Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k2gHZOQu_UVsttDtdie66POVvr4.roa
File: k2gHZOQu_UVsttDtdie66POVvr4.roa (raw, json)
Hash identifier: a1ADuEk68X3/NFcsSII6lUBdDpmnWmMzQ4b4H8xJYxA=
Subject key identifier: 93:68:07:64:E4:2E:FD:45:6C:B6:D0:ED:76:27:BA:E8:F3:95:BE:BE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0189729D7031EEFCC493A02699600C29F661
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k2gHZOQu_UVsttDtdie66POVvr4.roa
Signing time: Thu 20 Jul 2023 09:24:27 +0000
ROA not before: Thu 20 Jul 2023 09:24:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 2a0b:64c2::/32 maxlen: 32
2a0b:64c3::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 22 Aug 2023 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:9d:70:31:ee:fc:c4:93:a0:26:99:60:0c:29:f6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 20 09:24:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93680764e42efd456cb6d0ed7627bae8f395bebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:02:36:9d:a3:e4:d9:0a:42:43:84:89:1b:
5e:be:be:04:69:35:94:3d:5b:fe:59:85:df:ed:8a:
f3:ba:46:23:26:38:9e:f2:85:6d:7e:d2:6c:ab:a9:
6a:15:40:3c:0b:6f:32:73:12:7a:37:f5:c5:36:7b:
5e:9c:b0:2a:6a:b2:d3:c1:fb:37:0a:a8:cf:d8:df:
b2:bd:65:51:bf:09:dd:aa:b2:6d:c0:5b:d9:b4:13:
79:44:6c:4c:a7:6c:26:2b:1b:cf:f9:df:d3:1f:93:
0b:2f:9c:8b:85:b1:dc:83:19:83:a9:a3:b3:82:12:
c9:c9:59:75:0b:b5:11:df:2e:92:18:d7:a2:7c:89:
34:16:ac:b3:e5:9f:b4:7e:1d:39:bf:0f:58:d0:da:
ce:a8:44:52:cd:b9:99:3f:b3:d1:fc:4d:72:38:8d:
70:25:22:28:fe:9b:fc:db:07:4a:9f:04:a7:f2:52:
46:69:ec:4e:8d:8b:cb:45:4a:7e:13:d6:3b:48:96:
2b:b0:93:d8:8f:46:5b:88:f0:22:71:a9:50:6c:ec:
da:59:f3:9f:01:9d:0c:8e:37:58:4d:92:69:78:95:
13:b5:9b:6d:f6:ed:18:6d:0e:0f:85:2c:60:3e:69:
bb:70:2d:94:7f:8d:1a:8f:a9:c3:a5:ef:7a:e6:b2:
7a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:68:07:64:E4:2E:FD:45:6C:B6:D0:ED:76:27:BA:E8:F3:95:BE:BE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/k2gHZOQu_UVsttDtdie66POVvr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:64c2::/31
Signature Algorithm: sha256WithRSAEncryption
7b:87:5f:b7:df:f2:7b:f6:ef:e2:65:45:c7:db:e3:d7:ea:c9:
8f:25:7e:eb:0b:d0:bb:87:ae:4e:dc:a4:1f:74:c4:df:d7:37:
6d:8a:ac:8d:e8:0b:9c:3b:f9:47:69:4a:95:6c:b1:45:26:73:
a3:4c:00:e8:70:d1:26:b7:9a:27:31:e0:88:40:26:58:01:ca:
39:df:dc:61:d8:31:55:a0:f3:ee:28:67:d5:da:ed:d9:73:c4:
c2:70:50:a9:78:3a:01:bc:b2:52:7e:55:58:9e:72:c0:ed:24:
d3:b4:2f:3c:4c:83:9e:e3:bd:88:d7:4d:58:f5:d0:61:7d:63:
3d:ce:8a:48:af:b8:41:be:ce:40:d5:55:29:40:65:81:69:bf:
87:0a:48:cb:77:cb:db:6a:66:98:67:dd:dc:b4:df:20:aa:f2:
d1:c0:50:33:f4:9d:96:7a:08:4b:d8:5e:4f:de:76:d9:ee:3b:
83:b9:02:1d:38:cd:da:9d:73:f6:c6:60:fe:18:72:bf:12:f8:
42:ce:55:11:a5:69:b2:a7:65:28:fa:64:a8:43:cb:d0:30:60:
f7:71:bf:ae:9f:07:ab:10:6f:aa:42:58:04:63:80:c6:fe:c7:
b9:ac:66:54:fa:a5:67:55:42:ce:cf:81:cc:6f:c6:46:29:cd:
ca:e9:f6:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYlynXAx7vzEk6AmmWAMKfZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzIwMDkyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY4MDc2NGU0MmVmZDQ1NmNiNmQwZWQ3NjI3YmFlOGYzOTViZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSwCNp2j5NkKQkOEiRtevr4EaTWU
PVv+WYXf7YrzukYjJjie8oVtftJsq6lqFUA8C28ycxJ6N/XFNntenLAqarLTwfs3
CqjP2N+yvWVRvwndqrJtwFvZtBN5RGxMp2wmKxvP+d/TH5MLL5yLhbHcgxmDqaOz
ghLJyVl1C7UR3y6SGNeifIk0Fqyz5Z+0fh05vw9Y0NrOqERSzbmZP7PR/E1yOI1w
JSIo/pv82wdKnwSn8lJGaexOjYvLRUp+E9Y7SJYrsJPYj0ZbiPAicalQbOzaWfOf
AZ0MjjdYTZJpeJUTtZtt9u0YbQ4PhSxgPmm7cC2Uf40aj6nDpe965rJ6owIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJNoB2TkLv1FbLbQ7XYnuujzlb6+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvazJnSFpPUXVfVVZzdHREdGRpZTY2UE9WdnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgtkwjAN
BgkqhkiG9w0BAQsFAAOCAQEAe4dft9/ye/bv4mVFx9vj1+rJjyV+6wvQu4euTtyk
H3TE39c3bYqsjegLnDv5R2lKlWyxRSZzo0wA6HDRJreaJzHgiEAmWAHKOd/cYdgx
VaDz7ihn1drt2XPEwnBQqXg6AbyyUn5VWJ5ywO0k07QvPEyDnuO9iNdNWPXQYX1j
Pc6KSK+4Qb7OQNVVKUBlgWm/hwpIy3fL22pmmGfd3LTfIKry0cBQM/SdlnoIS9he
T9522e47g7kCHTjN2p1z9sZg/hhyvxL4Qs5VEaVpsqdlKPpkqEPL0DBg93G/rp8H
qxBvqkJYBGOAxv7HuaxmVPqlZ1VCzs+BzG/GRinNyun2SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org