Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/pvd5bBZ_lmKYUPtRjZEvmOXoDVA.roa
File: pvd5bBZ_lmKYUPtRjZEvmOXoDVA.roa (raw, json)
Hash identifier: YdA+c62ZN2rpidvvQHf+thPZ9J3GqCCkrP8VCrJ//J4=
Subject key identifier: A6:F7:79:6C:16:7F:96:62:98:50:FB:51:8D:91:2F:98:E5:E8:0D:50
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 018CC9BC39D45547716FF334AD6A6894FCC7
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/pvd5bBZ_lmKYUPtRjZEvmOXoDVA.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a04:30c0::/32 maxlen: 32
2a06:2600::/32 maxlen: 32
2a02:166a::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 10:23:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:39:d4:55:47:71:6f:f3:34:ad:6a:68:94:fc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6f7796c167f96629850fb518d912f98e5e80d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:65:62:02:27:32:ef:fd:b6:d2:fb:0a:5f:0a:
7c:f3:d4:f4:49:45:8f:a5:57:91:85:58:c1:b5:52:
15:61:a9:6e:87:ea:77:e4:f5:45:bc:61:5a:6f:c3:
e8:d8:6a:a4:94:14:58:c3:0a:98:8a:28:93:0d:86:
d9:e7:3b:c2:ed:e7:b1:79:5f:c1:04:dc:1e:e5:fd:
4b:8d:eb:3c:8d:17:e1:9d:61:9d:d5:d5:bd:fc:72:
bc:23:11:59:80:cc:bb:1b:da:a9:19:f5:03:7f:c9:
fa:93:ef:93:c4:5c:b0:f1:1b:a6:37:05:92:20:cb:
be:9d:00:74:b5:6e:95:f9:6a:48:35:ef:58:8d:fc:
03:08:cd:b9:eb:b2:e4:12:af:d7:98:f1:36:6e:0b:
54:21:ee:3f:c4:95:63:54:19:48:ea:0a:03:45:69:
91:ca:65:b7:67:1e:a7:97:0f:4e:9d:93:55:82:69:
44:93:99:86:94:cf:e9:29:c4:85:bd:f2:73:88:d3:
96:e3:62:5c:8f:98:ca:91:e0:9e:0c:23:0b:4a:33:
54:31:6a:39:95:aa:5f:2f:e4:d5:81:46:01:2c:bb:
26:95:b7:89:fc:80:6b:91:5f:2b:98:40:0d:06:79:
9c:d7:06:65:c2:3e:6d:46:50:ee:c7:66:b2:c8:48:
ff:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F7:79:6C:16:7F:96:62:98:50:FB:51:8D:91:2F:98:E5:E8:0D:50
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/pvd5bBZ_lmKYUPtRjZEvmOXoDVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:166a::/32
2a04:30c0::/32
2a06:2600::/32
Signature Algorithm: sha256WithRSAEncryption
09:4a:42:6c:4d:b8:8a:ca:4d:c3:44:1a:df:bb:83:12:61:b8:
49:b6:39:2f:38:23:4a:73:03:95:a0:9a:2f:02:30:2d:1f:5c:
17:93:da:3c:cc:1b:ed:87:fd:77:e4:b2:a3:43:d0:bb:a3:d5:
b1:57:d3:53:3b:f0:c9:41:04:39:c7:1a:e1:47:80:94:50:7c:
14:37:78:56:02:20:3c:d9:27:3b:14:a5:60:fd:cb:a3:44:5b:
57:a5:e5:80:7d:ea:be:c8:9f:81:c8:86:8e:36:27:f7:0f:16:
7c:66:db:bf:ec:4d:5f:02:59:23:c4:fd:4a:53:be:1c:e6:b3:
62:29:17:ea:81:da:7c:1e:7b:7b:47:5e:78:09:90:aa:81:9a:
9f:33:4b:1f:83:46:8e:fc:53:01:78:10:10:9f:fe:1a:bc:9b:
dd:5d:b5:05:a4:64:06:e2:3d:05:94:b8:20:0f:48:ec:87:12:
7f:0b:90:c2:31:f0:4e:ce:e3:46:f8:94:75:47:e1:93:71:61:
3b:ce:36:ea:20:d0:0f:e2:3c:d2:28:ec:db:b9:ea:ce:d7:bd:
80:60:22:9b:f7:20:64:8e:18:fa:c7:97:03:1c:c2:19:4e:00:
ed:36:ff:ba:0e:3e:88:39:4c:60:af:54:35:65:a6:fe:17:37:
f6:aa:ed:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvDnUVUdxb/M0rWpolPzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY3Nzk2YzE2N2Y5NjYyOTg1MGZiNTE4ZDkxMmY5OGU1ZTgwZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWViAicy7/220vsKXwp889T0SUWP
pVeRhVjBtVIVYaluh+p35PVFvGFab8Po2GqklBRYwwqYiiiTDYbZ5zvC7eexeV/B
BNwe5f1Ljes8jRfhnWGd1dW9/HK8IxFZgMy7G9qpGfUDf8n6k++TxFyw8RumNwWS
IMu+nQB0tW6V+WpINe9YjfwDCM2567LkEq/XmPE2bgtUIe4/xJVjVBlI6goDRWmR
ymW3Zx6nlw9OnZNVgmlEk5mGlM/pKcSFvfJziNOW42Jcj5jKkeCeDCMLSjNUMWo5
lapfL+TVgUYBLLsmlbeJ/IBrkV8rmEANBnmc1wZlwj5tRlDux2ayyEj//QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKb3eWwWf5ZimFD7UY2RL5jl6A1QMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvcHZkNWJCWl9sbUtZVVB0UmpaRXZtT1hvRFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgIWagMF
ACoEMMADBQAqBiYAMA0GCSqGSIb3DQEBCwUAA4IBAQAJSkJsTbiKyk3DRBrfu4MS
YbhJtjkvOCNKcwOVoJovAjAtH1wXk9o8zBvth/135LKjQ9C7o9WxV9NTO/DJQQQ5
xxrhR4CUUHwUN3hWAiA82Sc7FKVg/cujRFtXpeWAfeq+yJ+ByIaONif3DxZ8Ztu/
7E1fAlkjxP1KU74c5rNiKRfqgdp8Hnt7R154CZCqgZqfM0sfg0aO/FMBeBAQn/4a
vJvdXbUFpGQG4j0FlLggD0jshxJ/C5DCMfBOzuNG+JR1R+GTcWE7zjbqINAP4jzS
KOzbuerO172AYCKb9yBkjhj6x5cDHMIZTgDtNv+6Dj6IOUxgr1Q1Zab+Fzf2qu3R
-----END CERTIFICATE-----
Generated at Thu Mar 21 13:06:03 2024 by rpki-client on console-ams.rpki-client.org