Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/OXBUQP7ODr0YA8fYlkQJ2tOv4qs.roa
File: OXBUQP7ODr0YA8fYlkQJ2tOv4qs.roa (raw, json)
Hash identifier: BphDPBCrFS6HtYg8E/44PUUgOEKbegi984OWIVkgPH4=
Subject key identifier: 39:70:54:40:FE:CE:0E:BD:18:03:C7:D8:96:44:09:DA:D3:AF:E2:AB
Certificate issuer: /CN=423d93054f063cf8a291861735f90059ab9ec169
Certificate serial: 01856F6FE75AEC6A805B8C094EBF43D188B9
Authority key identifier: 42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/OXBUQP7ODr0YA8fYlkQJ2tOv4qs.roa
Signing time: Sun 01 Jan 2023 22:24:42 +0000
ROA not before: Sun 01 Jan 2023 22:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42163
IP address blocks: 2a00:94c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:e7:5a:ec:6a:80:5b:8c:09:4e:bf:43:d1:88:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=423d93054f063cf8a291861735f90059ab9ec169
Validity
Not Before: Jan 1 22:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39705440fece0ebd1803c7d8964409dad3afe2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a1:91:da:9a:69:70:e3:a5:c2:16:6b:8b:f3:
a7:0d:5f:be:24:d6:bc:71:de:ee:a5:bc:ce:9f:a9:
bc:41:d5:bb:ec:91:a2:4b:12:df:2c:08:03:c7:46:
1c:48:01:2e:3b:ea:1b:99:56:e1:0a:75:21:b7:6b:
2b:91:81:75:0d:38:f5:fd:a0:ba:55:aa:b9:d0:63:
9a:37:a1:d8:05:c8:29:7a:f8:dc:31:c5:49:27:4c:
64:02:97:c2:97:c4:8c:4d:24:e4:23:1b:cc:95:70:
a0:98:f6:ac:7c:a5:ae:fd:49:55:64:45:58:31:45:
c5:d1:21:af:39:d4:c1:ba:7c:fd:f9:a3:f1:c9:b6:
1b:2b:35:e7:be:af:d9:9c:6d:94:ba:43:c4:0c:61:
0f:e3:7a:1a:93:75:f5:fd:1c:57:ba:d8:bd:c9:6f:
e2:c1:24:31:93:3a:17:6e:3e:07:69:2c:5e:2a:21:
d5:95:68:23:95:0f:bd:d9:dd:f6:c8:92:8a:5c:87:
84:fb:bd:91:6b:ab:fa:d9:b4:41:00:39:12:3f:4d:
c4:6e:4e:df:b2:36:f6:91:b1:ea:92:9f:7d:8d:94:
56:b9:d5:cf:cc:d9:32:4a:f4:56:89:4e:f0:d0:d5:
ff:05:7f:50:d8:78:0f:78:da:65:6d:99:56:05:4d:
20:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:70:54:40:FE:CE:0E:BD:18:03:C7:D8:96:44:09:DA:D3:AF:E2:AB
X509v3 Authority Key Identifier:
keyid:42:3D:93:05:4F:06:3C:F8:A2:91:86:17:35:F9:00:59:AB:9E:C1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qj2TBU8GPPiikYYXNfkAWauewWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/OXBUQP7ODr0YA8fYlkQJ2tOv4qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0c2ec3-3844-4b5f-9f58-5f1b69048fe2/1/Qj2TBU8GPPiikYYXNfkAWauewWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:94c0::/32
Signature Algorithm: sha256WithRSAEncryption
57:4d:fa:20:36:2c:1a:f3:3b:20:5b:19:12:ea:30:6e:3e:92:
bc:23:a4:4d:f5:81:bf:82:b6:2a:ae:53:e8:cd:d1:ac:1f:54:
3d:4c:01:19:81:a6:a5:7e:9a:05:b0:be:e4:eb:51:18:63:b8:
55:6b:cc:2c:e4:0f:06:f4:88:39:fd:59:4a:19:aa:26:9e:eb:
dd:ca:7c:83:ac:99:29:b2:11:f1:43:79:24:dc:f1:f9:6c:66:
a7:5c:b6:e8:17:80:6b:be:30:38:c0:70:c1:5f:bd:f3:96:44:
e3:9e:5d:26:87:78:96:74:e8:df:de:12:c2:fa:40:8f:eb:dd:
e4:ed:b0:8c:14:49:b0:a2:ac:0f:0a:a7:42:fe:58:b1:16:50:
98:cd:ed:80:2d:67:0a:3d:7c:94:2f:6d:b5:6c:f6:13:17:97:
d6:71:8e:1c:cd:5b:22:5b:b3:4d:d0:1f:72:35:9c:53:44:3c:
4a:56:9a:e5:9f:d6:3e:6c:b9:be:50:f8:92:82:5b:a6:9f:5e:
21:1e:bd:23:c2:db:04:20:0b:6b:ef:4d:8b:a2:ea:7c:94:c3:
02:9b:e2:56:84:cd:1b:9a:34:98:38:25:57:8b:08:67:ed:95:
46:e2:fc:f1:c6:bb:50:16:62:e0:ed:b2:8e:83:a3:b0:c5:24:
ad:67:91:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvb+da7GqAW4wJTr9D0Yi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyM2Q5MzA1NGYwNjNjZjhhMjkxODYxNzM1ZjkwMDU5YWI5
ZWMxNjkwHhcNMjMwMTAxMjIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTcwNTQ0MGZlY2UwZWJkMTgwM2M3ZDg5NjQ0MDlkYWQzYWZlMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaGR2pppcOOlwhZri/OnDV++JNa8
cd7upbzOn6m8QdW77JGiSxLfLAgDx0YcSAEuO+obmVbhCnUht2srkYF1DTj1/aC6
Vaq50GOaN6HYBcgpevjcMcVJJ0xkApfCl8SMTSTkIxvMlXCgmPasfKWu/UlVZEVY
MUXF0SGvOdTBunz9+aPxybYbKzXnvq/ZnG2UukPEDGEP43oak3X1/RxXuti9yW/i
wSQxkzoXbj4HaSxeKiHVlWgjlQ+92d32yJKKXIeE+72Ra6v62bRBADkSP03Ebk7f
sjb2kbHqkp99jZRWudXPzNkySvRWiU7w0NX/BX9Q2HgPeNplbZlWBU0gzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDlwVED+zg69GAPH2JZECdrTr+KrMB8GA1UdIwQY
MBaAFEI9kwVPBjz4opGGFzX5AFmrnsFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgt
NWYxYjY5MDQ4ZmUyLzEvT1hCVVFQN09EcjBZQThmWWxrUUoydE92NHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wYzJlYzMtMzg0NC00YjVmLTlmNTgtNWYxYjY5MDQ4ZmUy
LzEvUWoyVEJVOEdQUGlpa1lZWE5ma0FXYXVld1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCUwDAN
BgkqhkiG9w0BAQsFAAOCAQEAV036IDYsGvM7IFsZEuowbj6SvCOkTfWBv4K2Kq5T
6M3RrB9UPUwBGYGmpX6aBbC+5OtRGGO4VWvMLOQPBvSIOf1ZShmqJp7r3cp8g6yZ
KbIR8UN5JNzx+Wxmp1y26BeAa74wOMBwwV+985ZE455dJod4lnTo394SwvpAj+vd
5O2wjBRJsKKsDwqnQv5YsRZQmM3tgC1nCj18lC9ttWz2ExeX1nGOHM1bIluzTdAf
cjWcU0Q8Slaa5Z/WPmy5vlD4koJbpp9eIR69I8LbBCALa+9Ni6LqfJTDApviVoTN
G5o0mDglV4sIZ+2VRuL88ca7UBZi4O2yjoOjsMUkrWeRHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:45 2024 by rpki-client on console-fra.rpki-client.org