Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/VaJJq0WuyV9mCzUrLe8sqt6hpUc.roa
File: VaJJq0WuyV9mCzUrLe8sqt6hpUc.roa (raw, json)
Hash identifier: YGLDRVVd/xZmEZaOoXFSSxjxiEc2V5ovRsT28rxwr9g=
Subject key identifier: 55:A2:49:AB:45:AE:C9:5F:66:0B:35:2B:2D:EF:2C:AA:DE:A1:A5:47
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018B0488504BC4DE3E859CF57B2E6E53F107
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/VaJJq0WuyV9mCzUrLe8sqt6hpUc.roa
Signing time: Fri 06 Oct 2023 10:28:44 +0000
ROA not before: Fri 06 Oct 2023 10:28:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35744
IP address blocks: 2a03:3060:5353::/48 maxlen: 48
2a02:40c0:5353::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:88:50:4b:c4:de:3e:85:9c:f5:7b:2e:6e:53:f1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Oct 6 10:28:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a249ab45aec95f660b352b2def2caadea1a547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d4:e2:22:b3:e0:99:b2:7b:cc:ac:f6:be:57:
27:cd:34:f6:36:97:75:bd:b6:e9:e6:72:a9:f1:a8:
e3:cb:94:a9:37:44:1d:fb:6e:be:74:16:dd:ea:66:
4e:d3:d3:6f:25:5f:a7:e9:74:42:a2:29:0f:f4:25:
92:e1:10:49:aa:1f:81:11:0e:e9:bd:08:3b:71:2d:
c6:08:0d:ba:8f:57:8c:1b:8f:45:30:5c:0a:f8:cb:
69:f5:ef:bb:07:95:60:b0:32:53:92:78:cf:77:83:
97:3b:62:c5:b7:88:5d:2a:69:fc:b6:e0:e5:bd:6f:
1d:f3:82:b5:16:0b:6f:12:e8:cb:4b:ef:8c:14:8c:
83:33:f4:2f:c9:a1:09:25:2e:61:35:e7:cb:4c:d1:
c9:8f:c4:39:78:1a:fd:5b:10:ed:7f:1d:9e:6f:eb:
d5:b1:6c:8a:59:96:f7:02:e0:0c:28:17:81:e5:e4:
ce:6f:a8:63:40:f7:78:9c:b5:84:27:43:15:4a:db:
63:ce:6a:86:c3:ae:5e:25:b4:df:17:fb:c0:8f:c9:
8d:65:05:fa:c8:a2:2b:7a:bc:5b:7d:71:1c:d0:42:
80:cc:86:3e:83:64:3a:21:5f:06:f1:20:55:81:7d:
d1:58:be:a9:11:64:ea:ea:57:b3:40:d0:b3:1d:b5:
7a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A2:49:AB:45:AE:C9:5F:66:0B:35:2B:2D:EF:2C:AA:DE:A1:A5:47
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/VaJJq0WuyV9mCzUrLe8sqt6hpUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:40c0:5353::/48
2a03:3060:5353::/48
Signature Algorithm: sha256WithRSAEncryption
19:82:4e:6b:08:06:9f:5d:b9:b4:5f:f0:c8:ca:29:70:52:3d:
5e:88:c0:d6:fd:6a:bb:bc:aa:15:f3:75:21:46:83:51:0b:0c:
91:ec:3e:70:bd:38:51:00:d6:1a:ca:3d:33:c0:26:0d:23:c9:
53:69:27:2d:79:ec:10:d1:41:a0:b9:dd:be:94:53:de:d1:1f:
12:4a:90:47:0a:41:b5:c0:5f:8f:dd:c5:94:ba:03:ba:58:39:
aa:ab:17:3b:54:f1:56:2a:1b:4e:a8:98:2e:e2:b9:51:18:e6:
7d:80:3a:83:96:fe:79:2a:5b:ee:0b:ed:fd:45:c4:10:89:30:
bb:33:b3:a2:41:d0:1d:b4:58:7d:ed:8a:0c:89:e7:97:0b:97:
17:5b:79:81:04:ee:3a:48:ff:7d:02:fd:ad:0b:37:50:00:fd:
cc:d0:d8:fc:1d:2e:20:5c:04:4e:0e:1a:2d:97:c4:42:0f:15:
39:57:0a:aa:a4:00:38:6e:de:da:89:6a:92:e4:f5:1e:35:b5:
c5:c8:17:3a:4b:52:60:3e:19:43:0d:85:90:27:ac:40:42:23:
da:a4:6e:e5:64:77:54:12:56:bb:a6:ae:ae:b0:e1:50:0f:49:
38:5b:a9:1d:47:39:c0:f9:6a:28:3f:c8:bb:6b:2e:8f:09:c6:
a4:53:28:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsEiFBLxN4+hZz1ey5uU/EHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMxMDA2MTAyODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWEyNDlhYjQ1YWVjOTVmNjYwYjM1MmIyZGVmMmNhYWRlYTFhNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9TiIrPgmbJ7zKz2vlcnzTT2Npd1
vbbp5nKp8ajjy5SpN0Qd+26+dBbd6mZO09NvJV+n6XRCoikP9CWS4RBJqh+BEQ7p
vQg7cS3GCA26j1eMG49FMFwK+Mtp9e+7B5VgsDJTknjPd4OXO2LFt4hdKmn8tuDl
vW8d84K1FgtvEujLS++MFIyDM/QvyaEJJS5hNefLTNHJj8Q5eBr9WxDtfx2eb+vV
sWyKWZb3AuAMKBeB5eTOb6hjQPd4nLWEJ0MVSttjzmqGw65eJbTfF/vAj8mNZQX6
yKIrerxbfXEc0EKAzIY+g2Q6IV8G8SBVgX3RWL6pEWTq6lezQNCzHbV6hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFWiSatFrslfZgs1Ky3vLKreoaVHMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvVmFKSnEwV3V5VjltQ3pVckxlOHNxdDZocFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgJAwFNT
AwcAKgMwYFNTMA0GCSqGSIb3DQEBCwUAA4IBAQAZgk5rCAafXbm0X/DIyilwUj1e
iMDW/Wq7vKoV83UhRoNRCwyR7D5wvThRANYayj0zwCYNI8lTaScteewQ0UGgud2+
lFPe0R8SSpBHCkG1wF+P3cWUugO6WDmqqxc7VPFWKhtOqJgu4rlRGOZ9gDqDlv55
KlvuC+39RcQQiTC7M7OiQdAdtFh97YoMieeXC5cXW3mBBO46SP99Av2tCzdQAP3M
0Nj8HS4gXARODhotl8RCDxU5VwqqpAA4bt7aiWqS5PUeNbXFyBc6S1JgPhlDDYWQ
J6xAQiPapG7lZHdUEla7pq6usOFQD0k4W6kdRznA+WooP8i7ay6PCcakUygs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org