Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/oI9qQd4fd-osocuYE4tQy3YfvZE.roa
File: oI9qQd4fd-osocuYE4tQy3YfvZE.roa (raw, json)
Hash identifier: 48iYDjY0X53z/jcnl0A7Ao02za3ZelwSH5C3no9cDFI=
Subject key identifier: A0:8F:6A:41:DE:1F:77:EA:2C:A1:CB:98:13:8B:50:CB:76:1F:BD:91
Certificate issuer: /CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Certificate serial: 0190A69B7A218A9A0420F2304301915980C9
Authority key identifier: 2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/oI9qQd4fd-osocuYE4tQy3YfvZE.roa
Signing time: Fri 12 Jul 2024 11:02:05 +0000
ROA not before: Fri 12 Jul 2024 11:02:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201565
IP address blocks: 2a03:820:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 05 Aug 2024 10:39:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:9b:7a:21:8a:9a:04:20:f2:30:43:01:91:59:80:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Validity
Not Before: Jul 12 11:02:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a08f6a41de1f77ea2ca1cb98138b50cb761fbd91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:68:ec:98:0f:85:e0:76:11:f7:c5:b6:f3:52:
ca:c6:8e:11:6a:22:33:45:aa:bd:b5:50:ef:43:9a:
54:3d:84:23:af:f9:fe:59:31:94:b5:84:d2:10:67:
99:b6:a0:21:3e:32:1f:89:d7:53:52:e6:32:a3:3a:
e0:fd:9e:38:5d:2e:7c:25:3f:87:96:5d:42:69:26:
b5:59:08:44:f8:eb:c7:0c:89:b4:b3:47:06:a8:2e:
c4:81:77:a0:1b:52:37:9b:63:e1:04:ca:74:a9:22:
e6:25:32:eb:75:4b:3d:af:cb:2c:c2:b2:c6:0b:4b:
ab:32:bd:67:ed:56:60:5e:aa:73:91:61:89:39:a4:
23:b8:d2:25:a0:1f:53:2c:a6:6f:e7:5f:e2:92:a3:
e1:9c:7a:ba:b1:e1:5c:4a:de:02:71:76:30:5c:1b:
1e:72:fd:c0:d2:f4:7b:56:36:b8:6f:40:1e:a0:08:
08:ff:43:b9:8e:8e:2f:1f:44:ee:3f:eb:c6:86:d9:
fe:8c:29:d0:85:a3:85:5f:9d:21:91:d9:50:ad:b3:
43:f4:79:97:73:2a:0c:79:12:10:6a:90:e6:53:a9:
a9:af:0a:09:df:6b:da:99:4d:f6:1b:ee:a0:ee:32:
6f:06:83:42:2c:0f:e2:76:f6:5e:44:31:0d:06:8e:
2d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8F:6A:41:DE:1F:77:EA:2C:A1:CB:98:13:8B:50:CB:76:1F:BD:91
X509v3 Authority Key Identifier:
keyid:2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/oI9qQd4fd-osocuYE4tQy3YfvZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:820:4000::/36
Signature Algorithm: sha256WithRSAEncryption
7e:7d:a9:3d:16:75:de:e2:66:f2:53:b4:a0:07:8a:03:a8:e4:
17:0d:f3:0a:22:76:ce:e6:3b:f1:61:be:72:d8:4e:56:ed:b2:
60:bb:8c:8b:24:9b:c9:3e:8e:02:9f:f6:f6:3b:7d:14:e9:69:
74:37:30:bd:39:92:3a:1a:c0:51:2e:b0:eb:f1:0c:91:1f:be:
a8:fc:89:33:8d:5a:67:b5:0f:37:14:42:ac:44:90:5e:cd:f6:
65:dd:82:f2:03:34:95:58:c3:86:99:8e:c5:17:a6:03:d1:c8:
b4:55:c8:63:1f:82:7a:fd:5f:55:e4:6d:91:bc:7a:52:1b:f6:
cf:4a:f4:d4:3e:b0:46:05:e6:22:6c:46:de:95:a8:35:ff:c6:
71:37:1e:5c:69:31:74:bc:53:e7:9b:87:f8:9d:ce:f3:55:c2:
c6:9f:6c:12:03:a6:8b:a3:d5:9b:7a:b0:9f:7c:e9:66:12:32:
86:57:de:08:80:f2:02:18:53:12:f0:4f:6e:61:2c:fd:5b:99:
07:bb:15:6f:26:6e:3a:a5:a7:71:d2:dc:29:47:7e:b0:65:09:
d1:e1:5a:31:99:3c:a3:2d:ee:93:93:8a:a8:34:e6:fe:8f:b0:
c3:13:07:b4:f5:8b:1b:df:f4:06:7e:94:7d:07:87:59:e1:21:
d6:6a:ff:bf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZCmm3ohipoEIPIwQwGRWYDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzY3Yzc5NDlmYTBmNmNmMDVhMjEwMjdlNzViODQ2MTJk
YzEzYjAwHhcNMjQwNzEyMTEwMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhmNmE0MWRlMWY3N2VhMmNhMWNiOTgxMzhiNTBjYjc2MWZiZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mjsmA+F4HYR98W281LKxo4RaiIz
Raq9tVDvQ5pUPYQjr/n+WTGUtYTSEGeZtqAhPjIfiddTUuYyozrg/Z44XS58JT+H
ll1CaSa1WQhE+OvHDIm0s0cGqC7EgXegG1I3m2PhBMp0qSLmJTLrdUs9r8sswrLG
C0urMr1n7VZgXqpzkWGJOaQjuNIloB9TLKZv51/ikqPhnHq6seFcSt4CcXYwXBse
cv3A0vR7Vja4b0AeoAgI/0O5jo4vH0TuP+vGhtn+jCnQhaOFX50hkdlQrbND9HmX
cyoMeRIQapDmU6mprwoJ32vamU32G+6g7jJvBoNCLA/idvZeRDENBo4t9wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKCPakHeH3fqLKHLmBOLUMt2H72RMB8GA1UdIwQY
MBaAFC82fHlJ+g9s8FohAn51uEYS3BOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgt
N2NlNzMyMjY3MWViLzEvb0k5cVFkNGZkLW9zb2N1WUU0dFF5M1lmdlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgtN2NlNzMyMjY3MWVi
LzEvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgMIIEAw
DQYJKoZIhvcNAQELBQADggEBAH59qT0Wdd7iZvJTtKAHigOo5BcN8woids7mO/Fh
vnLYTlbtsmC7jIskm8k+jgKf9vY7fRTpaXQ3ML05kjoawFEusOvxDJEfvqj8iTON
Wme1DzcUQqxEkF7N9mXdgvIDNJVYw4aZjsUXpgPRyLRVyGMfgnr9X1XkbZG8elIb
9s9K9NQ+sEYF5iJsRt6VqDX/xnE3HlxpMXS8U+ebh/idzvNVwsafbBIDpouj1Zt6
sJ986WYSMoZX3giA8gIYUxLwT25hLP1bmQe7FW8mbjqlp3HS3ClHfrBlCdHhWjGZ
PKMt7pOTiqg05v6PsMMTB7T1ixvf9AZ+lH0Hh1nhIdZq/78=
-----END CERTIFICATE-----
Generated at Mon Aug 5 13:06:55 2024 by rpki-client on console-fra.rpki-client.org