Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/O_tzx8et4gDYhbRJGkOLjkEb4bk.roa
File: O_tzx8et4gDYhbRJGkOLjkEb4bk.roa (raw, json)
Hash identifier: jmjSqGnThn8RhujVaJ4q4JZ921O02ED3SDcMdWacIA4=
Subject key identifier: 3B:FB:73:C7:C7:AD:E2:00:D8:85:B4:49:1A:43:8B:8E:41:1B:E1:B9
Certificate issuer: /CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Certificate serial: 018CC56EDC8BC2181B9D3F0F7398DF6EEA59
Authority key identifier: 92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/O_tzx8et4gDYhbRJGkOLjkEb4bk.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136468
IP address blocks: 2a00:edc0:136::/48 maxlen: 48
2a00:edc0:137::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 17:34:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:dc:8b:c2:18:1b:9d:3f:0f:73:98:df:6e:ea:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92319bcd9b09a984b070e2ef588ffcfa8b73c8a2
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bfb73c7c7ade200d885b4491a438b8e411be1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b7:28:cf:a1:f4:97:9b:18:7b:b6:12:16:62:
4e:ef:be:e5:de:f5:e2:cd:ca:27:79:ae:53:02:6e:
09:56:d2:99:3b:4b:f5:f3:ed:b5:d7:8c:83:05:14:
8b:21:7c:81:02:86:4d:17:ca:33:48:8f:c2:0b:b3:
65:d9:fc:85:e4:1e:78:88:71:66:21:68:8b:54:57:
bb:27:9e:4e:9a:25:31:c0:b6:ed:1d:26:36:de:b5:
6f:11:b8:b2:33:fc:5d:52:84:78:fb:73:c5:47:e2:
1a:0d:3e:26:af:6b:7a:4c:05:55:2f:dc:5e:ea:3b:
fc:98:29:94:4f:00:94:53:f7:6b:ee:67:b6:f9:36:
ad:9b:58:f8:3d:7e:0b:9e:ab:8a:be:fd:9c:03:24:
e7:80:2a:14:6e:70:f9:1b:3c:89:8c:df:c3:1d:78:
11:5e:73:88:e8:33:04:90:6c:55:50:10:41:83:33:
95:97:8e:b3:c2:63:93:db:1b:18:fb:00:70:80:90:
83:7a:66:40:d5:93:0d:ff:b9:e0:6a:e2:99:b1:08:
56:05:e5:fc:32:d6:d0:77:d5:b2:4b:6b:cd:47:4d:
74:cd:b7:d4:34:61:f8:4f:2b:a1:78:fa:f7:ac:47:
be:62:07:b6:17:7b:18:95:03:3a:49:ea:eb:3c:4b:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FB:73:C7:C7:AD:E2:00:D8:85:B4:49:1A:43:8B:8E:41:1B:E1:B9
X509v3 Authority Key Identifier:
keyid:92:31:9B:CD:9B:09:A9:84:B0:70:E2:EF:58:8F:FC:FA:8B:73:C8:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjGbzZsJqYSwcOLvWI_8-otzyKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/O_tzx8et4gDYhbRJGkOLjkEb4bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b2b2c6-35ee-42f5-a268-cdbebbc652de/1/kjGbzZsJqYSwcOLvWI_8-otzyKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:edc0:136::/47
Signature Algorithm: sha256WithRSAEncryption
50:47:88:70:07:b1:11:4a:f7:d6:21:7e:4e:b0:b3:98:5b:d1:
0e:27:8b:0a:e6:42:6f:3e:b1:31:f9:2e:a0:df:20:5c:ac:74:
43:c2:55:8c:14:84:51:07:76:e7:92:05:a0:48:83:d9:05:bd:
05:df:83:5f:42:0c:73:92:47:b5:8c:14:9a:42:43:2a:95:f6:
cf:36:5d:3f:e9:93:c9:bc:3c:40:61:c6:30:81:a4:1e:53:b1:
74:f9:28:1b:04:5c:a1:02:96:8c:71:a0:f2:9f:0f:15:4c:12:
78:f6:2c:ef:bf:7d:b1:64:82:74:d6:c4:57:73:c0:74:4d:32:
b2:20:b3:8a:fd:e8:40:ae:ee:91:52:4f:df:c8:06:89:92:6f:
01:c2:6c:f9:c3:7e:df:b3:ab:e6:ac:4f:aa:43:1c:39:29:7c:
cf:ca:b5:52:2b:e4:45:8c:31:2f:1c:90:af:60:6f:85:e5:58:
1a:63:55:bc:11:e8:a5:b2:fb:76:35:70:0c:dd:eb:cc:62:3e:
15:74:63:cb:b4:ee:fc:af:cd:e6:56:c5:8d:bc:04:78:9b:5e:
d1:4e:62:68:5e:cb:db:a0:1a:02:39:32:7e:7e:84:0d:bf:30:
e2:15:5f:93:c9:ef:79:fd:99:19:29:d0:1b:a9:bf:c3:3d:5d:
1a:be:c4:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbtyLwhgbnT8Pc5jfbupZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzE5YmNkOWIwOWE5ODRiMDcwZTJlZjU4OGZmY2ZhOGI3
M2M4YTIwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZiNzNjN2M3YWRlMjAwZDg4NWI0NDkxYTQzOGI4ZTQxMWJlMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrcoz6H0l5sYe7YSFmJO777l3vXi
zconea5TAm4JVtKZO0v18+2114yDBRSLIXyBAoZNF8ozSI/CC7Nl2fyF5B54iHFm
IWiLVFe7J55OmiUxwLbtHSY23rVvEbiyM/xdUoR4+3PFR+IaDT4mr2t6TAVVL9xe
6jv8mCmUTwCUU/dr7me2+Tatm1j4PX4LnquKvv2cAyTngCoUbnD5GzyJjN/DHXgR
XnOI6DMEkGxVUBBBgzOVl46zwmOT2xsY+wBwgJCDemZA1ZMN/7ngauKZsQhWBeX8
MtbQd9WyS2vNR010zbfUNGH4TyuhePr3rEe+Yge2F3sYlQM6SerrPEuLSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDv7c8fHreIA2IW0SRpDi45BG+G5MB8GA1UdIwQY
MBaAFJIxm82bCamEsHDi71iP/PqLc8iiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pHYnpac0pxWVN3Y09MdldJXzgtb3R6eUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iMmIyYzYtMzVlZS00MmY1LWEyNjgt
Y2RiZWJiYzY1MmRlLzEvT190eng4ZXQ0Z0RZaGJSSkdrT0xqa0ViNGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iMmIyYzYtMzVlZS00MmY1LWEyNjgtY2RiZWJiYzY1MmRl
LzEva2pHYnpac0pxWVN3Y09MdldJXzgtb3R6eUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgDtwAE2
MA0GCSqGSIb3DQEBCwUAA4IBAQBQR4hwB7ERSvfWIX5OsLOYW9EOJ4sK5kJvPrEx
+S6g3yBcrHRDwlWMFIRRB3bnkgWgSIPZBb0F34NfQgxzkke1jBSaQkMqlfbPNl0/
6ZPJvDxAYcYwgaQeU7F0+SgbBFyhApaMcaDynw8VTBJ49izvv32xZIJ01sRXc8B0
TTKyILOK/ehAru6RUk/fyAaJkm8Bwmz5w37fs6vmrE+qQxw5KXzPyrVSK+RFjDEv
HJCvYG+F5VgaY1W8Eeilsvt2NXAM3evMYj4VdGPLtO78r83mVsWNvAR4m17RTmJo
XsvboBoCOTJ+foQNvzDiFV+Tye95/ZkZKdAbqb/DPV0avsT8
-----END CERTIFICATE-----
Generated at Mon Jul 1 18:55:02 2024 by rpki-client on console-fra.rpki-client.org