Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/D84Vnj4lEtmxEeW2D-A0AQCrjwg.roa
File: D84Vnj4lEtmxEeW2D-A0AQCrjwg.roa (raw, json)
Hash identifier: pc5Nfb6uEf9m5WcUuG+2HstmMMwsAFWQw2GJk7uxtUo=
Subject key identifier: 0F:CE:15:9E:3E:25:12:D9:B1:11:E5:B6:0F:E0:34:01:00:AB:8F:08
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018D7A6D17EC2F321B7E433613751CC35B76
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/D84Vnj4lEtmxEeW2D-A0AQCrjwg.roa
Signing time: Mon 05 Feb 2024 17:59:46 +0000
ROA not before: Mon 05 Feb 2024 17:59:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:e000::/29 maxlen: 32
2a12:6b80::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 18:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:6d:17:ec:2f:32:1b:7e:43:36:13:75:1c:c3:5b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 5 17:59:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fce159e3e2512d9b111e5b60fe0340100ab8f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2c:32:d6:93:d1:b6:ef:3c:80:8d:99:e2:94:
e3:27:dc:48:ba:84:20:f4:37:2b:8a:6f:7d:51:fe:
fb:7c:59:ab:65:c0:66:66:7b:f9:21:6e:50:23:80:
f4:d4:70:c4:e2:f6:85:e1:d7:5b:c9:32:03:d8:c7:
86:e9:6a:f1:af:ad:b5:f8:e4:97:6f:eb:61:a5:f9:
77:71:de:b9:51:fc:2a:1b:db:aa:cf:b5:e6:29:91:
29:06:e9:99:9e:ec:c0:84:82:fa:0b:1f:8b:98:1c:
b8:62:54:da:ca:02:a2:d4:1a:37:bb:aa:e0:58:b2:
73:ee:66:03:18:7d:71:58:8a:f7:76:a0:4c:27:dd:
02:30:3c:23:c6:2d:74:64:82:d7:94:bb:cb:64:af:
af:b5:7a:cb:80:53:42:75:34:d6:34:60:ab:8c:f0:
dc:c6:8e:b2:21:dd:27:2b:7b:00:41:e9:c3:ed:15:
38:48:2d:b1:3d:c3:7b:ad:b3:06:fb:3f:b9:d2:12:
ef:69:b1:68:5d:0d:7e:a3:bd:b7:01:82:33:ef:3e:
a5:af:ce:b4:b8:6d:65:3a:bb:62:52:3c:02:46:c4:
83:00:e3:8f:79:06:b5:64:1d:cd:d4:70:e6:25:3d:
f0:8b:fb:a7:de:18:c5:55:40:2a:0d:98:f8:e6:46:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CE:15:9E:3E:25:12:D9:B1:11:E5:B6:0F:E0:34:01:00:AB:8F:08
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/D84Vnj4lEtmxEeW2D-A0AQCrjwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:74:71:7a:14:1b:50:fc:00:b1:a5:89:30:9c:4b:e6:fa:ae:
9c:42:8f:53:dc:c2:cd:51:32:f6:4c:d9:b2:c6:71:40:15:02:
44:26:38:d4:00:36:dc:bf:d9:7c:5a:bb:3f:15:d9:eb:14:73:
d8:22:2e:56:31:69:71:d3:a3:a7:26:89:2f:6c:04:99:a4:a7:
f6:c4:41:3e:6e:4f:d8:20:23:34:ef:a7:f7:49:e5:41:66:52:
83:ea:d0:75:7d:9b:8a:da:27:a9:df:e3:50:db:00:89:d7:f7:
ad:ef:35:4a:9e:61:d4:9f:5d:e0:d7:ad:86:ae:e0:8b:4e:7f:
da:5b:44:7a:87:ca:92:cf:8a:42:ec:b0:2b:ad:80:ec:04:ee:
31:a5:3e:a8:5e:45:56:76:f1:d2:12:ce:03:4d:46:ce:17:b9:
2c:26:1e:f9:7c:63:9e:f9:f9:a7:93:54:a2:90:4a:57:3e:dc:
52:02:53:c1:25:45:7f:7b:78:04:38:a6:af:d4:74:f9:ab:d2:
e4:79:0a:99:cf:68:53:f9:43:91:06:00:60:ce:6b:7e:0a:32:
51:55:51:cf:07:7d:ef:9a:a8:8e:2d:fb:7d:dd:e3:75:78:4d:
c3:8c:bf:9c:54:d6:b8:fe:84:b7:3c:61:0b:d4:ae:7b:8d:42:
94:dd:7f:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY16bRfsLzIbfkM2E3Ucw1t2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjA1MTc1OTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmNlMTU5ZTNlMjUxMmQ5YjExMWU1YjYwZmUwMzQwMTAwYWI4ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSwy1pPRtu88gI2Z4pTjJ9xIuoQg
9Dcrim99Uf77fFmrZcBmZnv5IW5QI4D01HDE4vaF4ddbyTID2MeG6Wrxr621+OSX
b+thpfl3cd65UfwqG9uqz7XmKZEpBumZnuzAhIL6Cx+LmBy4YlTaygKi1Bo3u6rg
WLJz7mYDGH1xWIr3dqBMJ90CMDwjxi10ZILXlLvLZK+vtXrLgFNCdTTWNGCrjPDc
xo6yId0nK3sAQenD7RU4SC2xPcN7rbMG+z+50hLvabFoXQ1+o723AYIz7z6lr860
uG1lOrtiUjwCRsSDAOOPeQa1ZB3N1HDmJT3wi/un3hjFVUAqDZj45kZYWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA/OFZ4+JRLZsRHltg/gNAEAq48IMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvRDg0Vm5qNGxFdG14RWVXMkQtQTBBUUNyandnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/gAAMF
AyoSa4AwDQYJKoZIhvcNAQELBQADggEBAA90cXoUG1D8ALGliTCcS+b6rpxCj1Pc
ws1RMvZM2bLGcUAVAkQmONQANty/2Xxauz8V2esUc9giLlYxaXHTo6cmiS9sBJmk
p/bEQT5uT9ggIzTvp/dJ5UFmUoPq0HV9m4raJ6nf41DbAInX963vNUqeYdSfXeDX
rYau4ItOf9pbRHqHypLPikLssCutgOwE7jGlPqheRVZ28dISzgNNRs4XuSwmHvl8
Y575+aeTVKKQSlc+3FICU8ElRX97eAQ4pq/UdPmr0uR5CpnPaFP5Q5EGAGDOa34K
MlFVUc8Hfe+aqI4t+33d43V4TcOMv5xU1rj+hLc8YQvUrnuNQpTdf7k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org