Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DFDVFNfc_QHtagS6u_IvhKgZr4s.roa
File: DFDVFNfc_QHtagS6u_IvhKgZr4s.roa (raw, json)
Hash identifier: Q5bq9QzNHBdCV4mKPed1wWQwJEKpdIIwAABq5Rqp6+M=
Subject key identifier: 0C:50:D5:14:D7:DC:FD:01:ED:6A:04:BA:BB:F2:2F:84:A8:19:AF:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E74D47883D5ECD5B59B7FA927DAAE900C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DFDVFNfc_QHtagS6u_IvhKgZr4s.roa
Signing time: Mon 25 Mar 2024 08:57:45 +0000
ROA not before: Mon 25 Mar 2024 08:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a00:1c88::/29 maxlen: 29
2a0b:7300::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 06 May 2024 15:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:d4:78:83:d5:ec:d5:b5:9b:7f:a9:27:da:ae:90:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 25 08:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c50d514d7dcfd01ed6a04babbf22f84a819af8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:34:4e:b8:de:4f:52:ba:22:f0:ca:92:3d:f1:
7a:67:fd:e7:6b:55:e7:2d:ef:a8:71:35:30:3d:f8:
de:91:a5:e7:18:3b:08:6a:35:3d:af:74:2a:37:76:
fa:d4:04:ad:8e:72:54:0d:c2:1a:fe:fe:ac:2e:29:
72:75:ee:40:30:25:54:e9:f6:e2:c3:f2:c0:67:5f:
f7:91:6a:05:82:ab:a7:f7:98:21:7b:f0:1a:a7:fa:
53:64:14:dc:47:6a:6f:9d:e9:23:fb:51:28:88:ce:
3a:65:6a:9d:89:70:95:5f:e6:af:74:ae:ef:4f:09:
33:14:c3:49:06:5a:62:49:6d:99:62:59:b1:f6:39:
c9:f3:f3:6a:8f:b4:5f:67:d6:f6:5d:17:8b:dd:08:
66:74:55:a0:f7:ba:8c:11:26:a0:5e:9b:ae:2c:de:
8c:ae:23:cf:73:93:36:27:0f:51:0b:ff:8f:11:64:
4e:d7:2d:33:5e:65:a5:ad:d3:3a:49:b6:9c:fd:30:
0c:cc:d1:ac:8c:7a:b9:f5:82:23:35:84:e5:a3:26:
a3:eb:01:9d:51:d0:2c:70:9d:55:54:33:c3:b9:10:
8c:94:1a:b8:fb:95:a4:f7:82:f0:d2:ed:d3:7f:15:
a8:f6:19:ae:33:2e:32:bd:04:1d:dd:68:4a:a6:81:
75:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:50:D5:14:D7:DC:FD:01:ED:6A:04:BA:BB:F2:2F:84:A8:19:AF:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DFDVFNfc_QHtagS6u_IvhKgZr4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c88::/29
2a0b:7300::/29
Signature Algorithm: sha256WithRSAEncryption
47:c3:65:db:71:99:d7:b2:a6:6b:02:70:f5:64:ad:91:a6:f8:
1a:b5:6f:b6:98:ec:2d:5c:d2:db:a9:96:34:a6:b6:62:57:b7:
f9:ba:b6:a2:f8:fc:96:59:c2:6e:54:96:7d:33:7d:ed:de:b4:
c2:ec:90:b3:23:99:62:08:4e:ab:34:ad:60:ef:3c:ca:a6:e3:
44:90:9e:63:0c:47:b8:18:e1:d8:db:2a:46:66:84:3b:17:5d:
09:93:20:7b:cc:eb:a3:9b:82:77:9c:82:56:05:cc:7e:ed:b6:
18:e4:4d:73:95:9a:c7:66:b6:9e:ad:0c:7b:ba:e6:0e:f4:9b:
2a:96:7b:6d:48:64:b9:e3:a1:c7:ae:c5:6c:5e:b9:ba:af:47:
fe:9a:3b:a1:9d:31:97:02:97:28:e0:17:f5:8c:68:f4:7b:0e:
1e:1d:ae:f3:6f:8d:95:d6:77:28:ea:0c:82:ac:f3:97:76:a0:
c7:85:00:dd:13:bf:51:fa:d3:88:9b:ae:7b:3a:4d:39:3b:31:
ad:2c:88:85:33:25:90:a9:ee:4f:ea:fe:6b:49:4b:40:c2:4d:
c0:5f:68:da:e9:9a:ff:1b:42:89:15:ea:f2:83:58:79:2e:73:
8e:1d:87:0e:dc:57:11:b0:8d:31:e3:a8:c9:eb:f5:c3:01:91:
c8:1f:a0:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY501HiD1ezVtZt/qSfarpAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzI1MDg1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUwZDUxNGQ3ZGNmZDAxZWQ2YTA0YmFiYmYyMmY4NGE4MTlhZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzROuN5PUroi8MqSPfF6Z/3na1Xn
Le+ocTUwPfjekaXnGDsIajU9r3QqN3b61AStjnJUDcIa/v6sLilyde5AMCVU6fbi
w/LAZ1/3kWoFgqun95ghe/Aap/pTZBTcR2pvnekj+1EoiM46ZWqdiXCVX+avdK7v
TwkzFMNJBlpiSW2ZYlmx9jnJ8/Nqj7RfZ9b2XReL3QhmdFWg97qMESagXpuuLN6M
riPPc5M2Jw9RC/+PEWRO1y0zXmWlrdM6Sbac/TAMzNGsjHq59YIjNYTloyaj6wGd
UdAscJ1VVDPDuRCMlBq4+5Wk94Lw0u3TfxWo9hmuMy4yvQQd3WhKpoF1hwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAxQ1RTX3P0B7WoEurvyL4SoGa+LMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvREZEVkZOZmNfUUh0YWdTNnVfSXZoS2dacjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgAciAMF
AyoLcwAwDQYJKoZIhvcNAQELBQADggEBAEfDZdtxmdeypmsCcPVkrZGm+Bq1b7aY
7C1c0tupljSmtmJXt/m6tqL4/JZZwm5Uln0zfe3etMLskLMjmWIITqs0rWDvPMqm
40SQnmMMR7gY4djbKkZmhDsXXQmTIHvM66ObgnecglYFzH7tthjkTXOVmsdmtp6t
DHu65g70myqWe21IZLnjoceuxWxeubqvR/6aO6GdMZcClyjgF/WMaPR7Dh4drvNv
jZXWdyjqDIKs85d2oMeFAN0Tv1H604ibrns6TTk7Ma0siIUzJZCp7k/q/mtJS0DC
TcBfaNrpmv8bQokV6vKDWHkuc44dhw7cVxGwjTHjqMnr9cMBkcgfoPc=
-----END CERTIFICATE-----
Generated at Mon May 6 19:36:53 2024 by rpki-client on console-fra.rpki-client.org