Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/2WNiG_HTgMY7cDL6yqfytj4AFhw.roa
File: 2WNiG_HTgMY7cDL6yqfytj4AFhw.roa (raw, json)
Hash identifier: L1rSJvxLaDiGGj1GX8n6lRI7WCSflIh9mLYqYKOVfMc=
Subject key identifier: D9:63:62:1B:F1:D3:80:C6:3B:70:32:FA:CA:A7:F2:B6:3E:00:16:1C
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018A0D23284D17D0D40B02B371545EA8A55C
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/2WNiG_HTgMY7cDL6yqfytj4AFhw.roa
Signing time: Sat 19 Aug 2023 09:32:02 +0000
ROA not before: Sat 19 Aug 2023 09:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60939
IP address blocks: 2a05:f300::/29 maxlen: 64
2a12:4b40::/29 maxlen: 64
2a13:c800::/29 maxlen: 64
2a13:c400::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0d:23:28:4d:17:d0:d4:0b:02:b3:71:54:5e:a8:a5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Aug 19 09:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d963621bf1d380c63b7032facaa7f2b63e00161c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:0c:33:1f:96:54:7f:54:a6:1d:96:de:1a:
a5:54:51:9c:32:b0:ce:d2:6d:b0:7d:c0:99:17:00:
5e:b2:68:5e:17:a3:4d:fc:ab:6c:c7:24:75:87:8c:
ee:63:f4:62:6b:68:a4:00:fc:f2:36:b3:f3:28:c2:
f3:c3:68:de:c6:e5:c8:18:38:b9:6b:5a:32:00:03:
2a:e1:38:73:44:7e:48:bd:12:20:36:c4:3d:62:57:
3d:a3:d4:4e:a0:7f:d9:50:e1:ed:76:9e:0e:2e:78:
31:72:29:97:26:05:55:85:c1:48:74:b7:80:ff:32:
ca:8d:0c:e8:4e:87:f4:dd:e8:4a:39:9f:12:7b:85:
be:bc:cc:60:89:be:a2:76:f4:39:93:36:85:63:f0:
a2:2c:fd:11:4a:ed:15:8d:22:f9:99:3c:65:5e:2a:
29:31:ca:37:85:f5:c0:ac:66:50:51:60:98:e2:bd:
14:fb:68:7a:67:9a:5a:a9:e0:3e:36:fa:e9:fa:3a:
10:32:2e:bf:f2:74:0f:35:50:50:f1:d2:43:f2:3c:
da:41:40:b9:38:7a:65:02:2c:69:a2:b7:a3:ea:7b:
ef:c4:55:c1:03:6c:b5:c8:6f:db:98:d6:88:cf:bb:
83:46:5e:d3:be:cc:7b:70:b5:9b:44:82:8f:4d:97:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:63:62:1B:F1:D3:80:C6:3B:70:32:FA:CA:A7:F2:B6:3E:00:16:1C
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/2WNiG_HTgMY7cDL6yqfytj4AFhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c400::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
39:28:51:21:3f:86:4e:28:59:11:a8:db:c0:c1:c4:a5:8a:70:
e2:82:bf:c2:88:7a:fc:a6:50:06:7d:dd:59:8f:a8:52:3d:f4:
dd:be:4f:da:50:1b:b9:64:a5:64:02:f7:e2:b6:e0:67:5b:8f:
3a:f4:a6:3f:02:c8:e7:3f:db:c0:19:38:f0:30:aa:3b:1d:64:
71:37:4c:9e:98:67:3e:2a:b9:92:b9:e3:d3:7e:3c:a2:51:57:
9e:b8:da:38:8c:33:77:fa:d1:da:ba:67:df:d8:95:b8:ab:16:
f7:2f:2d:c8:c6:e8:e4:ae:95:35:1a:26:db:24:40:d5:96:41:
2c:48:09:3f:be:27:fc:44:a4:91:20:b5:89:4a:09:14:e4:b1:
a6:50:1f:1b:1b:a6:69:85:78:e8:75:0b:92:5f:24:80:77:56:
44:89:ab:5f:47:6f:90:58:e4:9f:c0:2f:ce:5a:d7:68:ad:0c:
b8:59:ba:c7:6b:f9:c3:61:44:b6:91:c7:c6:c2:56:2e:6c:65:
ed:74:5a:e9:16:6f:86:91:e8:65:c3:56:17:20:d0:c7:c9:ac:
bf:fd:74:22:f3:b6:41:50:b7:3e:18:5e:cd:93:b4:16:ad:0a:
c0:72:14:c7:63:e0:07:28:8a:03:48:85:d8:8c:4f:cf:a8:7d:
97:b5:9c:0e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYoNIyhNF9DUCwKzcVReqKVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjMwODE5MDkzMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTYzNjIxYmYxZDM4MGM2M2I3MDMyZmFjYWE3ZjJiNjNlMDAxNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVMMMx+WVH9Uph2W3hqlVFGcMrDO
0m2wfcCZFwBesmheF6NN/KtsxyR1h4zuY/Ria2ikAPzyNrPzKMLzw2jexuXIGDi5
a1oyAAMq4ThzRH5IvRIgNsQ9Ylc9o9ROoH/ZUOHtdp4OLngxcimXJgVVhcFIdLeA
/zLKjQzoTof03ehKOZ8Se4W+vMxgib6idvQ5kzaFY/CiLP0RSu0VjSL5mTxlXiop
Mco3hfXArGZQUWCY4r0U+2h6Z5paqeA+Nvrp+joQMi6/8nQPNVBQ8dJD8jzaQUC5
OHplAixporej6nvvxFXBA2y1yG/bmNaIz7uDRl7Tvsx7cLWbRIKPTZeSswIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNljYhvx04DGO3Ay+sqn8rY+ABYcMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMldOaUdfSFRnTVk3Y0RMNnlxZnl0ajRBRmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgXzAAMF
AyoSS0ADBQMqE8QAAwUDKhPIADANBgkqhkiG9w0BAQsFAAOCAQEAOShRIT+GTihZ
EajbwMHEpYpw4oK/woh6/KZQBn3dWY+oUj303b5P2lAbuWSlZAL34rbgZ1uPOvSm
PwLI5z/bwBk48DCqOx1kcTdMnphnPiq5krnj0348olFXnrjaOIwzd/rR2rpn39iV
uKsW9y8tyMbo5K6VNRom2yRA1ZZBLEgJP74n/ESkkSC1iUoJFOSxplAfGxumaYV4
6HULkl8kgHdWRImrX0dvkFjkn8AvzlrXaK0MuFm6x2v5w2FEtpHHxsJWLmxl7XRa
6RZvhpHoZcNWFyDQx8msv/10IvO2QVC3PhhezZO0Fq0KwHIUx2PgByiKA0iF2IxP
z6h9l7WcDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org