Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/PxLrApqGqPwaiyme2vIt3WYLxms.roa
File: PxLrApqGqPwaiyme2vIt3WYLxms.roa (raw, json)
Hash identifier: cMMOr6BFjILtd8Y+f3CZLAWuWGZLMRlV9/DBu18tAU8=
Subject key identifier: 3F:12:EB:02:9A:86:A8:FC:1A:8B:29:9E:DA:F2:2D:DD:66:0B:C6:6B
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018E42F0DC0B5D6BFAA0F7C3E96F0FDD64A4
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/PxLrApqGqPwaiyme2vIt3WYLxms.roa
Signing time: Fri 15 Mar 2024 16:27:44 +0000
ROA not before: Fri 15 Mar 2024 16:27:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216435
IP address blocks: 2a12:28c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 16:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:f0:dc:0b:5d:6b:fa:a0:f7:c3:e9:6f:0f:dd:64:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Mar 15 16:27:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f12eb029a86a8fc1a8b299edaf22ddd660bc66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a1:40:47:0a:1f:7a:aa:f9:57:d5:13:a3:7a:
70:4f:eb:4e:46:52:44:b5:27:d8:fc:eb:b4:07:86:
0b:3c:53:27:eb:6c:46:52:d5:53:bb:50:df:be:7f:
cf:82:7d:ac:84:55:15:14:9d:a6:c0:47:aa:7e:3a:
72:13:21:13:e0:73:8b:c3:c2:19:e5:56:96:af:7e:
ed:74:5f:93:99:d0:1f:29:f5:17:d2:f3:dc:6f:c5:
48:40:a4:2e:db:4c:e7:d0:eb:4f:1b:a4:d7:ec:04:
19:6b:ee:a2:c2:1f:36:c8:b1:4f:c6:6c:54:c1:63:
70:64:ba:4f:db:da:a2:a6:5f:00:35:2f:46:40:0b:
95:43:fd:e8:3a:19:5d:76:c7:91:d2:3a:e0:9b:a2:
a2:09:3e:68:95:dc:2f:e0:8c:8e:88:44:d4:2f:1e:
ea:4e:b3:de:d2:49:14:68:ba:01:e0:0b:ce:a2:f8:
67:3c:49:86:00:01:be:b9:f8:33:d3:38:de:0f:81:
68:3b:c6:a1:dd:c6:52:95:45:58:5f:b5:42:70:4b:
f5:e8:f5:10:36:35:ff:6d:43:7f:4a:3e:94:ce:fb:
4e:2e:b4:49:9c:ec:fc:ea:8a:69:07:67:1a:8e:73:
05:09:fa:df:3b:fc:fd:2a:68:0e:3d:d4:fa:e1:41:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:12:EB:02:9A:86:A8:FC:1A:8B:29:9E:DA:F2:2D:DD:66:0B:C6:6B
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/PxLrApqGqPwaiyme2vIt3WYLxms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:84:ce:23:b5:f8:51:4d:c9:46:f7:e2:f2:55:ef:eb:94:08:
64:f4:20:86:fa:5a:3a:5a:61:78:62:1d:61:6d:8f:96:8f:1c:
cc:9e:cd:ff:bd:c1:08:5c:56:71:b0:fb:42:fc:d3:29:93:fd:
6f:6f:20:57:1c:c9:f2:07:ee:86:3f:49:ee:5f:ad:f4:8e:4a:
c5:a5:38:29:84:8d:86:91:23:a7:5c:21:9f:69:45:6b:0f:d0:
a2:21:24:99:37:f3:0f:7f:0d:58:09:eb:3e:7e:52:5e:3e:a0:
90:6f:59:03:15:2c:8a:3d:3f:38:ae:9e:50:32:07:35:62:b7:
59:28:b2:74:75:46:45:d4:3a:76:34:09:45:14:bc:6a:84:2b:
18:6b:9f:b5:8b:fb:a9:6b:06:78:e6:43:99:31:1b:28:53:f1:
99:59:e1:2e:de:0c:92:8b:5c:c0:2e:68:55:81:19:da:06:1a:
81:76:34:1b:02:2e:3c:0c:28:9d:18:1a:ac:e6:31:bf:f2:15:
76:20:58:f3:eb:b7:75:02:57:ad:86:1b:2d:dc:0d:39:ee:55:
e7:4f:07:01:fb:4a:88:9f:e5:69:15:9f:aa:24:13:9c:f7:26:
12:9e:58:4a:7b:59:7a:d7:2f:7a:5d:2f:9a:3c:94:d8:dc:08:
32:32:37:11
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5C8NwLXWv6oPfD6W8P3WSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMzE1MTYyNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjEyZWIwMjlhODZhOGZjMWE4YjI5OWVkYWYyMmRkZDY2MGJjNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaFARwofeqr5V9UTo3pwT+tORlJE
tSfY/Ou0B4YLPFMn62xGUtVTu1Dfvn/Pgn2shFUVFJ2mwEeqfjpyEyET4HOLw8IZ
5VaWr37tdF+TmdAfKfUX0vPcb8VIQKQu20zn0OtPG6TX7AQZa+6iwh82yLFPxmxU
wWNwZLpP29qipl8ANS9GQAuVQ/3oOhlddseR0jrgm6KiCT5oldwv4IyOiETULx7q
TrPe0kkUaLoB4AvOovhnPEmGAAG+ufgz0zjeD4FoO8ah3cZSlUVYX7VCcEv16PUQ
NjX/bUN/Sj6UzvtOLrRJnOz86oppB2cajnMFCfrfO/z9KmgOPdT64UEM9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD8S6wKahqj8GospntryLd1mC8ZrMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvUHhMckFwcUdxUHdhaXltZTJ2SXQzV1lMeG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIowDAN
BgkqhkiG9w0BAQsFAAOCAQEAUoTOI7X4UU3JRvfi8lXv65QIZPQghvpaOlpheGId
YW2Plo8czJ7N/73BCFxWcbD7QvzTKZP9b28gVxzJ8gfuhj9J7l+t9I5KxaU4KYSN
hpEjp1whn2lFaw/QoiEkmTfzD38NWAnrPn5SXj6gkG9ZAxUsij0/OK6eUDIHNWK3
WSiydHVGRdQ6djQJRRS8aoQrGGuftYv7qWsGeOZDmTEbKFPxmVnhLt4MkotcwC5o
VYEZ2gYagXY0GwIuPAwonRgarOYxv/IVdiBY8+u3dQJXrYYbLdwNOe5V508HAftK
iJ/laRWfqiQTnPcmEp5YSntZetcvel0vmjyU2NwIMjI3EQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org