Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1dD28f94ZZ_ydiUOjgu2aa23ju8.roa
File: 1dD28f94ZZ_ydiUOjgu2aa23ju8.roa (raw, json)
Hash identifier: 753CQfvkBtPJWpXNaTTbUdRPjcK4Z33eUT5Kxr5Bmkc=
Subject key identifier: D5:D0:F6:F1:FF:78:65:9F:F2:76:25:0E:8E:0B:B6:69:AD:B7:8E:EF
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01857246DA20827950111A705B95ABE2D4F7
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1dD28f94ZZ_ydiUOjgu2aa23ju8.roa
Signing time: Mon 02 Jan 2023 11:38:43 +0000
ROA not before: Mon 02 Jan 2023 11:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209833
IP address blocks: 2a0e:7d40:20::/44 maxlen: 44
2a0e:7d40::/32 maxlen: 32
2a0e:7d40:30::/44 maxlen: 44
2a0e:7d40:40::/44 maxlen: 44
2a0e:7d40:43::/48 maxlen: 48
2a0e:7d40:41::/48 maxlen: 48
2a0e:7d40:42::/48 maxlen: 48
2a0c:9a40:8130::/44 maxlen: 48
2a0c:9a40:8130::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:da:20:82:79:50:11:1a:70:5b:95:ab:e2:d4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 2 11:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d0f6f1ff78659ff276250e8e0bb669adb78eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:88:43:ef:ae:4c:69:eb:79:d8:20:7c:15:66:
87:d5:82:aa:a4:0c:e7:43:68:72:58:66:bb:ed:4e:
84:8e:fd:51:1e:a1:7d:89:75:3a:b6:72:c1:df:ab:
de:ef:c1:d7:6f:d5:c3:cb:88:8a:56:ab:9f:0f:1a:
1b:59:08:86:3c:ec:45:a4:e7:cd:de:b5:84:0f:ce:
fa:c7:76:73:b2:c2:33:b6:65:17:0c:77:84:51:42:
02:59:b4:99:cb:dc:89:6f:63:d4:82:26:09:50:d2:
0b:4c:f3:43:c6:48:1a:1b:02:d7:fc:de:1d:fd:cb:
f1:7f:b0:fc:bb:6d:24:2f:80:45:5f:86:db:df:7e:
38:62:f8:7f:41:86:66:99:db:02:2a:69:50:39:87:
34:c6:d1:81:b8:1c:91:03:2e:11:20:c5:d1:52:6f:
be:10:3a:ec:17:6b:60:50:41:63:4c:bf:58:0e:94:
bc:69:9c:43:dc:0c:87:dd:68:ba:b9:ab:92:3c:de:
fa:29:dd:e1:a9:60:12:c3:0e:99:9c:8b:58:81:7d:
00:48:7d:c6:ca:90:12:3d:4b:d2:d9:46:51:3b:cf:
3b:e6:5c:6d:25:2c:44:89:5c:f1:d9:ed:34:79:d5:
8e:9c:96:f3:d7:6e:8a:08:54:7d:ef:2c:3d:9d:e7:
d8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D0:F6:F1:FF:78:65:9F:F2:76:25:0E:8E:0B:B6:69:AD:B7:8E:EF
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1dD28f94ZZ_ydiUOjgu2aa23ju8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8130::/44
2a0e:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
4a:9c:aa:4d:9d:97:38:ed:5a:20:74:e4:98:9e:c4:fb:ff:0b:
4d:e8:ee:1b:06:46:6c:fc:78:66:72:08:66:43:09:62:36:4e:
ce:8f:ae:20:e5:31:91:b3:ec:77:d4:5b:ba:f9:22:e7:ac:69:
7d:c2:8d:ea:81:0e:4d:c3:b7:b2:90:65:ea:5c:a1:80:e9:1d:
a0:25:33:e3:84:7e:af:9f:fa:d0:ef:e6:37:17:1b:7e:35:f6:
42:94:67:99:59:8e:d7:59:58:85:bc:3a:25:b2:a1:2c:06:ab:
6d:63:20:d9:50:61:6d:c6:10:e9:e5:72:12:04:65:6e:72:3b:
6f:c1:d0:58:a5:32:9a:52:0e:04:5f:a3:b3:d0:19:05:6e:e2:
9b:75:f6:7e:64:c9:73:21:fe:a9:e7:f7:62:b3:69:66:3a:59:
49:88:cc:09:41:cf:6d:74:65:8e:cc:05:41:ac:e1:cd:e1:f4:
d1:e2:eb:ed:99:72:1c:75:7c:ef:6c:20:e9:cd:6a:47:db:63:
29:20:b0:be:26:e7:e9:c5:25:ae:8a:d3:81:02:d3:6f:6f:ca:
9c:6f:01:9d:f7:90:ef:24:ee:20:50:33:d2:aa:35:20:4b:e3:
ba:8a:e3:e3:40:af:26:37:e1:d1:e3:68:a8:84:ac:7a:e0:3c:
ab:ca:f0:03
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYVyRtoggnlQERpwW5Wr4tT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMTAyMTEzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQwZjZmMWZmNzg2NTlmZjI3NjI1MGU4ZTBiYjY2OWFkYjc4ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhohD765Maet52CB8FWaH1YKqpAzn
Q2hyWGa77U6Ejv1RHqF9iXU6tnLB36ve78HXb9XDy4iKVqufDxobWQiGPOxFpOfN
3rWED876x3ZzssIztmUXDHeEUUICWbSZy9yJb2PUgiYJUNILTPNDxkgaGwLX/N4d
/cvxf7D8u20kL4BFX4bb3344Yvh/QYZmmdsCKmlQOYc0xtGBuByRAy4RIMXRUm++
EDrsF2tgUEFjTL9YDpS8aZxD3AyH3Wi6uauSPN76Kd3hqWASww6ZnItYgX0ASH3G
ypASPUvS2UZRO8875lxtJSxEiVzx2e00edWOnJbz126KCFR97yw9nefYdwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNXQ9vH/eGWf8nYlDo4Ltmmtt47vMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMWREMjhmOTRaWl95ZGlVT2pndTJhYTIzanU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcEKgyaQIEw
AwUAKg59QDANBgkqhkiG9w0BAQsFAAOCAQEASpyqTZ2XOO1aIHTkmJ7E+/8LTeju
GwZGbPx4ZnIIZkMJYjZOzo+uIOUxkbPsd9Rbuvki56xpfcKN6oEOTcO3spBl6lyh
gOkdoCUz44R+r5/60O/mNxcbfjX2QpRnmVmO11lYhbw6JbKhLAarbWMg2VBhbcYQ
6eVyEgRlbnI7b8HQWKUymlIOBF+js9AZBW7im3X2fmTJcyH+qef3YrNpZjpZSYjM
CUHPbXRljswFQazhzeH00eLr7ZlyHHV872wg6c1qR9tjKSCwvibn6cUlrorTgQLT
b2/KnG8BnfeQ7yTuIFAz0qo1IEvjuorj40CvJjfh0eNoqISseuA8q8rwAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:49 2024 by rpki-client on console-fra.rpki-client.org