Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/3LsQmGS-tE1uau5pjoxgSHN1GGI.roa
File: 3LsQmGS-tE1uau5pjoxgSHN1GGI.roa (raw, json)
Hash identifier: xeWl/hS5NJpp2+PGunwgOjtq6CWoAmC6GcDR7tw/F1U=
Subject key identifier: DC:BB:10:98:64:BE:B4:4D:6E:6A:EE:69:8E:8C:60:48:73:75:18:62
Certificate issuer: /CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Certificate serial: 018571FA07648273B5DDC3793B2919538970
Authority key identifier: EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/3LsQmGS-tE1uau5pjoxgSHN1GGI.roa
Signing time: Mon 02 Jan 2023 10:14:49 +0000
ROA not before: Mon 02 Jan 2023 10:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29442
IP address blocks: 2a02:cac0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:07:64:82:73:b5:dd:c3:79:3b:29:19:53:89:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecc8a1aad0205943a4572389bb74334e1ca28485
Validity
Not Before: Jan 2 10:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcbb109864beb44d6e6aee698e8c604873751862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:c2:d2:86:b5:5b:f7:1a:84:06:cd:8f:64:
14:04:1f:1a:73:6d:e4:35:fb:c9:3c:68:2f:be:c0:
85:ef:a1:89:69:96:0a:52:81:dd:1b:bb:25:19:d8:
18:a7:44:d6:fc:80:58:85:9a:9e:b8:c5:a7:e0:5f:
80:49:6e:95:d6:a0:0b:00:22:d1:cd:0f:81:ab:ae:
ac:c3:89:61:7a:cb:11:b3:19:ad:e5:ca:c6:3a:0a:
2f:bc:4b:70:15:13:21:df:0c:4b:36:39:54:f0:3f:
37:da:f3:bb:f5:b3:3a:aa:f6:44:48:03:ff:73:62:
83:9a:d5:9b:bd:a6:8b:b0:49:92:c0:5e:9b:16:94:
32:4a:98:ca:b8:74:89:1a:d9:8c:c2:28:f9:91:02:
05:41:b6:ff:75:1a:dd:d7:c2:b5:d2:fa:4c:4c:1d:
33:13:f8:99:ca:f2:99:9d:37:4b:d6:5d:75:ea:e3:
ca:c8:bb:5d:d7:98:0d:d0:cf:d5:20:41:bf:69:46:
54:e1:f7:4b:49:00:48:5b:3a:25:93:65:67:65:b3:
23:ae:a9:9b:d4:0a:b8:44:3d:0b:6e:4a:b9:85:e4:
65:46:a9:68:f4:29:98:fb:f6:35:cb:e3:82:a9:02:
44:19:88:46:56:50:08:05:31:b5:6c:c8:ee:48:05:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BB:10:98:64:BE:B4:4D:6E:6A:EE:69:8E:8C:60:48:73:75:18:62
X509v3 Authority Key Identifier:
keyid:EC:C8:A1:AA:D0:20:59:43:A4:57:23:89:BB:74:33:4E:1C:A2:84:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MihqtAgWUOkVyOJu3QzThyihIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/3LsQmGS-tE1uau5pjoxgSHN1GGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b3298b-9c5a-4e38-8131-4a68f235c388/1/7MihqtAgWUOkVyOJu3QzThyihIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
93:81:1d:df:d7:9e:b0:d3:ab:f9:25:4d:82:27:ec:d9:a6:a4:
46:0c:51:1f:fd:ad:7f:b3:d5:98:c2:93:e4:fc:0b:5d:c1:63:
1e:59:e8:80:92:6d:51:94:8c:8d:a0:58:88:02:57:54:e5:d8:
53:a8:0c:97:fc:23:aa:24:9a:de:e9:aa:b6:92:be:16:10:fb:
15:77:7f:23:1b:93:de:51:bf:8f:bc:d5:99:22:af:ad:bc:3c:
62:65:76:42:6a:52:15:45:9d:92:b3:ad:a7:51:a3:09:35:f9:
e1:0e:9d:aa:27:d4:9c:50:ae:09:7f:49:d6:8a:f8:2a:d3:92:
3b:d7:cc:c7:d8:90:3b:f3:dc:bf:1d:a6:0f:52:c5:61:b0:c8:
d2:68:08:76:0e:fa:35:54:6d:75:11:39:e4:b0:92:3f:74:b3:
08:40:b5:5f:e2:7c:e0:1f:cd:64:3b:42:d8:31:34:cf:65:0c:
c4:3d:9a:7e:91:7d:3b:9c:f7:08:1c:9f:65:ce:1c:9a:8a:0a:
a9:f4:d0:84:2e:9f:e7:4b:7f:f9:da:91:2a:25:42:71:9b:bf:
5a:ca:2c:15:21:af:3b:4d:e6:41:ff:57:ca:ed:95:4e:a2:97:
d6:f5:17:29:a2:9a:a5:a9:df:f0:92:56:b4:3b:ba:40:01:31:
bf:6f:88:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVx+gdkgnO13cN5OykZU4lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYzhhMWFhZDAyMDU5NDNhNDU3MjM4OWJiNzQzMzRlMWNh
Mjg0ODUwHhcNMjMwMTAyMTAxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2JiMTA5ODY0YmViNDRkNmU2YWVlNjk4ZThjNjA0ODczNzUxODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt/C0oa1W/cahAbNj2QUBB8ac23k
NfvJPGgvvsCF76GJaZYKUoHdG7slGdgYp0TW/IBYhZqeuMWn4F+ASW6V1qALACLR
zQ+Bq66sw4lhessRsxmt5crGOgovvEtwFRMh3wxLNjlU8D832vO79bM6qvZESAP/
c2KDmtWbvaaLsEmSwF6bFpQySpjKuHSJGtmMwij5kQIFQbb/dRrd18K10vpMTB0z
E/iZyvKZnTdL1l116uPKyLtd15gN0M/VIEG/aUZU4fdLSQBIWzolk2VnZbMjrqmb
1Aq4RD0Lbkq5heRlRqlo9CmY+/Y1y+OCqQJEGYhGVlAIBTG1bMjuSAUSZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNy7EJhkvrRNbmruaY6MYEhzdRhiMB8GA1UdIwQY
MBaAFOzIoarQIFlDpFcjibt0M04cooSFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEt
NGE2OGYyMzVjMzg4LzEvM0xzUW1HUy10RTF1YXU1cGpveGdTSE4xR0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iMzI5OGItOWM1YS00ZTM4LTgxMzEtNGE2OGYyMzVjMzg4
LzEvN01paHF0QWdXVU9rVnlPSnUzUXpUaHlpaElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAk4Ed39eesNOr+SVNgifs2aakRgxRH/2tf7PVmMKT
5PwLXcFjHlnogJJtUZSMjaBYiAJXVOXYU6gMl/wjqiSa3umqtpK+FhD7FXd/IxuT
3lG/j7zVmSKvrbw8YmV2QmpSFUWdkrOtp1GjCTX54Q6dqifUnFCuCX9J1or4KtOS
O9fMx9iQO/Pcvx2mD1LFYbDI0mgIdg76NVRtdRE55LCSP3SzCEC1X+J84B/NZDtC
2DE0z2UMxD2afpF9O5z3CByfZc4cmooKqfTQhC6f50t/+dqRKiVCcZu/WsosFSGv
O03mQf9Xyu2VTqKX1vUXKaKapanf8JJWtDu6QAExv2+IUA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:39 2024 by rpki-client on console-fra.rpki-client.org