Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3PfJAs2Z9ed3i5Jd0NKUTmF15Yg.roa
File: 3PfJAs2Z9ed3i5Jd0NKUTmF15Yg.roa (raw, json)
Hash identifier: GEB826+EkRHIu8SjDL8FeKeD7H8NuE3ckk2n6dv7fgs=
Subject key identifier: DC:F7:C9:02:CD:99:F5:E7:77:8B:92:5D:D0:D2:94:4E:61:75:E5:88
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018CC3B6791B5AC520EC7CC778E470F9E3C9
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3PfJAs2Z9ed3i5Jd0NKUTmF15Yg.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211138
IP address blocks: 2a05:4140:500::/40 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Apr 2024 12:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:79:1b:5a:c5:20:ec:7c:c7:78:e4:70:f9:e3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcf7c902cd99f5e7778b925dd0d2944e6175e588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:6d:dc:81:e0:2f:d2:5c:e5:c9:9e:4f:7b:
bc:ff:58:39:d1:ce:d4:f2:70:01:b4:83:02:12:e7:
a5:31:48:d5:e0:b5:e8:f7:82:07:1e:6c:32:b5:72:
bc:db:a1:e8:22:0b:de:c5:8f:f0:ff:8b:ab:53:21:
43:3d:e5:2f:07:da:b6:3e:91:99:ff:b6:9b:6e:f2:
eb:bf:65:35:2e:4b:cd:43:c7:11:e6:cf:f0:65:0f:
5c:b2:bd:d7:75:b1:42:e3:b8:be:1e:34:14:9a:f4:
c7:58:9e:e4:1f:6b:87:fd:94:e7:55:1c:cf:76:ed:
2f:d6:12:7b:bf:53:29:fe:19:af:e9:29:b3:4f:89:
19:0b:f5:f1:29:05:51:d7:e2:0e:c8:c6:36:dc:7f:
fe:41:c4:34:ef:73:24:c2:3a:1d:6f:88:65:e7:8e:
5b:9a:41:14:93:7e:85:26:ff:ec:da:1e:1c:c5:6d:
5e:23:38:20:bd:de:2f:71:6c:70:27:60:f4:84:77:
3d:27:53:e9:e9:3d:81:69:38:e4:39:ba:e5:99:e8:
13:75:20:44:bf:49:4d:25:d8:76:25:08:40:52:17:
74:f6:d1:23:07:cd:84:09:5f:71:e6:ad:47:fc:60:
38:c1:71:fb:9c:3f:aa:7f:61:ae:0f:7e:d6:45:36:
0b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F7:C9:02:CD:99:F5:E7:77:8B:92:5D:D0:D2:94:4E:61:75:E5:88
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/3PfJAs2Z9ed3i5Jd0NKUTmF15Yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:500::/40
Signature Algorithm: sha256WithRSAEncryption
69:3a:ac:af:55:f9:dd:85:08:d0:9f:e0:55:13:b9:28:84:c9:
61:4a:9b:e7:0b:07:c3:5e:c9:58:f0:fd:56:cd:4b:05:44:48:
cc:ff:35:90:b5:bd:a1:dd:8d:f1:5f:16:96:82:a8:42:de:13:
57:c4:86:5c:31:3f:26:f5:e4:f3:a8:c6:0a:e6:31:c3:2a:fd:
56:ae:8b:4a:ac:21:19:7d:5d:b1:c8:4d:8b:c3:3e:32:6f:69:
5f:f4:98:7c:ae:b9:bb:9e:d2:0c:ef:b6:dd:88:d2:78:9c:a1:
36:06:60:83:a9:bb:44:f6:98:a2:d2:ad:98:8f:29:d6:df:4c:
77:4e:df:69:90:07:8e:19:ed:84:ee:9d:28:6c:95:f7:4f:ad:
b1:0f:75:cf:75:d7:9e:5b:04:7b:5b:27:ef:66:c3:53:9d:e8:
d4:cb:61:43:a5:29:37:2a:b2:bc:29:5b:63:ce:ea:0b:ae:c2:
ea:fe:13:b1:61:f9:97:20:29:47:63:a1:31:a4:0e:02:ec:0f:
ac:41:3a:b0:66:42:5e:48:39:74:a9:ac:61:de:ba:f2:46:f2:
4a:5d:e7:bd:3f:a5:ed:45:59:f0:6f:af:e0:b5:43:c7:f4:4d:
f1:3d:5e:47:ca:09:d5:a5:85:65:39:24:c9:e3:99:ae:9e:f4:
dd:e7:39:ea
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDtnkbWsUg7HzHeORw+ePJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y3YzkwMmNkOTlmNWU3Nzc4YjkyNWRkMGQyOTQ0ZTYxNzVlNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf9t3IHgL9Jc5cmeT3u8/1g50c7U
8nABtIMCEuelMUjV4LXo94IHHmwytXK826HoIgvexY/w/4urUyFDPeUvB9q2PpGZ
/7abbvLrv2U1LkvNQ8cR5s/wZQ9csr3XdbFC47i+HjQUmvTHWJ7kH2uH/ZTnVRzP
du0v1hJ7v1Mp/hmv6SmzT4kZC/XxKQVR1+IOyMY23H/+QcQ073Mkwjodb4hl545b
mkEUk36FJv/s2h4cxW1eIzggvd4vcWxwJ2D0hHc9J1Pp6T2BaTjkObrlmegTdSBE
v0lNJdh2JQhAUhd09tEjB82ECV9x5q1H/GA4wXH7nD+qf2GuD37WRTYL8wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNz3yQLNmfXnd4uSXdDSlE5hdeWIMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvM1BmSkFzMlo5ZWQzaTVKZDBOS1VUbUYxNVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgVBQAUw
DQYJKoZIhvcNAQELBQADggEBAGk6rK9V+d2FCNCf4FUTuSiEyWFKm+cLB8NeyVjw
/VbNSwVESMz/NZC1vaHdjfFfFpaCqELeE1fEhlwxPyb15POoxgrmMcMq/Vaui0qs
IRl9XbHITYvDPjJvaV/0mHyuubue0gzvtt2I0nicoTYGYIOpu0T2mKLSrZiPKdbf
THdO32mQB44Z7YTunShslfdPrbEPdc91155bBHtbJ+9mw1Od6NTLYUOlKTcqsrwp
W2PO6guuwur+E7Fh+ZcgKUdjoTGkDgLsD6xBOrBmQl5IOXSprGHeuvJG8kpd570/
pe1FWfBvr+C1Q8f0TfE9XkfKCdWlhWU5JMnjma6e9N3nOeo=
-----END CERTIFICATE-----
Generated at Sat Apr 13 16:12:45 2024 by rpki-client on console-fra.rpki-client.org