Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/O5_lz8aKdaIx80DBcVv_2HXWHak.roa
File: O5_lz8aKdaIx80DBcVv_2HXWHak.roa (raw, json)
Hash identifier: 5rJTqYl0SYOspo327vsA7DDkX5JliMi1bAu23I6jHqY=
Subject key identifier: 3B:9F:E5:CF:C6:8A:75:A2:31:F3:40:C1:71:5B:FF:D8:75:D6:1D:A9
Certificate issuer: /CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Certificate serial: 01856D0178B618F617BAEE893680EBD25D77
Authority key identifier: AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/O5_lz8aKdaIx80DBcVv_2HXWHak.roa
Signing time: Sun 01 Jan 2023 11:04:51 +0000
ROA not before: Sun 01 Jan 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208559
IP address blocks: 2a02:f28:23::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:78:b6:18:f6:17:ba:ee:89:36:80:eb:d2:5d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Validity
Not Before: Jan 1 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b9fe5cfc68a75a231f340c1715bffd875d61da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:ee:58:d4:e6:ef:f1:20:ed:5e:cf:f9:80:
4d:c2:14:58:a2:60:6d:a0:4b:25:c4:f2:7f:ec:c1:
b9:44:ad:9d:c0:77:ce:53:dc:ac:25:50:6a:ae:91:
c9:f8:6f:5f:ed:dd:a4:fa:61:c3:d0:7f:4b:d3:d9:
a1:80:f5:ea:d4:31:2c:e0:43:7c:62:3d:0a:85:a0:
f7:27:6a:3a:7e:f3:35:f5:ed:7d:90:4a:eb:e8:99:
6a:21:60:9b:a9:8a:69:b1:43:ff:76:38:24:19:68:
cf:2d:85:69:5b:3a:77:7f:4b:5d:84:02:98:7d:87:
a1:ea:18:72:76:41:7b:cb:19:13:4d:c8:88:e8:a5:
f4:dc:e2:45:7e:c0:1b:37:95:62:da:75:dc:fa:31:
f7:a3:78:59:d1:30:2c:cf:91:0f:ba:9b:28:28:0d:
0e:f9:38:47:f8:b3:92:68:f3:a4:9a:5d:62:08:3b:
13:c8:1a:53:c4:12:35:88:11:5c:1f:f6:e1:b3:e0:
09:0c:f2:b3:a0:fd:c0:91:37:5f:4f:0a:d1:24:b8:
45:8f:a9:c4:a7:95:03:e8:18:fb:14:fa:75:63:0e:
6a:23:6a:53:9a:fb:ae:f0:cb:a0:27:01:d5:13:e7:
6c:f2:c9:f9:fe:1d:e2:84:a5:d2:ac:37:29:d5:c4:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9F:E5:CF:C6:8A:75:A2:31:F3:40:C1:71:5B:FF:D8:75:D6:1D:A9
X509v3 Authority Key Identifier:
keyid:AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/O5_lz8aKdaIx80DBcVv_2HXWHak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f28:23::/48
Signature Algorithm: sha256WithRSAEncryption
94:0a:cc:ba:0f:8c:7d:47:3a:99:da:b1:40:80:d2:14:3c:19:
06:91:a7:f6:56:ab:30:36:a5:d5:4a:c7:b9:46:5e:29:8f:fc:
3e:54:6c:2c:95:a7:8e:55:0f:fb:a8:a1:86:3d:39:6f:86:b4:
3b:17:87:0c:3f:92:1a:8c:c7:e1:34:f4:41:ba:21:69:1d:1f:
84:33:f8:56:66:bb:b4:79:45:9f:e8:b8:c7:ae:c8:be:d0:12:
ce:5d:5a:39:ed:18:77:57:bd:ac:81:3f:31:c1:6c:ed:74:d7:
ca:ce:e9:d4:cc:bc:af:b6:38:f5:0e:4c:dd:11:34:58:ce:14:
26:85:e8:78:72:98:74:d0:be:65:38:1a:02:4e:07:60:b0:8f:
ff:6c:c3:52:65:f3:1f:cf:0d:73:68:fa:7f:96:1f:6e:a8:03:
ae:ec:96:fc:84:aa:6c:b2:8a:b3:e0:66:9f:06:3a:b9:2e:1e:
a8:e8:e6:2a:e6:6b:2b:99:0a:72:c3:39:9d:0e:67:9d:e5:f9:
50:bc:80:55:8f:ec:72:49:bc:c8:24:05:e2:cf:8d:ef:6a:a8:
22:d5:2e:e8:f8:8c:68:cd:52:04:a4:64:5b:3e:87:f7:41:f0:
6f:0f:31:80:53:1b:e4:fd:e1:69:e3:ce:42:12:ff:e9:e7:d1:
25:18:83:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtAXi2GPYXuu6JNoDr0l13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzVmOTA3ZWM3ZGJmOWM2NWI4MTVhYTNkNzIwMmI2ZGZh
ZTMxNDgwHhcNMjMwMTAxMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjlmZTVjZmM2OGE3NWEyMzFmMzQwYzE3MTViZmZkODc1ZDYxZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHXuWNTm7/Eg7V7P+YBNwhRYomBt
oEslxPJ/7MG5RK2dwHfOU9ysJVBqrpHJ+G9f7d2k+mHD0H9L09mhgPXq1DEs4EN8
Yj0KhaD3J2o6fvM19e19kErr6JlqIWCbqYppsUP/djgkGWjPLYVpWzp3f0tdhAKY
fYeh6hhydkF7yxkTTciI6KX03OJFfsAbN5Vi2nXc+jH3o3hZ0TAsz5EPupsoKA0O
+ThH+LOSaPOkml1iCDsTyBpTxBI1iBFcH/bhs+AJDPKzoP3AkTdfTwrRJLhFj6nE
p5UD6Bj7FPp1Yw5qI2pTmvuu8MugJwHVE+ds8sn5/h3ihKXSrDcp1cQouwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDuf5c/GinWiMfNAwXFb/9h11h2pMB8GA1UdIwQY
MBaAFKo1+Qfsfb+cZbgVqj1yArbfrjFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMt
YjZmMWNmYWE2OTg1LzEvTzVfbHo4YUtkYUl4ODBEQmNWdl8ySFhXSGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMtYjZmMWNmYWE2OTg1
LzEvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIPKAAj
MA0GCSqGSIb3DQEBCwUAA4IBAQCUCsy6D4x9RzqZ2rFAgNIUPBkGkaf2VqswNqXV
Sse5Rl4pj/w+VGwslaeOVQ/7qKGGPTlvhrQ7F4cMP5IajMfhNPRBuiFpHR+EM/hW
Zru0eUWf6LjHrsi+0BLOXVo57Rh3V72sgT8xwWztdNfKzunUzLyvtjj1DkzdETRY
zhQmheh4cph00L5lOBoCTgdgsI//bMNSZfMfzw1zaPp/lh9uqAOu7Jb8hKpssoqz
4GafBjq5Lh6o6OYq5msrmQpywzmdDmed5flQvIBVj+xySbzIJAXiz43vaqgi1S7o
+IxozVIEpGRbPof3QfBvDzGAUxvk/eFp485CEv/p59ElGIPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:06 2024 by rpki-client on console-fra.rpki-client.org