Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0XVd4CHHqD6MqIXJhs8dn9__pPw.roa
File: 0XVd4CHHqD6MqIXJhs8dn9__pPw.roa (raw, json)
Hash identifier: yxm63Hnq+ijwFpSt0SURgVKzunltVeM5sbk/FSMTAPU=
Subject key identifier: D1:75:5D:E0:21:C7:A8:3E:8C:A8:85:C9:86:CF:1D:9F:DF:FF:A4:FC
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAF076373B3DD052919EBF6CEA787A5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0XVd4CHHqD6MqIXJhs8dn9__pPw.roa
Signing time: Sun 01 Jan 2023 09:34:48 +0000
ROA not before: Sun 01 Jan 2023 09:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198412
IP address blocks: 2a03:f87:ba14::/48 maxlen: 48
2a03:f87:ba54::/48 maxlen: 48
2a03:f87:ba59::/48 maxlen: 48
2a03:f87:ba43::/48 maxlen: 48
2a03:f87:3::/48 maxlen: 48
2a03:f87:baa8::/48 maxlen: 48
2a03:f87:ba12::/48 maxlen: 48
2a03:f87:ba52::/48 maxlen: 48
2a03:f87:ba57::/48 maxlen: 48
2a03:f87:ba17::/48 maxlen: 48
2a03:f87:baa1::/48 maxlen: 48
2a03:f87:baab::/48 maxlen: 48
2a03:f87:ba10::/48 maxlen: 48
2a03:f87:ba50::/48 maxlen: 48
2a03:f87:ba55::/48 maxlen: 48
2a03:f87:ba15::/48 maxlen: 48
2a03:f87:baa9::/48 maxlen: 48
2a03:f87:ba49::/48 maxlen: 48
2a03:f87:ba13::/48 maxlen: 48
2a03:f87:ba53::/48 maxlen: 48
2a03:f87:ba18::/48 maxlen: 48
2a03:f87:baa2::/48 maxlen: 48
2a03:f87:ba47::/48 maxlen: 48
2a03:f87:baac::/48 maxlen: 48
2a03:f87:ba11::/48 maxlen: 48
2a03:f87:ba51::/48 maxlen: 48
2a03:f87:ba56::/48 maxlen: 48
2a03:f87:ba16::/48 maxlen: 48
2a03:f87:ba60::/48 maxlen: 48
2a03:f87:ba45::/48 maxlen: 48
2a03:f87::/32 maxlen: 32
2a03:f87:baaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Jul 2023 12:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:07:63:73:b3:dd:05:29:19:eb:f6:ce:a7:87:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1755de021c7a83e8ca885c986cf1d9fdfffa4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ff:ab:10:e7:dd:f6:42:e9:12:1b:56:db:32:
eb:d6:98:2d:67:30:bc:fd:ed:24:56:a8:c3:92:83:
3c:d9:dc:79:bf:82:1a:32:57:e7:79:9c:75:9d:cf:
98:a4:92:d4:7d:98:80:3c:0c:18:e9:30:d1:16:d2:
a6:67:bf:e3:aa:9f:37:df:bb:af:c4:2d:f7:ce:0b:
43:06:ca:a0:c8:75:ed:ad:ac:47:bf:5a:43:93:24:
b1:e8:5e:5c:5f:7f:e2:b6:fc:58:6c:3e:83:f8:82:
e8:c1:a4:b1:a7:6b:67:7a:7d:5a:6f:bc:9e:23:d3:
0a:06:42:d9:20:d5:98:b6:ef:76:0a:ea:b1:6d:56:
8c:93:26:ac:a7:4e:e7:b0:a3:8a:28:87:32:d3:2c:
4f:9e:65:39:ea:fd:87:95:ce:b6:d7:ce:31:0c:93:
0c:28:91:56:9c:9b:a9:0d:d3:ef:0d:99:01:b2:88:
61:0b:2b:9c:85:4a:aa:cd:3f:ea:66:be:09:f0:e5:
1f:e9:96:66:18:8a:66:f3:cc:af:c3:33:93:17:d2:
32:05:74:a7:30:dc:cd:8f:06:36:28:57:60:e8:f2:
c8:1a:59:33:86:0a:87:14:e8:0e:e7:07:4e:8d:35:
43:ea:b7:6e:ec:29:34:23:8f:c9:2b:17:58:b2:50:
65:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:75:5D:E0:21:C7:A8:3E:8C:A8:85:C9:86:CF:1D:9F:DF:FF:A4:FC
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0XVd4CHHqD6MqIXJhs8dn9__pPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f87::/32
Signature Algorithm: sha256WithRSAEncryption
49:30:2c:a8:6f:53:ff:ac:66:66:34:b0:89:a9:25:84:23:cf:
50:9a:56:51:46:9a:2c:69:55:2b:1a:ee:60:bc:87:c1:ba:5c:
ec:96:74:66:c7:7b:3d:3f:bd:b5:ef:6f:b9:74:29:e6:89:57:
4d:4a:6f:84:a5:6a:67:b5:e8:3f:09:d2:5a:1d:4f:77:63:8a:
13:79:74:71:7a:d5:45:47:74:da:18:74:50:39:75:de:8b:15:
aa:84:8a:2c:47:d0:2a:03:8f:41:81:bb:fe:4d:ed:63:12:47:
b2:41:1c:c7:b8:e4:5e:b9:b2:f7:47:1f:21:70:54:5f:12:25:
36:19:37:c3:51:72:14:92:2f:bf:9e:5c:9e:40:04:cc:b4:75:
0f:24:e3:18:62:dc:52:21:02:71:b3:0e:45:10:2f:0d:f8:c8:
41:38:d2:d5:69:13:31:e0:46:51:98:14:b1:5f:3c:34:e8:a4:
06:d2:eb:88:a0:ce:00:e3:1a:e0:e9:3d:b3:16:c3:11:88:02:
5a:3f:67:c7:f6:ae:54:fe:b4:89:45:a7:e2:10:07:b1:00:92:
c4:ff:43:49:ed:fd:00:2e:7f:e7:6d:73:0c:7b:95:6b:a3:65:
86:6f:4b:25:65:a5:12:57:b6:1e:09:9f:72:ed:d8:ff:b9:01:
35:d5:f2:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVsrwdjc7PdBSkZ6/bOp4elMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTc1NWRlMDIxYzdhODNlOGNhODg1Yzk4NmNmMWQ5ZmRmZmZhNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP+rEOfd9kLpEhtW2zLr1pgtZzC8
/e0kVqjDkoM82dx5v4IaMlfneZx1nc+YpJLUfZiAPAwY6TDRFtKmZ7/jqp8337uv
xC33zgtDBsqgyHXtraxHv1pDkySx6F5cX3/itvxYbD6D+ILowaSxp2tnen1ab7ye
I9MKBkLZINWYtu92CuqxbVaMkyasp07nsKOKKIcy0yxPnmU56v2Hlc62184xDJMM
KJFWnJupDdPvDZkBsohhCyuchUqqzT/qZr4J8OUf6ZZmGIpm88yvwzOTF9IyBXSn
MNzNjwY2KFdg6PLIGlkzhgqHFOgO5wdOjTVD6rdu7Ck0I4/JKxdYslBlmwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNF1XeAhx6g+jKiFyYbPHZ/f/6T8MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMFhWZDRDSEhxRDZNcUlYSmhzOGRuOV9fcFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgMPhzAN
BgkqhkiG9w0BAQsFAAOCAQEASTAsqG9T/6xmZjSwiaklhCPPUJpWUUaaLGlVKxru
YLyHwbpc7JZ0Zsd7PT+9te9vuXQp5olXTUpvhKVqZ7XoPwnSWh1Pd2OKE3l0cXrV
RUd02hh0UDl13osVqoSKLEfQKgOPQYG7/k3tYxJHskEcx7jkXrmy90cfIXBUXxIl
Nhk3w1FyFJIvv55cnkAEzLR1DyTjGGLcUiECcbMORRAvDfjIQTjS1WkTMeBGUZgU
sV88NOikBtLriKDOAOMa4Ok9sxbDEYgCWj9nx/auVP60iUWn4hAHsQCSxP9DSe39
AC5/521zDHuVa6Nlhm9LJWWlEle2Hgmfcu3Y/7kBNdXyLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org