Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j5leTuu2G1L0Tf5kH4t5YGes8lU.roa
File: j5leTuu2G1L0Tf5kH4t5YGes8lU.roa (raw, json)
Hash identifier: xo/Doj3rMK9/QUAyeC38j3wuf7BfArrtSf3GIb/Ia10=
Subject key identifier: 8F:99:5E:4E:EB:B6:1B:52:F4:4D:FE:64:1F:8B:79:60:67:AC:F2:55
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D7DF9BE86681097C77C815218C0965A9B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j5leTuu2G1L0Tf5kH4t5YGes8lU.roa
Signing time: Tue 06 Feb 2024 10:32:15 +0000
ROA not before: Tue 06 Feb 2024 10:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a03:3ae0::/29 maxlen: 29
2a07:e4c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:f9:be:86:68:10:97:c7:7c:81:52:18:c0:96:5a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 6 10:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f995e4eebb61b52f44dfe641f8b796067acf255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:33:61:55:25:db:71:09:cc:b4:bf:dc:63:3f:
6b:5f:e1:5f:3a:96:6a:f1:d2:b8:e2:1a:c7:8c:79:
fe:b6:37:3e:28:3a:71:b5:db:71:5b:2b:12:36:48:
19:93:03:1c:06:8f:a3:34:7b:27:ec:36:b0:4b:f2:
b0:0e:f7:e4:11:5e:9c:f3:48:4b:fd:f9:5a:43:38:
ac:33:fb:5c:00:ea:00:a4:36:d8:ad:cc:46:c2:7d:
d6:21:81:f9:6c:94:c5:8a:75:c3:59:ac:b3:47:21:
17:2a:8e:28:4f:91:0d:52:4c:94:33:ea:9a:2d:a1:
8a:1d:54:a1:0b:5e:0d:32:96:6a:34:15:39:18:08:
b3:aa:c6:70:86:80:dd:c1:e0:1a:9a:40:6e:42:a9:
87:91:8d:1c:68:31:d7:d1:5e:af:7b:a2:62:94:96:
96:1e:f9:4f:ab:ce:f3:ff:07:96:6f:f5:18:84:a7:
e1:10:48:be:3c:67:7d:79:37:b7:74:98:41:6f:6b:
f3:4f:1c:ad:46:f2:16:f1:ba:d8:ae:3e:f7:2b:ad:
71:2b:ba:3a:bf:09:11:45:c2:8d:e9:a6:dc:2b:2a:
11:5b:8e:37:c0:3d:25:5e:50:6e:06:e8:73:a3:bc:
b3:43:c1:87:0a:51:b9:d9:ba:4b:4c:d8:cf:76:fc:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:99:5E:4E:EB:B6:1B:52:F4:4D:FE:64:1F:8B:79:60:67:AC:F2:55
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/j5leTuu2G1L0Tf5kH4t5YGes8lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:3ae0::/29
2a07:e4c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:d6:af:8d:a1:ef:e6:57:79:fc:a0:03:e6:3d:55:cf:d5:6c:
66:6b:39:fd:71:34:ab:1a:af:c0:3e:5c:52:25:d6:fb:91:4a:
c0:7d:39:2e:55:14:2f:71:57:ce:46:23:2a:86:f6:c8:58:28:
01:f4:96:1b:f0:7e:42:70:95:e3:e5:e9:32:53:9f:56:bf:b6:
ed:9c:88:6f:66:71:55:0e:94:80:fa:6c:8e:33:10:29:fa:1b:
64:18:23:2f:f8:93:af:9b:2a:a8:10:ae:bc:3f:25:7e:b2:6f:
2b:72:5e:f7:dc:df:0d:3f:a5:0a:f7:c0:0b:c9:fa:86:6d:41:
65:3c:a9:78:d9:e8:3b:1d:a2:45:a3:e3:8d:9f:56:cf:85:46:
03:dd:51:e7:97:f5:03:45:00:14:b2:17:12:53:f8:69:fd:fc:
9a:0b:e0:e8:43:78:18:b5:9a:be:3c:97:a2:32:74:d4:09:d0:
19:7e:ce:d0:b5:f3:66:9f:bf:a8:72:92:e7:0a:bc:b0:36:da:
04:46:a2:f9:b6:e3:dc:de:9a:af:49:58:67:cb:68:91:00:14:
b2:16:8a:8d:22:b7:51:fe:4f:71:29:53:6e:71:95:fe:99:61:
94:8a:c2:0c:03:d0:68:f9:9e:e0:9b:46:25:a1:00:90:c5:3b:
c7:03:ee:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY19+b6GaBCXx3yBUhjAllqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA2MTAzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk5NWU0ZWViYjYxYjUyZjQ0ZGZlNjQxZjhiNzk2MDY3YWNmMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDNhVSXbcQnMtL/cYz9rX+FfOpZq
8dK44hrHjHn+tjc+KDpxtdtxWysSNkgZkwMcBo+jNHsn7DawS/KwDvfkEV6c80hL
/flaQzisM/tcAOoApDbYrcxGwn3WIYH5bJTFinXDWayzRyEXKo4oT5ENUkyUM+qa
LaGKHVShC14NMpZqNBU5GAizqsZwhoDdweAamkBuQqmHkY0caDHX0V6ve6JilJaW
HvlPq87z/weWb/UYhKfhEEi+PGd9eTe3dJhBb2vzTxytRvIW8brYrj73K61xK7o6
vwkRRcKN6abcKyoRW443wD0lXlBuBuhzo7yzQ8GHClG52bpLTNjPdvxfrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI+ZXk7rthtS9E3+ZB+LeWBnrPJVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvajVsZVR1dTJHMUwwVGY1a0g0dDVZR2VzOGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgM64AMF
AyoH5MADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQB+1q+Noe/mV3n8oAPmPVXP
1Wxmazn9cTSrGq/APlxSJdb7kUrAfTkuVRQvcVfORiMqhvbIWCgB9JYb8H5CcJXj
5ekyU59Wv7btnIhvZnFVDpSA+myOMxAp+htkGCMv+JOvmyqoEK68PyV+sm8rcl73
3N8NP6UK98ALyfqGbUFlPKl42eg7HaJFo+ONn1bPhUYD3VHnl/UDRQAUshcSU/hp
/fyaC+DoQ3gYtZq+PJeiMnTUCdAZfs7QtfNmn7+ocpLnCrywNtoERqL5tuPc3pqv
SVhny2iRABSyFoqNIrdR/k9xKVNucZX+mWGUisIMA9Bo+Z7gm0YloQCQxTvHA+4e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:24 2024 by rpki-client on console-fra.rpki-client.org