Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/2fQknsAbw8GQkZazHBQozxgIbng.roa
File: 2fQknsAbw8GQkZazHBQozxgIbng.roa (raw, json)
Hash identifier: 125B0x2qjk0eR2joURVpJopaBnCnseqJfcdF2bl5bfw=
Subject key identifier: D9:F4:24:9E:C0:1B:C3:C1:90:91:96:B3:1C:14:28:CF:18:08:6E:78
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 01884F11C556E36ADDDD5642AA5AC445D617
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/2fQknsAbw8GQkZazHBQozxgIbng.roa
Signing time: Wed 24 May 2023 18:42:24 +0000
ROA not before: Wed 24 May 2023 18:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 2a05:541:125::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Jun 2023 07:52:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4f:11:c5:56:e3:6a:dd:dd:56:42:aa:5a:c4:45:d6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: May 24 18:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9f4249ec01bc3c1909196b31c1428cf18086e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:ee:fd:95:cf:18:a3:01:0e:89:84:7f:70:
9c:b9:fa:c4:73:ad:7a:70:3c:0b:b7:e8:27:f6:8f:
d7:d6:bf:50:c6:22:d1:50:8b:c6:20:50:e7:5c:26:
9f:f8:42:e1:72:97:8e:7f:74:4c:8e:ce:67:a4:ad:
1d:26:8e:8c:8b:7b:af:12:65:ac:74:96:a8:ec:34:
42:69:32:59:20:12:3d:53:e2:93:0a:1a:ef:50:d9:
e4:25:be:c3:9e:89:dc:2b:3c:48:73:15:75:1f:71:
aa:1e:15:64:78:79:38:6d:59:cb:17:36:c7:0d:d4:
4a:2c:34:c7:3c:01:0f:90:c4:f8:f0:26:14:8c:7b:
7f:14:de:5e:de:ce:52:bc:78:5a:b4:af:e0:d4:96:
13:a1:90:16:e7:44:63:1f:b1:24:01:7d:08:46:61:
99:cf:52:a0:a0:e7:01:9b:cb:72:58:ca:16:7f:68:
ac:57:b5:8d:80:3c:4b:82:b7:6d:20:b7:b6:8b:15:
b2:aa:e5:ee:2d:c9:06:76:e8:4b:04:13:ed:38:dd:
17:b0:3f:1b:44:34:f8:4a:0d:0b:96:00:1b:a0:cf:
e8:e1:1d:53:f8:3b:30:21:af:ae:13:a3:19:5e:be:
f5:fc:79:0e:fa:fd:4f:2c:24:dc:e7:1a:01:bc:5c:
f6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F4:24:9E:C0:1B:C3:C1:90:91:96:B3:1C:14:28:CF:18:08:6E:78
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/2fQknsAbw8GQkZazHBQozxgIbng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:109::/48
2a05:541:119::/48
2a05:541:121::-2a05:541:123:ffff:ffff:ffff:ffff:ffff
2a05:541:125::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
Signature Algorithm: sha256WithRSAEncryption
73:4d:fd:7f:69:83:e5:57:48:26:a9:b4:b0:c0:fc:f1:84:94:
3f:ea:d7:6a:da:b4:85:39:9b:3c:95:a2:74:34:7d:2c:ec:09:
7b:7f:d7:2f:89:f2:4d:6a:cb:c1:26:3b:77:5d:0f:62:be:71:
a6:85:ca:18:34:7c:5f:b8:59:aa:8a:7b:bf:35:92:3d:5f:07:
87:af:95:c6:97:ea:af:c0:19:2e:36:6c:82:53:58:0b:1f:b8:
73:b8:e1:68:f0:73:c8:85:60:f0:d9:92:03:29:51:d4:3a:5f:
51:f4:d9:5b:b5:32:91:47:31:10:36:a6:d8:54:72:57:63:3b:
40:97:c3:c6:9e:fd:d8:52:63:99:2d:a0:2d:cf:84:dd:7c:92:
9c:63:3d:68:68:95:15:17:7e:e2:66:f2:19:53:ca:30:d7:3a:
24:45:a1:d4:9e:f9:4a:f1:b9:98:2c:44:e3:4f:ed:d7:21:04:
1d:a0:7e:e6:e6:4a:49:ef:55:30:15:c6:5c:3d:50:64:c2:ea:
46:38:f0:da:a9:4e:fa:60:b8:4f:c0:d3:e2:b6:30:73:d5:10:
48:4a:d7:28:17:52:06:55:0e:5a:5e:a4:86:fd:96:e2:ef:a0:
f9:cf:be:ac:c2:14:8f:f1:e0:e4:b5:8d:d7:87:4f:dd:4c:9e:
e2:bd:9e:ac
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYhPEcVW42rd3VZCqlrERdYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwNTI0MTg0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY0MjQ5ZWMwMWJjM2MxOTA5MTk2YjMxYzE0MjhjZjE4MDg2ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQTu/ZXPGKMBDomEf3CcufrEc616
cDwLt+gn9o/X1r9QxiLRUIvGIFDnXCaf+ELhcpeOf3RMjs5npK0dJo6Mi3uvEmWs
dJao7DRCaTJZIBI9U+KTChrvUNnkJb7DnoncKzxIcxV1H3GqHhVkeHk4bVnLFzbH
DdRKLDTHPAEPkMT48CYUjHt/FN5e3s5SvHhatK/g1JYToZAW50RjH7EkAX0IRmGZ
z1KgoOcBm8tyWMoWf2isV7WNgDxLgrdtILe2ixWyquXuLckGduhLBBPtON0XsD8b
RDT4Sg0LlgAboM/o4R1T+DswIa+uE6MZXr71/HkO+v1PLCTc5xoBvFz2ZQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNn0JJ7AG8PBkJGWsxwUKM8YCG54MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvMmZRa25zQWJ3OEdRa1phekhCUW96eGdJYm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcAKgUFQQEJ
AwcAKgUFQQEZMBIDBwAqBQVBASEDBwIqBQVBASAwEgMHACoFBUEBJQMHAyoFBUEB
IAMHACoFBUEBKTANBgkqhkiG9w0BAQsFAAOCAQEAc039f2mD5VdIJqm0sMD88YSU
P+rXatq0hTmbPJWidDR9LOwJe3/XL4nyTWrLwSY7d10PYr5xpoXKGDR8X7hZqop7
vzWSPV8Hh6+Vxpfqr8AZLjZsglNYCx+4c7jhaPBzyIVg8NmSAylR1DpfUfTZW7Uy
kUcxEDam2FRyV2M7QJfDxp792FJjmS2gLc+E3XySnGM9aGiVFRd+4mbyGVPKMNc6
JEWh1J75SvG5mCxE40/t1yEEHaB+5uZKSe9VMBXGXD1QZMLqRjjw2qlO+mC4T8DT
4rYwc9UQSErXKBdSBlUOWl6khv2W4u+g+c++rMIUj/Hg5LWN14dP3Uye4r2erA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:18 2024 by rpki-client on console-fra.rpki-client.org