Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/OqjO8s3YnyPoGE93LsBG7gdUxDU.roa
File: OqjO8s3YnyPoGE93LsBG7gdUxDU.roa (raw, json)
Hash identifier: CANoMQLKvLDmjwEZLI0g0YUKnEkLci1YGbLLPYMca54=
Subject key identifier: 3A:A8:CE:F2:CD:D8:9F:23:E8:18:4F:77:2E:C0:46:EE:07:54:C4:35
Certificate issuer: /CN=93ef2e433d00a253c99a45048507944385457cf0
Certificate serial: 01860C7E5ACFDE71A43D25552DF83EF92240
Authority key identifier: 93:EF:2E:43:3D:00:A2:53:C9:9A:45:04:85:07:94:43:85:45:7C:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-8uQz0AolPJmkUEhQeUQ4VFfPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/OqjO8s3YnyPoGE93LsBG7gdUxDU.roa
Signing time: Wed 01 Feb 2023 10:20:52 +0000
ROA not before: Wed 01 Feb 2023 10:20:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202550
IP address blocks: 2a0f:9780::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:7e:5a:cf:de:71:a4:3d:25:55:2d:f8:3e:f9:22:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93ef2e433d00a253c99a45048507944385457cf0
Validity
Not Before: Feb 1 10:20:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aa8cef2cdd89f23e8184f772ec046ee0754c435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:45:23:8a:c6:11:88:f8:a1:4f:8c:b5:fd:03:
10:26:53:27:78:a4:5e:7e:1b:8d:72:57:67:56:84:
6e:bc:e3:f0:78:86:eb:0a:94:2a:4a:51:2e:74:b0:
e6:83:98:ac:86:ff:f0:05:ae:00:21:4b:48:a0:2a:
2c:5b:4b:73:d8:fc:00:aa:bb:53:61:9a:37:aa:0b:
5a:5c:42:3b:47:78:5e:7f:93:b0:d4:ac:e3:df:fe:
8f:a5:7f:b4:7a:a9:ac:57:bd:ae:1c:83:a1:ff:bd:
db:7e:aa:90:04:45:a2:71:a1:79:b6:0a:f9:bd:9e:
25:e2:03:a6:3d:f2:10:84:77:da:23:25:7a:7b:60:
7c:87:ba:e7:95:4a:64:ef:29:22:a1:76:31:04:ef:
5c:17:15:25:70:08:40:1a:3f:65:fe:3d:c4:be:41:
fa:20:f3:08:81:93:22:2c:22:73:68:dc:60:1e:9f:
b8:68:1e:ac:5d:82:06:65:c2:34:9a:dc:b4:88:86:
0c:f0:21:81:ff:69:ce:6a:46:2e:f5:18:bf:b9:89:
5b:47:dc:b7:36:a4:20:73:5e:96:48:61:31:70:10:
0b:14:5b:8b:b1:2a:42:e2:99:3a:bd:90:30:6b:39:
2b:8d:a1:9f:a2:71:49:39:67:18:48:17:80:88:a2:
50:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A8:CE:F2:CD:D8:9F:23:E8:18:4F:77:2E:C0:46:EE:07:54:C4:35
X509v3 Authority Key Identifier:
keyid:93:EF:2E:43:3D:00:A2:53:C9:9A:45:04:85:07:94:43:85:45:7C:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-8uQz0AolPJmkUEhQeUQ4VFfPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/OqjO8s3YnyPoGE93LsBG7gdUxDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0cb06b-1518-4de0-a699-ffbd4c6c1112/1/k-8uQz0AolPJmkUEhQeUQ4VFfPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9780::/29
Signature Algorithm: sha256WithRSAEncryption
0d:43:f9:c5:61:80:dd:6d:46:63:c9:75:55:a6:74:7e:17:ef:
15:62:56:5a:80:59:ee:c1:7c:cd:9f:36:e1:7a:5f:41:75:77:
bf:11:74:25:e8:aa:cc:d5:5f:52:98:f8:0d:e9:65:a9:3f:37:
c7:c7:ca:df:37:13:96:34:0b:d2:2f:b4:ba:af:22:cb:9f:b8:
46:73:29:ab:51:74:c9:92:2f:4a:62:f6:8e:cb:96:3e:76:bc:
f5:95:ee:40:d0:4e:af:d5:f7:ce:f6:2b:c0:28:b0:8c:f0:05:
66:47:28:3b:17:f9:a0:0d:db:e9:80:1d:1e:1b:10:4e:52:6f:
bb:e7:a2:2e:a9:01:c8:1a:d0:dc:ce:f5:c3:a0:0e:bb:90:2f:
89:6a:7d:82:44:e0:70:5c:64:a3:66:c1:c1:7a:52:52:f0:0c:
10:f4:aa:3d:7e:6e:7a:a1:0d:44:fe:55:69:f5:22:e2:e1:42:
de:0b:43:93:bd:f9:44:a5:59:33:76:3e:86:c4:06:9d:85:18:
93:a4:74:e4:08:2d:37:04:43:a7:ff:21:63:57:ad:1b:44:2d:
a3:0f:3f:58:38:87:63:cf:63:fc:58:57:19:68:52:91:20:7b:
d7:42:65:52:d0:f4:d0:c8:2d:57:e6:84:ef:2f:54:56:9f:b4:
5e:f4:f1:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYMflrP3nGkPSVVLfg++SJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWYyZTQzM2QwMGEyNTNjOTlhNDUwNDg1MDc5NDQzODU0
NTdjZjAwHhcNMjMwMjAxMTAyMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWE4Y2VmMmNkZDg5ZjIzZTgxODRmNzcyZWMwNDZlZTA3NTRjNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkUjisYRiPihT4y1/QMQJlMneKRe
fhuNcldnVoRuvOPweIbrCpQqSlEudLDmg5ishv/wBa4AIUtIoCosW0tz2PwAqrtT
YZo3qgtaXEI7R3hef5Ow1Kzj3/6PpX+0eqmsV72uHIOh/73bfqqQBEWicaF5tgr5
vZ4l4gOmPfIQhHfaIyV6e2B8h7rnlUpk7ykioXYxBO9cFxUlcAhAGj9l/j3EvkH6
IPMIgZMiLCJzaNxgHp+4aB6sXYIGZcI0mty0iIYM8CGB/2nOakYu9Ri/uYlbR9y3
NqQgc16WSGExcBALFFuLsSpC4pk6vZAwazkrjaGfonFJOWcYSBeAiKJQswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDqozvLN2J8j6BhPdy7ARu4HVMQ1MB8GA1UdIwQY
MBaAFJPvLkM9AKJTyZpFBIUHlEOFRXzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay04dVF6MEFvbFBKbWtVRWhRZVVRNFZGZlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wY2IwNmItMTUxOC00ZGUwLWE2OTkt
ZmZiZDRjNmMxMTEyLzEvT3FqTzhzM1lueVBvR0U5M0xzQkc3Z2RVeERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wY2IwNmItMTUxOC00ZGUwLWE2OTktZmZiZDRjNmMxMTEy
LzEvay04dVF6MEFvbFBKbWtVRWhRZVVRNFZGZlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+XgDAN
BgkqhkiG9w0BAQsFAAOCAQEADUP5xWGA3W1GY8l1VaZ0fhfvFWJWWoBZ7sF8zZ82
4XpfQXV3vxF0JeiqzNVfUpj4DellqT83x8fK3zcTljQL0i+0uq8iy5+4RnMpq1F0
yZIvSmL2jsuWPna89ZXuQNBOr9X3zvYrwCiwjPAFZkcoOxf5oA3b6YAdHhsQTlJv
u+eiLqkByBrQ3M71w6AOu5AviWp9gkTgcFxko2bBwXpSUvAMEPSqPX5ueqENRP5V
afUi4uFC3gtDk735RKVZM3Y+hsQGnYUYk6R05AgtNwRDp/8hY1etG0Qtow8/WDiH
Y89j/FhXGWhSkSB710JlUtD00MgtV+aE7y9UVp+0XvTxsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:45 2024 by rpki-client on console-fra.rpki-client.org