Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5JHPDnFFDBs3k_Zk9NGgG3XIXsY.roa
File: 5JHPDnFFDBs3k_Zk9NGgG3XIXsY.roa (raw, json)
Hash identifier: iXSU0BZP6NY8hdFSvTQM64PrznhgJHDiL/D81x/HY8A=
Subject key identifier: E4:91:CF:0E:71:45:0C:1B:37:93:F6:64:F4:D1:A0:1B:75:C8:5E:C6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA2954F2A0DFCBBB28726E983F2D0709
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5JHPDnFFDBs3k_Zk9NGgG3XIXsY.roa
Signing time: Tue 02 Jan 2024 12:32:35 +0000
ROA not before: Tue 02 Jan 2024 12:32:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38230
IP address blocks: 2a0e:8f01::/35 maxlen: 48
2a0e:8f01:8000::/48 maxlen: 48
2a0e:8f01::/48 maxlen: 48
2a0e:8f01:10b::/48 maxlen: 48
2a0e:8f01:10c::/48 maxlen: 48
2a0e:8f01:104::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 21:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:54:f2:a0:df:cb:bb:28:72:6e:98:3f:2d:07:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e491cf0e71450c1b3793f664f4d1a01b75c85ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:02:a9:59:a6:fe:28:7a:93:94:3f:23:e8:
2f:4e:19:1e:73:ce:32:21:23:30:01:c6:a9:41:4e:
7a:bb:6b:49:51:33:44:f1:8e:8f:5b:49:d6:da:b2:
8b:ef:89:16:b2:3c:97:97:4d:e9:87:2e:a7:a0:c0:
6b:9c:95:b6:e8:ba:65:4b:0d:73:42:aa:0a:a7:64:
49:93:5f:e3:71:d6:67:31:f0:de:8f:18:f5:53:9b:
1e:9b:de:38:cf:f4:4e:47:84:a4:d7:eb:ba:f5:d5:
9c:6a:b9:6d:10:87:a1:4e:37:a6:47:14:e8:65:04:
25:d5:1d:1c:78:87:87:ef:d1:af:a3:8e:bf:1a:9d:
fe:d2:64:2d:ad:58:1b:17:9b:3b:aa:0b:95:d1:ba:
ba:7a:37:8c:ab:b2:c2:62:e0:43:59:be:26:90:1f:
f7:f8:5e:c1:21:b3:c2:4a:d3:8f:27:08:9c:c0:d2:
3a:5b:fe:b1:ad:b8:cd:3c:9d:30:a7:2f:1d:be:b9:
9c:f7:55:95:cc:14:1d:b7:ab:f0:51:4a:3a:61:4a:
51:af:7e:9e:e9:70:81:8b:43:d0:28:15:a5:74:82:
9b:28:58:53:ad:e7:ff:f1:d7:0a:87:b9:06:8f:ce:
47:2d:a4:42:b1:29:c7:79:0e:cf:32:bf:d2:11:dc:
ae:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:91:CF:0E:71:45:0C:1B:37:93:F6:64:F4:D1:A0:1B:75:C8:5E:C6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/5JHPDnFFDBs3k_Zk9NGgG3XIXsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f01::/35
2a0e:8f01:8000::/48
Signature Algorithm: sha256WithRSAEncryption
42:e2:ba:1e:7d:dc:cf:5f:41:08:9c:a6:d3:13:3c:6b:8c:27:
4a:36:b4:d3:e1:18:8a:2e:2b:ed:a0:0a:b8:4b:2e:7f:85:f3:
d5:78:c4:72:52:30:26:26:e9:9c:0d:05:8c:15:32:ff:2a:b2:
22:fc:18:96:cd:ad:84:1f:a1:fb:74:59:96:1c:c4:37:fd:b1:
5d:c2:31:54:ee:c2:40:b1:e4:6d:87:94:40:62:41:7f:6b:fa:
ca:3b:70:52:07:aa:59:81:e8:2e:db:e0:2c:c1:a7:64:3a:8a:
e3:dc:4d:fc:49:c5:57:c3:57:40:e0:62:2d:4a:24:2f:ba:00:
0f:73:1f:4c:8b:ce:09:b2:dc:6b:45:c9:c7:4f:f4:33:c5:83:
22:96:53:8d:a8:d3:48:c0:e9:e8:b1:bf:93:32:19:b4:de:1a:
60:7b:88:70:5f:eb:42:9a:69:5b:19:0a:a6:cf:b4:23:ea:aa:
e0:2b:cf:fb:8a:a0:5c:9e:30:03:07:fa:a4:b6:23:c5:4d:b1:
c4:c9:f6:27:f6:ff:41:77:9f:7c:c9:ca:c7:6b:2f:10:81:9f:
f7:b5:c0:00:29:99:72:90:38:b1:c1:f0:60:cb:8a:88:d7:9c:
2c:a0:0c:70:65:b1:58:ac:a6:47:5e:46:f8:9b:a2:c3:aa:0c:
fc:90:c1:0d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzKKVTyoN/Luyhybpg/LQcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDkxY2YwZTcxNDUwYzFiMzc5M2Y2NjRmNGQxYTAxYjc1Yzg1ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlICqVmm/ih6k5Q/I+gvThkec84y
ISMwAcapQU56u2tJUTNE8Y6PW0nW2rKL74kWsjyXl03phy6noMBrnJW26LplSw1z
QqoKp2RJk1/jcdZnMfDejxj1U5sem944z/ROR4Sk1+u69dWcarltEIehTjemRxTo
ZQQl1R0ceIeH79Gvo46/Gp3+0mQtrVgbF5s7qguV0bq6ejeMq7LCYuBDWb4mkB/3
+F7BIbPCStOPJwicwNI6W/6xrbjNPJ0wpy8dvrmc91WVzBQdt6vwUUo6YUpRr36e
6XCBi0PQKBWldIKbKFhTref/8dcKh7kGj85HLaRCsSnHeQ7PMr/SEdyu5wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFOSRzw5xRQwbN5P2ZPTRoBt1yF7GMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNUpIUERuRkZEQnMza19aazlOR2dHM1hJWHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYFKg6PAQAD
BwAqDo8BgAAwDQYJKoZIhvcNAQELBQADggEBAELiuh593M9fQQicptMTPGuMJ0o2
tNPhGIouK+2gCrhLLn+F89V4xHJSMCYm6ZwNBYwVMv8qsiL8GJbNrYQfoft0WZYc
xDf9sV3CMVTuwkCx5G2HlEBiQX9r+so7cFIHqlmB6C7b4CzBp2Q6iuPcTfxJxVfD
V0DgYi1KJC+6AA9zH0yLzgmy3GtFycdP9DPFgyKWU42o00jA6eixv5MyGbTeGmB7
iHBf60KaaVsZCqbPtCPqquArz/uKoFyeMAMH+qS2I8VNscTJ9if2/0F3n3zJysdr
LxCBn/e1wAApmXKQOLHB8GDLiojXnCygDHBlsVispkdeRvibosOqDPyQwQ0=
-----END CERTIFICATE-----
Generated at Wed Mar 13 23:03:51 2024 by rpki-client on console-fra.rpki-client.org