Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/l3DjT2NmiDlz_l0u8YLNmsucxoM.roa
File: l3DjT2NmiDlz_l0u8YLNmsucxoM.roa (raw, json)
Hash identifier: yUn+lQWsRJ5XxfNRf3810A2sk/eEPdVVwGgoq4oRJEs=
Subject key identifier: 97:70:E3:4F:63:66:88:39:73:FE:5D:2E:F1:82:CD:9A:CB:9C:C6:83
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 0185704BB746100586408D2994AE0272C1E2
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/l3DjT2NmiDlz_l0u8YLNmsucxoM.roa
Signing time: Mon 02 Jan 2023 02:24:48 +0000
ROA not before: Mon 02 Jan 2023 02:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6507
IP address blocks: 2a04:82c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Mar 2023 22:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b7:46:10:05:86:40:8d:29:94:ae:02:72:c1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Jan 2 02:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9770e34f6366883973fe5d2ef182cd9acb9cc683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:03:04:5c:46:93:ad:23:7d:ea:db:a0:1a:9c:
ac:4c:1b:39:cf:5e:3c:4b:9f:52:2b:47:75:3d:5c:
1f:0a:41:4a:0f:f5:73:6c:d3:67:f9:0f:92:cd:de:
c2:61:92:0e:79:82:94:9a:84:4a:46:f5:18:2c:c9:
34:a9:b6:34:d8:7e:cd:ff:aa:62:48:ed:5b:f7:18:
3b:d9:bf:3d:58:32:de:79:87:be:df:9a:68:e3:91:
ca:dd:a5:7e:c9:fa:b0:2f:eb:ee:cb:6e:6c:f0:66:
a1:c7:dd:9b:38:93:6d:c3:67:f7:3a:a9:af:fb:91:
7a:23:65:77:ea:cb:aa:82:24:25:7a:f7:a0:1a:a2:
1a:2c:8b:e5:ef:8a:97:8e:94:ad:84:90:ff:37:31:
8b:bb:ad:27:c0:ac:de:7b:bc:33:6f:1d:fe:fd:aa:
dd:2e:35:98:78:6f:02:ad:39:b5:a7:89:4a:b1:c1:
63:bb:59:11:6f:c4:32:87:75:1b:fe:5c:67:61:8b:
c3:fa:17:0a:39:40:6c:1a:ab:b6:c2:25:34:42:85:
7a:5e:ea:3d:82:61:df:3c:89:7c:fc:e3:ed:a7:46:
7f:ea:eb:28:ff:27:7f:df:95:e3:e5:da:99:80:54:
ba:0c:23:59:cf:f2:75:4f:a8:b5:1c:e4:15:26:f0:
ef:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:70:E3:4F:63:66:88:39:73:FE:5D:2E:F1:82:CD:9A:CB:9C:C6:83
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/l3DjT2NmiDlz_l0u8YLNmsucxoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:73:71:f0:33:5b:0d:9e:22:45:e7:d9:86:c4:93:3d:c6:95:
23:9e:b8:83:9a:e3:9e:61:83:87:45:8e:d8:31:12:68:a8:fd:
ce:87:2b:27:ef:ce:61:dc:d3:a4:3d:51:66:9d:f1:39:6e:70:
d7:94:27:b4:c6:e7:9d:08:87:02:01:ef:33:00:06:9b:fe:95:
d0:10:c2:3c:b2:ab:33:76:da:9e:36:24:e8:75:44:b6:b3:2a:
11:9a:bc:73:8d:52:a9:c8:45:aa:ea:86:19:88:af:cd:3a:c2:
02:cc:30:46:19:78:f5:fe:8c:3b:9a:c7:bb:bc:e3:e2:03:48:
08:b3:f7:8a:bb:92:3c:7a:e2:04:94:83:ee:a6:ce:0b:e6:38:
95:0d:fd:92:c9:9e:2e:0e:d0:82:ee:d8:fb:3d:a3:12:e8:bd:
b7:c4:91:aa:05:11:85:db:bf:89:80:73:bd:55:4e:77:83:a4:
76:fd:70:ef:3f:cf:50:6c:d7:ef:1d:32:4d:f0:d9:1b:8f:d2:
88:96:31:5e:dc:4c:8b:ab:76:d0:83:19:cf:1c:c6:5d:34:1c:
9d:75:ae:cc:5e:72:28:2e:84:b3:97:03:d8:e7:81:f6:26:0f:
db:cf:6e:ba:eb:03:aa:fa:0a:9d:0c:b6:da:ce:4a:f4:de:f8:
c4:dd:bc:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwS7dGEAWGQI0plK4CcsHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjMwMTAyMDIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzcwZTM0ZjYzNjY4ODM5NzNmZTVkMmVmMTgyY2Q5YWNiOWNjNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAMEXEaTrSN96tugGpysTBs5z148
S59SK0d1PVwfCkFKD/VzbNNn+Q+Szd7CYZIOeYKUmoRKRvUYLMk0qbY02H7N/6pi
SO1b9xg72b89WDLeeYe+35po45HK3aV+yfqwL+vuy25s8Gahx92bOJNtw2f3Oqmv
+5F6I2V36suqgiQlevegGqIaLIvl74qXjpSthJD/NzGLu60nwKzee7wzbx3+/ard
LjWYeG8CrTm1p4lKscFju1kRb8Qyh3Ub/lxnYYvD+hcKOUBsGqu2wiU0QoV6Xuo9
gmHfPIl8/OPtp0Z/6uso/yd/35Xj5dqZgFS6DCNZz/J1T6i1HOQVJvDv6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJdw409jZog5c/5dLvGCzZrLnMaDMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvbDNEalQyTm1pRGx6X2wwdThZTE5tc3VjeG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgSCwDAN
BgkqhkiG9w0BAQsFAAOCAQEAO3Nx8DNbDZ4iRefZhsSTPcaVI564g5rjnmGDh0WO
2DESaKj9zocrJ+/OYdzTpD1RZp3xOW5w15QntMbnnQiHAgHvMwAGm/6V0BDCPLKr
M3banjYk6HVEtrMqEZq8c41SqchFquqGGYivzTrCAswwRhl49f6MO5rHu7zj4gNI
CLP3iruSPHriBJSD7qbOC+Y4lQ39ksmeLg7Qgu7Y+z2jEui9t8SRqgURhdu/iYBz
vVVOd4Okdv1w7z/PUGzX7x0yTfDZG4/SiJYxXtxMi6t20IMZzxzGXTQcnXWuzF5y
KC6Es5cD2OeB9iYP289uuusDqvoKnQy22s5K9N74xN286Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:29 2024 by rpki-client on console-fra.rpki-client.org