Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3-W6BWA0tQ4gNlr_PHFy-DCnwPI.roa
File: 3-W6BWA0tQ4gNlr_PHFy-DCnwPI.roa (raw, json)
Hash identifier: mGSGsGiBiJRzc5EJw2i8/UoQ26JtjGi75RzA4N+QSFs=
Subject key identifier: DF:E5:BA:05:60:34:B5:0E:20:36:5A:FF:3C:71:72:F8:30:A7:C0:F2
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD524BA75946E829139CCAEF9F6609D
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3-W6BWA0tQ4gNlr_PHFy-DCnwPI.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 2a0b:8f80:301::/48 maxlen: 48
2a0b:8f80:201::/48 maxlen: 48
2a05:1500:fe00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:24:ba:75:94:6e:82:91:39:cc:ae:f9:f6:60:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe5ba056034b50e20365aff3c7172f830a7c0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8e:0c:25:47:a6:5f:17:fa:85:6a:a3:fb:05:
fb:23:c2:8c:b2:ff:4e:d0:be:be:5d:fa:8b:63:4c:
cc:75:46:da:66:f6:ed:60:b1:c7:26:cc:46:5b:75:
01:1e:2b:f0:8a:d2:21:3c:e3:b9:2b:3d:79:62:a3:
c3:a5:bf:f7:0c:1b:6a:81:6a:52:9c:8e:a5:74:7b:
b0:f0:58:51:d9:3c:47:0c:c9:ea:53:7b:22:40:ee:
47:b2:65:3d:d8:f8:e1:ff:dc:9e:62:1e:45:7c:bb:
04:9a:ca:a6:d9:d4:5f:fe:01:0d:76:0c:87:3a:67:
7c:0b:d7:2a:d5:2c:34:57:df:29:a9:23:ee:89:b8:
62:64:77:04:b4:78:b5:8b:60:ca:df:18:b3:a6:67:
e4:13:a9:75:3a:27:ed:f5:ab:f0:28:64:e9:56:ec:
2a:89:74:3c:64:e8:3f:53:bd:98:15:8b:01:cd:d8:
28:df:ba:44:41:e0:bb:c4:7e:46:0b:3d:50:14:2a:
a1:a9:1c:d0:44:4d:21:93:b7:3d:a2:84:8b:61:6f:
de:2b:e3:40:57:4c:ab:91:2e:88:7d:e4:1e:45:3f:
96:cf:62:d0:9a:cb:9b:a4:2c:09:9f:31:48:b7:1f:
25:35:73:94:70:ff:7d:28:42:21:87:ba:73:fb:65:
d6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E5:BA:05:60:34:B5:0E:20:36:5A:FF:3C:71:72:F8:30:A7:C0:F2
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3-W6BWA0tQ4gNlr_PHFy-DCnwPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1500:fe00::/40
2a0b:8f80:201::/48
2a0b:8f80:301::/48
Signature Algorithm: sha256WithRSAEncryption
6a:ae:f5:39:74:60:a2:6a:46:72:5f:12:78:eb:ce:44:19:65:
3d:2d:3d:30:86:79:c8:d9:af:b7:74:13:9e:d6:a6:7e:84:cf:
2e:03:49:59:37:5a:cc:19:81:06:da:6b:95:60:74:35:11:2a:
42:30:d4:7c:ae:ba:9b:da:52:8a:dc:b5:34:fa:01:c8:b3:69:
f7:a3:7a:82:bc:cb:86:25:d9:d2:e5:ad:fe:ed:8d:37:bd:34:
4b:91:83:29:ab:1e:33:83:18:5f:6c:b9:1c:40:16:79:61:8a:
5a:43:f2:7c:ef:60:42:ca:a8:8f:2b:4c:46:75:ae:55:06:57:
dd:fa:45:e5:71:cb:ff:91:ae:84:33:07:ab:24:4b:78:dc:ef:
c6:c2:aa:d0:de:46:3a:0d:e0:e0:31:9c:ee:7d:db:a2:82:ce:
83:5f:d8:80:1d:b9:c8:62:7c:4e:38:2b:52:c7:a8:72:3f:34:
b4:10:a3:f9:63:af:0c:9c:ad:0f:6d:58:cd:fe:4e:0b:eb:ef:
c6:9c:20:65:95:e0:b6:4b:95:56:62:47:df:98:3b:1b:14:7b:
9a:2b:b6:3c:97:53:0a:34:91:c6:d7:9c:68:14:dc:e3:5d:a9:
27:65:70:12:e3:66:07:ab:ff:5a:71:9b:97:42:d3:95:b6:64:
5c:20:9a:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVv1SS6dZRugpE5zK759mCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU1YmEwNTYwMzRiNTBlMjAzNjVhZmYzYzcxNzJmODMwYTdjMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx44MJUemXxf6hWqj+wX7I8KMsv9O
0L6+XfqLY0zMdUbaZvbtYLHHJsxGW3UBHivwitIhPOO5Kz15YqPDpb/3DBtqgWpS
nI6ldHuw8FhR2TxHDMnqU3siQO5HsmU92Pjh/9yeYh5FfLsEmsqm2dRf/gENdgyH
Omd8C9cq1Sw0V98pqSPuibhiZHcEtHi1i2DK3xizpmfkE6l1Oift9avwKGTpVuwq
iXQ8ZOg/U72YFYsBzdgo37pEQeC7xH5GCz1QFCqhqRzQRE0hk7c9ooSLYW/eK+NA
V0yrkS6IfeQeRT+Wz2LQmsubpCwJnzFItx8lNXOUcP99KEIhh7pz+2XWfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN/lugVgNLUOIDZa/zxxcvgwp8DyMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvMy1XNkJXQTB0UTRnTmxyX1BIRnktRENud1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKgUVAP4D
BwAqC4+AAgEDBwAqC4+AAwEwDQYJKoZIhvcNAQELBQADggEBAGqu9Tl0YKJqRnJf
EnjrzkQZZT0tPTCGecjZr7d0E57Wpn6Ezy4DSVk3WswZgQbaa5VgdDURKkIw1Hyu
upvaUorctTT6AcizafejeoK8y4Yl2dLlrf7tjTe9NEuRgymrHjODGF9suRxAFnlh
ilpD8nzvYELKqI8rTEZ1rlUGV936ReVxy/+RroQzB6skS3jc78bCqtDeRjoN4OAx
nO5926KCzoNf2IAduchifE44K1LHqHI/NLQQo/ljrwycrQ9tWM3+Tgvr78acIGWV
4LZLlVZiR9+YOxsUe5ortjyXUwo0kcbXnGgU3ONdqSdlcBLjZger/1pxm5dC05W2
ZFwgmms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org