Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/pOA63QEzJoBu1CDSOvrXLSuFvHU.roa
File: pOA63QEzJoBu1CDSOvrXLSuFvHU.roa (raw, json)
Hash identifier: DRgcc7lsdyCeTdcgxlgPzljsgnz9CzSruJmEhPGv/QY=
Subject key identifier: A4:E0:3A:DD:01:33:26:80:6E:D4:20:D2:3A:FA:D7:2D:2B:85:BC:75
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 018ECC22A83BD7D8DE7FA1B9CB05B9383D00
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/pOA63QEzJoBu1CDSOvrXLSuFvHU.roa
Signing time: Thu 11 Apr 2024 07:50:07 +0000
ROA not before: Thu 11 Apr 2024 07:50:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60068
IP address blocks: 2a14:30c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Apr 2024 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:22:a8:3b:d7:d8:de:7f:a1:b9:cb:05:b9:38:3d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: Apr 11 07:50:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e03add013326806ed420d23afad72d2b85bc75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:14:3d:39:16:2a:a9:2d:19:10:59:ff:03:5e:
08:1a:32:75:e3:5e:5c:35:d1:92:74:35:d1:f2:9e:
b0:80:72:85:d2:05:ef:8f:89:ec:5e:f0:63:83:2c:
3f:ec:36:61:a5:f2:f3:3d:5f:56:37:5f:04:5b:71:
02:76:d2:33:88:51:84:eb:6c:21:d0:be:94:4f:b0:
c5:e1:31:a7:02:50:71:92:9a:84:1d:dd:8b:83:dd:
39:ed:0e:a8:ed:cd:2c:2f:24:ab:c9:c4:bd:dd:39:
74:06:91:ac:43:6c:0c:c2:13:a7:cb:6d:60:4d:dd:
31:1d:83:2f:ba:ab:52:44:91:94:2f:b7:a9:6d:84:
a5:d8:c5:2a:e4:6a:8d:90:d5:57:2e:a1:2e:7c:99:
17:73:43:47:4e:f1:94:b1:92:3b:8e:18:74:a4:4f:
9e:bf:75:3a:b2:43:0e:5d:f2:cd:90:06:ae:c1:3c:
88:3a:14:40:b5:1c:05:76:27:ee:b9:f7:c0:99:e5:
bb:be:65:ca:06:ff:07:ed:14:7d:e1:7f:aa:38:c5:
d1:60:5a:39:79:34:92:cb:72:b9:f7:00:0d:70:9a:
ab:d0:6d:81:fb:66:90:ab:7a:35:b3:0e:f0:c4:bb:
29:d6:32:4d:3e:af:b7:ad:9f:13:50:68:76:f9:9b:
26:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E0:3A:DD:01:33:26:80:6E:D4:20:D2:3A:FA:D7:2D:2B:85:BC:75
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/pOA63QEzJoBu1CDSOvrXLSuFvHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:30c1::/32
Signature Algorithm: sha256WithRSAEncryption
26:8e:ca:85:ca:00:95:e6:9b:0b:cd:45:36:f6:89:10:3c:46:
c6:78:95:49:65:f9:01:1b:3e:09:4c:7d:bb:5e:ab:e2:a1:bc:
a7:e7:47:aa:82:1c:fd:78:14:d2:71:31:41:61:d7:2b:18:65:
0d:45:ab:68:f7:3a:39:b8:1a:b5:d5:d2:b3:f2:fb:db:73:79:
12:ad:84:35:18:f0:56:54:97:a8:82:52:4a:7c:e7:de:a5:ac:
c4:8c:91:85:b9:4b:f7:0f:e9:5a:e9:19:71:9e:0c:52:42:30:
59:a9:d3:18:2f:d6:ed:88:4b:72:ea:22:73:41:53:d1:c2:8b:
71:75:6f:c1:2d:e9:d4:c6:36:74:eb:d1:36:4e:5a:b8:09:84:
7e:45:d9:42:33:3e:f5:a4:a4:8d:d4:62:82:64:7c:32:73:71:
4a:a7:bc:7e:4d:43:d5:58:06:2b:39:c9:db:76:63:35:c5:ab:
8a:82:c4:c5:7e:49:5a:9c:12:39:80:9b:6e:53:52:c3:be:bf:
36:ca:0f:18:e0:fb:28:dc:c5:73:4b:8d:a8:32:24:a4:09:6d:
9f:d9:d0:64:e8:27:8b:e0:62:d2:bb:0f:44:52:91:39:35:d9:
89:df:eb:52:3c:90:e1:62:4e:5f:30:3d:82:61:3e:a9:46:3f:
19:b0:79:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7MIqg719jef6G5ywW5OD0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjQwNDExMDc1MDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUwM2FkZDAxMzMyNjgwNmVkNDIwZDIzYWZhZDcyZDJiODViYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBQ9ORYqqS0ZEFn/A14IGjJ1415c
NdGSdDXR8p6wgHKF0gXvj4nsXvBjgyw/7DZhpfLzPV9WN18EW3ECdtIziFGE62wh
0L6UT7DF4TGnAlBxkpqEHd2Lg9057Q6o7c0sLySrycS93Tl0BpGsQ2wMwhOny21g
Td0xHYMvuqtSRJGUL7epbYSl2MUq5GqNkNVXLqEufJkXc0NHTvGUsZI7jhh0pE+e
v3U6skMOXfLNkAauwTyIOhRAtRwFdifuuffAmeW7vmXKBv8H7RR94X+qOMXRYFo5
eTSSy3K59wANcJqr0G2B+2aQq3o1sw7wxLsp1jJNPq+3rZ8TUGh2+ZsmEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKTgOt0BMyaAbtQg0jr61y0rhbx1MB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEvcE9BNjNRRXpKb0J1MUNEU092clhMU3VGdkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQwwTAN
BgkqhkiG9w0BAQsFAAOCAQEAJo7KhcoAleabC81FNvaJEDxGxniVSWX5ARs+CUx9
u16r4qG8p+dHqoIc/XgU0nExQWHXKxhlDUWraPc6ObgatdXSs/L723N5Eq2ENRjw
VlSXqIJSSnzn3qWsxIyRhblL9w/pWukZcZ4MUkIwWanTGC/W7YhLcuoic0FT0cKL
cXVvwS3p1MY2dOvRNk5auAmEfkXZQjM+9aSkjdRigmR8MnNxSqe8fk1D1VgGKznJ
23ZjNcWrioLExX5JWpwSOYCbblNSw76/NsoPGOD7KNzFc0uNqDIkpAltn9nQZOgn
i+Bi0rsPRFKROTXZid/rUjyQ4WJOXzA9gmE+qUY/GbB56w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org