Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bolXTk_1lcDh9Uh2EAV5uIUplZw.roa
File: bolXTk_1lcDh9Uh2EAV5uIUplZw.roa (raw, json)
Hash identifier: 8ZUh3eD6E+ZvvJ4ydBP4zwiurKagac3Ogi64ZmqcL+w=
Subject key identifier: 6E:89:57:4E:4F:F5:95:C0:E1:F5:48:76:10:05:79:B8:85:29:95:9C
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01856E8B1BB8A2655E6C1BE975CA523B3962
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bolXTk_1lcDh9Uh2EAV5uIUplZw.roa
Signing time: Sun 01 Jan 2023 18:14:48 +0000
ROA not before: Sun 01 Jan 2023 18:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a0d:ecc0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:1b:b8:a2:65:5e:6c:1b:e9:75:ca:52:3b:39:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 18:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e89574e4ff595c0e1f54876100579b88529959c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8e:b8:3d:9a:be:bc:ae:f6:72:51:5e:a4:89:
e5:6a:7b:62:8c:54:f4:52:52:96:3e:66:0f:32:e1:
c4:f6:2c:81:2c:90:0d:8c:02:e9:3d:98:3e:67:e9:
87:9a:d4:bd:ea:e1:26:d3:4b:4b:46:51:1f:60:d4:
e5:33:23:28:0a:b0:e6:82:1a:4a:99:97:61:d7:8c:
b5:6d:71:2d:0a:5e:3e:5c:d9:d3:af:b1:a3:2b:9e:
7d:72:86:e5:bf:db:b1:43:01:54:bb:51:b3:37:11:
57:7b:cf:e9:e7:74:90:30:14:58:63:81:86:38:f4:
68:a0:ff:fc:83:69:ba:f7:64:db:3f:60:a5:6a:4f:
03:e0:f5:5d:66:33:1f:20:e7:99:90:83:ca:ef:49:
02:27:38:51:2d:8e:21:8f:61:95:05:32:46:5e:84:
1b:68:ac:34:a4:79:37:d6:49:04:e7:88:f0:b8:2e:
db:66:be:06:7b:29:3c:28:2e:cc:81:68:e3:8c:f1:
72:d8:9b:4e:a2:f5:ab:18:14:da:ac:86:42:ab:b5:
4a:74:1c:34:30:a7:d2:ae:83:59:15:b8:1b:e0:e7:
b9:59:52:a1:d3:70:00:ce:d2:42:49:03:28:4a:4b:
57:fd:1f:bf:ef:84:66:af:bb:64:97:bf:24:db:57:
c2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:89:57:4E:4F:F5:95:C0:E1:F5:48:76:10:05:79:B8:85:29:95:9C
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bolXTk_1lcDh9Uh2EAV5uIUplZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
78:de:b3:c7:41:b5:60:f1:a7:53:3d:1b:1a:92:56:e2:0c:61:
86:fe:7e:c8:7a:55:95:40:12:9f:e5:c0:15:28:92:40:8d:b0:
8e:a5:6b:be:ef:d8:06:6c:8f:07:ed:c4:31:73:e2:83:6f:1c:
98:5f:f1:d8:97:8b:1a:e3:25:74:8b:08:6f:8e:f0:91:aa:d7:
3c:7d:0e:92:0d:63:7b:7c:b7:03:22:10:d6:09:a3:cf:a2:cb:
94:72:ef:c0:d5:ff:16:55:6e:96:e2:19:74:97:bb:df:75:b3:
0d:54:72:41:9a:7f:46:3d:c3:22:58:1c:8a:39:ae:31:a3:62:
b5:32:c6:7a:1f:0f:03:10:0c:e9:bc:98:14:06:60:59:69:fb:
84:3d:c5:e3:4c:d9:91:c2:01:0e:c8:e0:bb:13:6b:fc:32:88:
3b:2c:1c:67:3e:f7:94:58:55:8e:f0:bd:52:87:93:52:b2:72:
f7:0e:79:c4:a6:a3:d2:2a:3d:be:cc:4f:13:84:a9:03:94:9f:
fa:6e:06:18:ea:98:13:09:cc:04:f9:9d:f8:a6:22:98:1d:21:
4d:67:d8:e6:f8:f8:14:12:9c:0a:f1:b4:82:24:71:b3:b8:11:
9f:4d:5f:be:80:54:bb:a8:6e:a4:01:19:ec:37:2c:41:5e:bb:
5b:fd:c7:83
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuixu4omVebBvpdcpSOzliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTAxMTgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg5NTc0ZTRmZjU5NWMwZTFmNTQ4NzYxMDA1NzliODg1Mjk5NTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1464PZq+vK72clFepInlantijFT0
UlKWPmYPMuHE9iyBLJANjALpPZg+Z+mHmtS96uEm00tLRlEfYNTlMyMoCrDmghpK
mZdh14y1bXEtCl4+XNnTr7GjK559coblv9uxQwFUu1GzNxFXe8/p53SQMBRYY4GG
OPRooP/8g2m692TbP2Clak8D4PVdZjMfIOeZkIPK70kCJzhRLY4hj2GVBTJGXoQb
aKw0pHk31kkE54jwuC7bZr4Geyk8KC7MgWjjjPFy2JtOovWrGBTarIZCq7VKdBw0
MKfSroNZFbgb4Oe5WVKh03AAztJCSQMoSktX/R+/74Rmr7tkl78k21fCAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG6JV05P9ZXA4fVIdhAFebiFKZWcMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvYm9sWFRrXzFsY0RoOVVoMkVBVjV1SVVwbFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3swDAN
BgkqhkiG9w0BAQsFAAOCAQEAeN6zx0G1YPGnUz0bGpJW4gxhhv5+yHpVlUASn+XA
FSiSQI2wjqVrvu/YBmyPB+3EMXPig28cmF/x2JeLGuMldIsIb47wkarXPH0Okg1j
e3y3AyIQ1gmjz6LLlHLvwNX/FlVuluIZdJe733WzDVRyQZp/Rj3DIlgcijmuMaNi
tTLGeh8PAxAM6byYFAZgWWn7hD3F40zZkcIBDsjguxNr/DKIOywcZz73lFhVjvC9
UoeTUrJy9w55xKaj0io9vsxPE4SpA5Sf+m4GGOqYEwnMBPmd+KYimB0hTWfY5vj4
FBKcCvG0giRxs7gRn01fvoBUu6hupAEZ7DcsQV67W/3Hgw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:58 2024 by rpki-client on console-ams.rpki-client.org