Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/T27cbRhAens-uZTd19rUga_3BVc.roa
File: T27cbRhAens-uZTd19rUga_3BVc.roa (raw, json)
Hash identifier: QqiBzNTnQUtvPubT0AI2bB+wT829qhL89gW7utbAfa8=
Subject key identifier: 4F:6E:DC:6D:18:40:7A:7B:3E:B9:94:DD:D7:DA:D4:81:AF:F7:05:57
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018D137F1D50B52DD734DB5FC3F53D8051F9
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/T27cbRhAens-uZTd19rUga_3BVc.roa
Signing time: Tue 16 Jan 2024 18:18:34 +0000
ROA not before: Tue 16 Jan 2024 18:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212271
IP address blocks: 2a05:4140::/29 maxlen: 48
2a05:4140:3::/48 maxlen: 48
2a05:4140:4::/48 maxlen: 48
2a05:4140:5::/48 maxlen: 48
2a05:4140:8::/48 maxlen: 48
2a05:4140:9::/48 maxlen: 48
2a05:4140:10::/48 maxlen: 48
2a05:4140:15::/48 maxlen: 48
2a05:4140:16::/48 maxlen: 48
2a05:4140:29::/48 maxlen: 48
2a05:4140:30::/48 maxlen: 48
2a05:4140:31::/48 maxlen: 48
2a05:4140:32::/48 maxlen: 48
2a05:4140:33::/48 maxlen: 48
2a05:4140:34::/48 maxlen: 48
2a05:4140:35::/48 maxlen: 64
2a05:4140:36::/48 maxlen: 48
2a05:4140:37::/48 maxlen: 48
2a05:4140:48::/48 maxlen: 48
2a05:4140:100::/40 maxlen: 48
2a05:4140:187::/48 maxlen: 48
2a05:4140:190::/48 maxlen: 48
2a05:4140:300::/40 maxlen: 40
2a05:4140:400::/40 maxlen: 48
2a05:4143::/32 maxlen: 48
2a05:4144::/32 maxlen: 32
2a11:e102::/32 maxlen: 32
2a11:e103::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Feb 2024 21:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:7f:1d:50:b5:2d:d7:34:db:5f:c3:f5:3d:80:51:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 16 18:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f6edc6d18407a7b3eb994ddd7dad481aff70557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d9:b6:1a:b3:db:1d:ae:d8:f0:2f:c1:ce:60:
b6:65:0c:93:47:aa:27:55:11:26:98:e6:b7:c4:ab:
9b:ba:e1:af:3b:44:c5:4b:67:7f:dd:ce:d2:ce:50:
74:aa:aa:95:07:7e:45:b2:90:c5:d0:fa:c4:3d:58:
e6:d4:e2:76:9c:dc:94:e6:6d:3d:61:8c:3e:f1:29:
62:2b:ad:a8:05:e8:47:87:ae:0b:5e:15:7d:6b:7d:
34:85:e3:7d:69:50:92:e1:02:82:79:de:5d:1f:5a:
7c:71:b0:d5:09:56:51:72:b6:f5:09:1a:1e:45:f3:
95:2f:35:4f:d3:c8:a4:6f:b1:f7:54:3f:d3:0b:02:
e6:15:7b:8e:9b:e8:42:4b:b5:e7:3c:28:56:8a:92:
c8:19:e9:7d:45:16:ce:5c:6e:d6:a8:d2:db:4f:a5:
82:95:7e:12:2a:3c:09:ee:8d:7e:5e:93:0e:da:cf:
fc:87:c5:68:a7:33:18:2d:51:92:36:f8:f8:e7:0d:
11:57:84:f5:4b:69:d4:f8:54:f3:fb:3d:55:27:9b:
13:d5:3c:fa:e6:3f:23:de:bd:20:f3:75:dd:72:98:
55:a5:5a:5b:72:1e:9c:46:46:f0:79:a6:b0:37:5b:
8e:62:53:31:7c:d7:fd:ef:fe:e9:ae:b2:e6:4f:c3:
8c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6E:DC:6D:18:40:7A:7B:3E:B9:94:DD:D7:DA:D4:81:AF:F7:05:57
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/T27cbRhAens-uZTd19rUga_3BVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140::/29
2a11:e102::/31
Signature Algorithm: sha256WithRSAEncryption
29:5e:47:53:6a:8b:ca:6a:99:73:44:9f:50:42:80:1d:48:8d:
75:be:70:89:88:fd:7d:a5:f6:08:72:0b:ba:58:0e:a8:95:95:
6a:ac:9b:22:15:cc:c5:97:42:58:b7:1e:78:2f:34:e7:c5:c6:
0e:82:b3:5e:93:7e:78:6b:71:4a:67:46:4d:88:58:89:f5:b4:
c8:d1:77:9c:37:d0:19:75:86:06:99:02:ca:98:78:26:69:c5:
3c:1b:7d:0b:3b:a3:df:f9:63:b1:20:04:d4:13:9e:ef:76:01:
c7:dd:48:c7:60:5d:c2:d7:90:1f:99:51:05:f2:22:ee:63:13:
25:39:9f:01:96:f1:45:ed:52:17:30:df:bf:53:b3:55:ab:f6:
d6:7b:25:e2:bd:5f:90:9e:e7:4d:f8:81:da:32:54:80:07:05:
e3:a7:4c:f7:10:8a:90:8e:52:65:5d:a6:2f:7e:1a:80:a1:82:
88:e0:ba:c0:ae:db:c3:ec:ee:f9:74:21:a0:70:24:ce:0d:ff:
ab:c9:51:73:f5:b0:ac:69:d0:d3:82:f2:ec:8c:56:e5:ec:31:
5b:0d:80:67:11:38:04:a8:4c:f8:ac:51:96:0e:e3:8f:e9:9d:
d9:ef:81:81:eb:bf:52:df:46:3f:6a:49:59:5c:ae:91:fe:b1:
aa:c8:f8:df
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY0Tfx1QtS3XNNtfw/U9gFH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTE2MTgxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZlZGM2ZDE4NDA3YTdiM2ViOTk0ZGRkN2RhZDQ4MWFmZjcwNTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitm2GrPbHa7Y8C/BzmC2ZQyTR6on
VREmmOa3xKubuuGvO0TFS2d/3c7SzlB0qqqVB35FspDF0PrEPVjm1OJ2nNyU5m09
YYw+8SliK62oBehHh64LXhV9a300heN9aVCS4QKCed5dH1p8cbDVCVZRcrb1CRoe
RfOVLzVP08ikb7H3VD/TCwLmFXuOm+hCS7XnPChWipLIGel9RRbOXG7WqNLbT6WC
lX4SKjwJ7o1+XpMO2s/8h8VopzMYLVGSNvj45w0RV4T1S2nU+FTz+z1VJ5sT1Tz6
5j8j3r0g83XdcphVpVpbch6cRkbweaawN1uOYlMxfNf97/7prrLmT8OMMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE9u3G0YQHp7PrmU3dfa1IGv9wVXMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvVDI3Y2JSaEFlbnMtdVpUZDE5clVnYV8zQlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgVBQAMF
ASoR4QIwDQYJKoZIhvcNAQELBQADggEBACleR1Nqi8pqmXNEn1BCgB1IjXW+cImI
/X2l9ghyC7pYDqiVlWqsmyIVzMWXQli3HngvNOfFxg6Cs16TfnhrcUpnRk2IWIn1
tMjRd5w30Bl1hgaZAsqYeCZpxTwbfQs7o9/5Y7EgBNQTnu92AcfdSMdgXcLXkB+Z
UQXyIu5jEyU5nwGW8UXtUhcw379Ts1Wr9tZ7JeK9X5Ce5034gdoyVIAHBeOnTPcQ
ipCOUmVdpi9+GoChgojgusCu28Ps7vl0IaBwJM4N/6vJUXP1sKxp0NOC8uyMVuXs
MVsNgGcROASoTPisUZYO44/pndnvgYHrv1LfRj9qSVlcrpH+sarI+N8=
-----END CERTIFICATE-----
Generated at Fri Feb 23 00:47:36 2024 by rpki-client on console-ams.rpki-client.org