Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/eOp2Pjj5XwqgpO2p0_bwBrybJwI.roa
File: eOp2Pjj5XwqgpO2p0_bwBrybJwI.roa (raw, json)
Hash identifier: syiR53oaWBaBDRRMlE//nZrpJxwbQ9sfFkhvM0E+Wic=
Subject key identifier: 78:EA:76:3E:38:F9:5F:0A:A0:A4:ED:A9:D3:F6:F0:06:BC:9B:27:02
Certificate issuer: /CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Certificate serial: 01856F4B873CA373B963D88F64416245EA0C
Authority key identifier: 3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/eOp2Pjj5XwqgpO2p0_bwBrybJwI.roa
Signing time: Sun 01 Jan 2023 21:44:58 +0000
ROA not before: Sun 01 Jan 2023 21:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 2a11:1680:21::/48 maxlen: 48
2a11:1680:11::/48 maxlen: 48
2a11:1680:19::/48 maxlen: 48
2a11:1680:12::/48 maxlen: 48
2a11:1680:22::/48 maxlen: 48
2a11:1680:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Mar 2023 09:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:87:3c:a3:73:b9:63:d8:8f:64:41:62:45:ea:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Validity
Not Before: Jan 1 21:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78ea763e38f95f0aa0a4eda9d3f6f006bc9b2702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ca:a5:0b:fe:96:2d:de:d4:ef:f8:35:a8:25:
7a:28:70:0c:0a:4e:a9:85:94:1d:73:32:b9:08:ac:
35:31:62:4f:b9:8a:70:df:06:e1:62:67:90:7a:25:
13:4a:8b:44:9c:43:6f:e3:62:b1:bc:a7:68:72:df:
00:cb:81:b5:ce:37:12:bd:57:17:f6:5a:76:16:b5:
66:82:89:65:77:70:f4:f7:84:96:40:3e:55:f4:1b:
a2:45:ca:c1:ea:31:6a:fd:54:63:90:a1:a2:76:6a:
eb:0f:99:5a:5f:8b:c4:8c:92:39:c7:a4:bb:4f:56:
d9:0c:57:35:ee:93:6f:2c:4f:4c:2d:4a:f2:91:f9:
c3:c9:cd:c9:1e:0c:7b:82:05:06:c4:f9:6b:27:8b:
4b:6c:26:fb:ce:35:04:70:08:ff:33:98:06:dc:29:
b3:a2:27:ac:09:76:60:54:fe:26:d9:d1:89:2f:14:
c7:1a:0b:34:79:98:38:94:b7:ff:e6:34:fb:3d:ea:
aa:9d:e0:43:ce:dd:fe:2a:ae:90:43:aa:57:6a:05:
cf:8a:de:9b:c1:5b:fa:8b:98:57:42:d3:75:71:cd:
43:b6:ca:65:31:15:50:0f:01:1d:ee:8f:a6:58:20:
7c:c5:8d:5d:e8:f9:f3:31:af:42:8f:b5:2d:b3:ea:
4e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EA:76:3E:38:F9:5F:0A:A0:A4:ED:A9:D3:F6:F0:06:BC:9B:27:02
X509v3 Authority Key Identifier:
keyid:3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/eOp2Pjj5XwqgpO2p0_bwBrybJwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1680:11::-2a11:1680:12:ffff:ffff:ffff:ffff:ffff
2a11:1680:19::/48
2a11:1680:20::-2a11:1680:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:06:5a:c4:db:f7:a7:91:9b:28:8d:44:f6:a7:e8:4e:b9:50:
aa:7e:67:bb:12:cd:c8:7d:08:7a:0e:f6:a2:9b:f4:b4:1a:a7:
35:8c:c9:ed:58:c1:8b:50:c8:5b:7a:a9:41:c5:c8:64:7b:7d:
82:83:98:93:ec:e5:8b:d6:5c:98:b1:2b:aa:43:cb:b1:ec:97:
60:c6:21:f4:54:9e:78:c4:bd:32:e6:c5:6c:ca:9b:bb:a4:8d:
fd:3e:52:66:e8:95:c1:0c:34:98:81:a5:56:7a:79:2a:d4:99:
f1:d7:0e:0d:42:4c:1f:dc:3b:42:a3:1e:59:fb:94:4c:2b:c8:
3e:c5:8f:c2:f5:cd:97:c3:88:8e:19:1a:8b:75:5c:49:b0:0b:
d9:ab:73:a1:c0:83:6f:9b:b0:0e:15:81:a3:a8:1d:72:97:be:
29:fa:e4:e5:c2:45:11:57:8b:09:82:d2:af:94:4c:13:0f:87:
c3:c6:3f:58:6e:75:12:a3:7f:1d:3f:67:8a:f7:63:a4:85:cf:
fb:6e:68:8b:75:ad:53:01:28:0e:66:0f:e4:13:11:12:99:71:
77:5d:8b:52:be:14:68:e5:bb:b8:2e:13:12:11:8e:ce:ed:51:
30:71:6d:81:b7:1e:fa:51:1d:0d:90:38:78:93:a7:c0:a0:3f:
c2:3b:d0:b0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVvS4c8o3O5Y9iPZEFiReoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTJiYzA0NWFiOWNjOWYwMTdlOGJmN2ZmZTQyM2RhODA0
YTYxNGYwHhcNMjMwMTAxMjE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGVhNzYzZTM4Zjk1ZjBhYTBhNGVkYTlkM2Y2ZjAwNmJjOWIyNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisqlC/6WLd7U7/g1qCV6KHAMCk6p
hZQdczK5CKw1MWJPuYpw3wbhYmeQeiUTSotEnENv42KxvKdoct8Ay4G1zjcSvVcX
9lp2FrVmgolld3D094SWQD5V9BuiRcrB6jFq/VRjkKGidmrrD5laX4vEjJI5x6S7
T1bZDFc17pNvLE9MLUrykfnDyc3JHgx7ggUGxPlrJ4tLbCb7zjUEcAj/M5gG3Cmz
oiesCXZgVP4m2dGJLxTHGgs0eZg4lLf/5jT7PeqqneBDzt3+Kq6QQ6pXagXPit6b
wVv6i5hXQtN1cc1DtsplMRVQDwEd7o+mWCB8xY1d6PnzMa9Cj7Uts+pOxwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHjqdj44+V8KoKTtqdP28Aa8mycCMB8GA1UdIwQY
MBaAFD2SvARaucyfAX6L9//kI9qASmFPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgt
M2UzODEyZmZhMTQ3LzEvZU9wMlBqajVYd3FncE8ycDBfYndCcnliSndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgtM2UzODEyZmZhMTQ3
LzEvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwAqERaA
ABEDBwAqERaAABIDBwAqERaAABkwEgMHBSoRFoAAIAMHACoRFoAAIjANBgkqhkiG
9w0BAQsFAAOCAQEAXAZaxNv3p5GbKI1E9qfoTrlQqn5nuxLNyH0Ieg72opv0tBqn
NYzJ7VjBi1DIW3qpQcXIZHt9goOYk+zli9ZcmLErqkPLseyXYMYh9FSeeMS9MubF
bMqbu6SN/T5SZuiVwQw0mIGlVnp5KtSZ8dcODUJMH9w7QqMeWfuUTCvIPsWPwvXN
l8OIjhkai3VcSbAL2atzocCDb5uwDhWBo6gdcpe+Kfrk5cJFEVeLCYLSr5RMEw+H
w8Y/WG51EqN/HT9nivdjpIXP+25oi3WtUwEoDmYP5BMREplxd12LUr4UaOW7uC4T
EhGOzu1RMHFtgbce+lEdDZA4eJOnwKA/wjvQsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:07 2024 by rpki-client on console-fra.rpki-client.org