvZ4k8qi1hT8
zhjPUh5Vl1C/vRqiruIw3JZUzOARXknVYGwnFjPJdapZ9gtP0PadtCHabEIysO/3
eiZIFLzanilPFuUPe50oCulSLJbTHbRHHUWm1v/QChtl53DYEsQhGHnHzXtPk+Qt
ygthTdEGrs2r19GCLoqTLNZ+6kB/whEgAzJkQpc4e7LbGSUXDHaXF3f8WUex
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:45 2024 by rpki-client on console-fra.rpki-client.org