Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ydl6DYcPwxcQaZocyPteQofSJJQ.roa
File: ydl6DYcPwxcQaZocyPteQofSJJQ.roa (raw, json)
Hash identifier: rMHMm3uA97NXdxg0FU3sYHASDrkzMWLsamBy+mlzMFc=
Subject key identifier: C9:D9:7A:0D:87:0F:C3:17:10:69:9A:1C:C8:FB:5E:42:87:D2:24:94
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018DC7B4EF9474FC44A41AAEDFAFBC944CC1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ydl6DYcPwxcQaZocyPteQofSJJQ.roa
Signing time: Tue 20 Feb 2024 18:09:00 +0000
ROA not before: Tue 20 Feb 2024 18:09:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a00:1c88::/29 maxlen: 29
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 15 Mar 2024 08:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:b4:ef:94:74:fc:44:a4:1a:ae:df:af:bc:94:4c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 20 18:09:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9d97a0d870fc31710699a1cc8fb5e4287d22494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d4:2f:3e:55:8c:2d:b7:ab:77:c2:ba:6a:64:
f5:6f:c8:45:62:8f:5f:cb:97:84:bd:3c:51:32:1c:
06:3c:9e:27:52:a2:2c:a4:f2:52:08:24:9e:34:20:
9b:89:77:43:cd:4d:55:ff:55:6b:d1:ad:79:35:d7:
1e:8e:33:8a:f6:72:cd:18:48:df:7d:fa:11:5a:ab:
2c:9c:a5:a4:3f:de:78:f7:6e:f4:fb:d8:ea:7e:a7:
bf:bf:16:13:6f:36:4e:bf:2a:88:fd:e9:0a:94:15:
42:9a:6b:b9:a0:e8:c2:73:2a:fc:f7:de:b6:14:74:
fd:2f:43:d5:5e:13:12:c2:d8:ff:2f:21:a1:71:3a:
16:c6:f5:f6:3c:68:3d:65:ed:53:a7:9e:af:35:df:
5b:21:9a:67:f3:96:c2:ae:dd:c1:8a:de:93:52:d8:
1a:d0:f7:a1:ab:9e:e4:a2:bd:b8:b5:0b:03:87:35:
95:db:9c:10:79:70:5c:e8:bf:70:1e:d4:13:53:a0:
77:b9:b6:12:ae:4c:4f:ac:c5:c6:08:fc:58:2e:92:
35:ab:f5:cb:f4:a1:17:e8:17:00:4f:63:d2:a5:60:
c1:d5:9e:9d:f8:fd:c1:92:75:28:6c:c0:20:6b:48:
a4:1f:18:95:2a:91:9e:d4:3f:e2:72:b2:81:d9:b5:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D9:7A:0D:87:0F:C3:17:10:69:9A:1C:C8:FB:5E:42:87:D2:24:94
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ydl6DYcPwxcQaZocyPteQofSJJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1c88::/29
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:c9:99:b3:87:91:be:9d:54:79:39:f0:f5:91:90:a9:8a:41:
67:31:67:bf:6c:da:6e:e5:b3:e6:1b:e6:c0:40:3d:e1:69:58:
f9:ab:09:8f:fe:dd:08:17:ed:64:79:13:44:5e:37:d4:87:cb:
68:d2:ed:1b:4c:f8:0e:1b:6f:1e:0b:2d:2e:5b:02:38:38:c0:
e8:2c:30:8e:88:9f:bb:1a:5e:24:f9:a7:04:da:15:da:aa:49:
f7:05:2f:a3:02:ea:66:1a:a2:2f:3f:c0:c0:80:5c:14:19:f2:
a9:ab:4c:78:66:ed:a2:aa:23:3f:6d:ff:1c:27:39:21:8b:63:
e1:68:30:41:68:3f:e1:73:34:76:51:e4:32:58:d6:90:7d:b9:
da:e0:e2:7c:89:0d:b3:fa:95:ed:a2:1b:78:ae:93:8b:d8:66:
48:79:9c:d1:59:d9:9c:07:bb:cf:ee:92:69:18:c4:a4:12:59:
3b:df:6b:aa:fa:85:d7:57:59:ce:1c:82:58:d3:5e:d4:4d:a5:
82:a7:d5:ca:d0:73:d7:8e:72:65:70:99:27:ad:59:66:12:2d:
4e:fc:03:47:6f:52:cf:00:64:e0:ac:50:01:cc:79:85:3b:17:
a0:59:43:22:6e:3b:da:03:c2:68:77:de:1c:8b:85:e2:8a:bd:
59:57:3c:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY3HtO+UdPxEpBqu36+8lEzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjIwMTgwOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ5N2EwZDg3MGZjMzE3MTA2OTlhMWNjOGZiNWU0Mjg3ZDIyNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9QvPlWMLberd8K6amT1b8hFYo9f
y5eEvTxRMhwGPJ4nUqIspPJSCCSeNCCbiXdDzU1V/1Vr0a15NdcejjOK9nLNGEjf
ffoRWqssnKWkP9549270+9jqfqe/vxYTbzZOvyqI/ekKlBVCmmu5oOjCcyr89962
FHT9L0PVXhMSwtj/LyGhcToWxvX2PGg9Ze1Tp56vNd9bIZpn85bCrt3Bit6TUtga
0Pehq57kor24tQsDhzWV25wQeXBc6L9wHtQTU6B3ubYSrkxPrMXGCPxYLpI1q/XL
9KEX6BcAT2PSpWDB1Z6d+P3BknUobMAga0ikHxiVKpGe1D/icrKB2bVWCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMnZeg2HD8MXEGmaHMj7XkKH0iSUMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWRsNkRZY1B3eGNRYVpvY3lQdGVRb2ZTSkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgAciAMF
AyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQAtyZmzh5G+nVR5OfD1kZCp
ikFnMWe/bNpu5bPmG+bAQD3haVj5qwmP/t0IF+1keRNEXjfUh8to0u0bTPgOG28e
Cy0uWwI4OMDoLDCOiJ+7Gl4k+acE2hXaqkn3BS+jAupmGqIvP8DAgFwUGfKpq0x4
Zu2iqiM/bf8cJzkhi2PhaDBBaD/hczR2UeQyWNaQfbna4OJ8iQ2z+pXtoht4rpOL
2GZIeZzRWdmcB7vP7pJpGMSkElk732uq+oXXV1nOHIJY017UTaWCp9XK0HPXjnJl
cJknrVlmEi1O/ANHb1LPAGTgrFABzHmFOxegWUMibjvaA8Jod94ci4Xiir1ZVzyd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:31 2024 by rpki-client on console-fra.rpki-client.org