Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gD0nyPSjE-aeTHys4h6Iolnn8vo.roa
File: gD0nyPSjE-aeTHys4h6Iolnn8vo.roa (raw, json)
Hash identifier: RzNFeFXXSQizLWWi1mmdHcgL6SiW8lWXr1xyy5Xcx/E=
Subject key identifier: 80:3D:27:C8:F4:A3:13:E6:9E:4C:7C:AC:E2:1E:88:A2:59:E7:F2:FA
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01856DE67584074B09DDF511EED1A4E68EEB
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gD0nyPSjE-aeTHys4h6Iolnn8vo.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24750
IP address blocks: 2a05:4c00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:75:84:07:4b:09:dd:f5:11:ee:d1:a4:e6:8e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=803d27c8f4a313e69e4c7cace21e88a259e7f2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:e8:ef:19:97:88:14:d9:b1:36:34:cd:40:
79:3c:22:84:50:31:e3:48:80:e2:e8:d0:85:3f:48:
24:7b:d8:de:7f:90:35:31:3e:0b:fd:e8:24:fb:e9:
1b:54:ad:3a:ce:68:5a:49:01:db:d2:22:98:96:ee:
b0:60:a5:e5:f0:0f:8e:3e:30:ec:b8:7d:35:07:14:
aa:bb:8c:7a:2e:97:b7:f5:46:a6:6d:00:41:a1:9f:
51:fe:b3:d7:43:17:8c:18:a0:bb:c8:53:60:98:4b:
74:96:4d:57:da:80:e2:89:45:48:d3:dc:2a:35:30:
d5:fd:73:18:0a:85:fd:cd:3c:a0:9f:55:bd:e1:88:
d0:ba:a5:b6:fd:90:9d:64:0e:ac:ff:b0:0c:ea:83:
54:f5:36:cc:9e:e0:49:98:05:4c:55:e5:c7:11:40:
cc:23:ca:df:15:9b:79:66:21:35:3a:2f:6d:a8:b5:
d7:0f:87:2e:df:5d:25:c6:53:0c:a8:a6:4c:57:e5:
ef:4b:dd:27:5b:78:15:50:00:b9:cb:8f:66:91:11:
33:7a:0e:f4:8e:b9:55:21:ef:e9:e5:7d:51:56:c8:
74:7e:56:12:3f:dd:07:e7:a3:2e:57:58:eb:8c:50:
ab:a3:67:92:70:d9:a6:05:30:a3:7c:9d:11:e6:99:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3D:27:C8:F4:A3:13:E6:9E:4C:7C:AC:E2:1E:88:A2:59:E7:F2:FA
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/gD0nyPSjE-aeTHys4h6Iolnn8vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
03:d1:c0:31:24:06:13:3b:07:e8:76:3c:e8:96:13:bc:b5:90:
cf:96:d4:61:85:7f:35:2e:49:21:3f:04:87:95:00:88:ac:ec:
7d:fc:a9:4b:bf:f5:54:1c:ea:68:ca:ab:28:f7:06:eb:37:d5:
8e:17:fa:9f:b7:8e:df:b0:f3:04:5c:33:e0:81:e8:24:d0:68:
c9:47:93:1f:e7:45:9b:ce:c5:17:1b:a7:40:e0:56:ff:74:7c:
2b:3b:36:1d:e0:49:36:87:4e:d0:40:16:00:a2:3f:56:e9:ce:
c1:5a:c6:55:f7:17:fe:71:46:58:2f:52:83:59:38:ea:95:d1:
fb:32:66:f5:46:cb:2c:23:0b:8c:70:cc:32:fd:cf:a2:9d:e1:
35:b7:4f:da:a0:84:27:06:00:93:16:c7:33:f5:ba:df:7c:0e:
25:7b:64:aa:d6:73:4a:61:eb:a0:0a:9a:6b:c6:2a:03:ff:a9:
b3:67:58:5c:67:27:52:ee:0f:a6:bc:15:de:50:5c:4e:fd:8b:
81:61:fd:af:0c:35:5e:da:db:03:8a:d6:e7:07:67:20:25:c7:
cb:50:8f:df:c9:52:45:7f:b2:41:b1:8f:ca:8c:4d:90:0a:3c:
11:85:27:96:d4:6a:16:5a:b2:df:65:27:5e:e5:34:63:a2:3b:
10:63:fd:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVt5nWEB0sJ3fUR7tGk5o7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNkMjdjOGY0YTMxM2U2OWU0YzdjYWNlMjFlODhhMjU5ZTdmMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAro7xmXiBTZsTY0zUB5PCKEUDHj
SIDi6NCFP0gke9jef5A1MT4L/egk++kbVK06zmhaSQHb0iKYlu6wYKXl8A+OPjDs
uH01BxSqu4x6Lpe39UambQBBoZ9R/rPXQxeMGKC7yFNgmEt0lk1X2oDiiUVI09wq
NTDV/XMYCoX9zTygn1W94YjQuqW2/ZCdZA6s/7AM6oNU9TbMnuBJmAVMVeXHEUDM
I8rfFZt5ZiE1Oi9tqLXXD4cu310lxlMMqKZMV+XvS90nW3gVUAC5y49mkREzeg70
jrlVIe/p5X1RVsh0flYSP90H56MuV1jrjFCro2eScNmmBTCjfJ0R5pkOrwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIA9J8j0oxPmnkx8rOIeiKJZ5/L6MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZ0QwbnlQU2pFLWFlVEh5czRoNklvbG5uOHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVMADAN
BgkqhkiG9w0BAQsFAAOCAQEAA9HAMSQGEzsH6HY86JYTvLWQz5bUYYV/NS5JIT8E
h5UAiKzsffypS7/1VBzqaMqrKPcG6zfVjhf6n7eO37DzBFwz4IHoJNBoyUeTH+dF
m87FFxunQOBW/3R8Kzs2HeBJNodO0EAWAKI/VunOwVrGVfcX/nFGWC9Sg1k46pXR
+zJm9UbLLCMLjHDMMv3Pop3hNbdP2qCEJwYAkxbHM/W633wOJXtkqtZzSmHroAqa
a8YqA/+ps2dYXGcnUu4PprwV3lBcTv2LgWH9rww1XtrbA4rW5wdnICXHy1CP38lS
RX+yQbGPyoxNkAo8EYUnltRqFlqy32UnXuU0Y6I7EGP9mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org