Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1Y0doTLRoLqcdyVuIvkmPfknesQ.roa
File: 1Y0doTLRoLqcdyVuIvkmPfknesQ.roa (raw, json)
Hash identifier: PSWiREW5d+Xmu+JUYOs+eCRkNUzcfAltzdlDkACRCC0=
Subject key identifier: D5:8D:1D:A1:32:D1:A0:BA:9C:77:25:6E:22:F9:26:3D:F9:27:7A:C4
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8017B3245B1F5DE59D0D67DE8D7917B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1Y0doTLRoLqcdyVuIvkmPfknesQ.roa
Signing time: Tue 02 Jan 2024 02:29:49 +0000
ROA not before: Tue 02 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212500
IP address blocks: 2a0d:ef01::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 11:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7b:32:45:b1:f5:de:59:d0:d6:7d:e8:d7:91:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d58d1da132d1a0ba9c77256e22f9263df9277ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5b:b4:7a:4c:d9:ee:57:e9:af:b4:67:c6:cc:
e3:09:a5:bf:72:a6:3c:6e:fd:ce:47:b4:9e:f0:52:
2e:76:ee:72:a3:95:b8:8e:51:70:45:ed:ed:67:33:
c1:39:ba:bf:75:e4:f8:d5:d5:38:ac:56:64:db:0c:
03:20:2d:2b:d7:bb:e0:45:26:c2:69:25:a3:2c:43:
d4:11:a2:19:ce:2a:09:a5:64:fb:c0:c9:0a:76:78:
b1:6e:b3:7a:a6:78:4b:e8:ec:49:1e:91:48:de:7f:
ca:82:41:bd:50:e8:87:ed:b9:81:a1:a4:a1:e9:b5:
4a:c2:75:ea:7c:61:dd:c9:e3:3a:cf:8b:37:95:cc:
6c:43:0e:ee:1c:d6:59:99:52:0f:53:6c:49:e0:c4:
b0:01:de:7c:db:91:f2:34:89:c9:08:e4:17:96:35:
e0:6b:5a:8c:14:1e:c9:ca:3b:d1:4d:a6:d1:88:37:
df:66:80:68:3e:72:e4:bd:76:c0:a5:6b:a5:2b:a2:
42:1b:23:ea:c2:bd:e5:6f:61:74:f3:fe:96:b0:c8:
c1:59:77:b8:f1:ad:fe:4c:86:3c:fd:4a:e4:53:53:
e0:81:19:13:ee:4d:7e:74:05:88:ef:a1:f2:86:f0:
4e:f6:ac:86:72:42:82:19:e2:93:84:32:a0:a3:2c:
dd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:8D:1D:A1:32:D1:A0:BA:9C:77:25:6E:22:F9:26:3D:F9:27:7A:C4
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1Y0doTLRoLqcdyVuIvkmPfknesQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ef01::/44
Signature Algorithm: sha256WithRSAEncryption
5a:e4:30:24:ce:8e:b6:a6:d4:7f:1a:bc:16:30:32:1c:8d:55:
0a:53:76:e7:84:eb:cb:06:b6:3a:33:a4:b2:2b:41:de:22:9a:
ec:50:a7:6c:49:42:f8:cd:0f:53:12:39:ee:eb:c1:2d:54:3c:
04:5e:11:5b:59:2d:b3:28:a8:7b:71:26:9d:1f:4b:73:f6:72:
0f:87:30:1f:7a:28:a8:21:2b:69:b9:77:cd:7c:84:95:c2:fa:
93:a0:27:b7:4e:d3:26:ae:e2:e7:97:e3:0b:e9:b1:11:01:05:
66:10:e5:94:2e:97:c3:06:e8:50:00:82:41:a7:b0:69:be:59:
ab:64:43:be:30:97:e9:8f:04:25:d7:5e:f2:e1:18:04:c9:3d:
e0:97:5e:a9:38:0f:be:ac:3a:02:77:60:2f:4c:99:9d:90:99:
3f:81:9c:02:d6:8f:58:52:ca:1b:c4:51:ce:81:2b:a4:db:12:
24:13:2e:8d:dc:b3:62:ef:5c:cc:cb:fe:8f:c5:47:c1:7b:9a:
a8:33:e1:fa:22:d7:9f:f4:cf:e0:13:78:bd:e5:2f:e6:c5:dc:
a9:3a:13:5c:f5:13:09:da:74:48:30:7d:5f:df:fa:65:88:74:
70:0f:64:1b:f5:ff:5b:cb:bf:7d:5b:26:8e:cb:af:3d:15:5f:
be:d6:94:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAXsyRbH13lnQ1n3o15F7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNThkMWRhMTMyZDFhMGJhOWM3NzI1NmUyMmY5MjYzZGY5Mjc3YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1u0ekzZ7lfpr7RnxszjCaW/cqY8
bv3OR7Se8FIudu5yo5W4jlFwRe3tZzPBObq/deT41dU4rFZk2wwDIC0r17vgRSbC
aSWjLEPUEaIZzioJpWT7wMkKdnixbrN6pnhL6OxJHpFI3n/KgkG9UOiH7bmBoaSh
6bVKwnXqfGHdyeM6z4s3lcxsQw7uHNZZmVIPU2xJ4MSwAd5825HyNInJCOQXljXg
a1qMFB7JyjvRTabRiDffZoBoPnLkvXbApWulK6JCGyPqwr3lb2F08/6WsMjBWXe4
8a3+TIY8/UrkU1PggRkT7k1+dAWI76HyhvBO9qyGckKCGeKThDKgoyzddwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNWNHaEy0aC6nHclbiL5Jj35J3rEMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMVkwZG9UTFJvTHFjZHlWdUl2a21QZmtuZXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg3vAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBa5DAkzo62ptR/GrwWMDIcjVUKU3bnhOvLBrY6
M6SyK0HeIprsUKdsSUL4zQ9TEjnu68EtVDwEXhFbWS2zKKh7cSadH0tz9nIPhzAf
eiioIStpuXfNfISVwvqToCe3TtMmruLnl+ML6bERAQVmEOWULpfDBuhQAIJBp7Bp
vlmrZEO+MJfpjwQl117y4RgEyT3gl16pOA++rDoCd2AvTJmdkJk/gZwC1o9YUsob
xFHOgSuk2xIkEy6N3LNi71zMy/6PxUfBe5qoM+H6Itef9M/gE3i95S/mxdypOhNc
9RMJ2nRIMH1f3/pliHRwD2Qb9f9by799WyaOy689FV++1pSy
-----END CERTIFICATE-----
Generated at Tue Aug 27 16:34:31 2024 by rpki-client on console-ams.rpki-client.org