Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xIkMFGCTwdmGtY_40vRG6NAc_aI.roa
File: xIkMFGCTwdmGtY_40vRG6NAc_aI.roa (raw, json)
Hash identifier: BrtNY2IKSdJZ8DsP5uD2IrV5+WePB7ED6Nj+cC5sHiY=
Subject key identifier: C4:89:0C:14:60:93:C1:D9:86:B5:8F:F8:D2:F4:46:E8:D0:1C:FD:A2
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD525171DC5568A1F1790C3CD163B55
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xIkMFGCTwdmGtY_40vRG6NAc_aI.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 2a04:76c7:200::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:25:17:1d:c5:56:8a:1f:17:90:c3:cd:16:3b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4890c146093c1d986b58ff8d2f446e8d01cfda2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:fd:20:1e:dd:6f:ad:1e:5b:b7:86:22:a1:
ce:a0:30:9e:6c:b9:b2:69:f8:bf:20:d8:31:a8:8a:
b2:d8:31:f0:be:bb:7c:aa:e6:79:67:c2:46:4c:3f:
0e:27:dc:92:de:6c:54:46:71:ce:a2:97:56:04:80:
65:91:47:29:79:c1:8e:fa:6a:23:de:33:11:31:ff:
8d:76:87:8d:25:fa:a7:25:a9:01:e9:9a:83:96:1a:
cc:72:45:39:42:b0:cd:0d:e7:2d:17:fc:96:7e:da:
ba:52:5f:b0:83:66:07:91:44:66:7c:f1:77:10:9d:
a7:88:32:cf:d5:5a:93:d7:50:2f:ae:1a:82:ce:1b:
ff:f8:68:52:b5:9c:ee:3a:cb:f7:f0:b3:a6:b8:01:
f7:27:41:7d:31:74:4b:3b:81:0a:22:b7:69:22:e6:
30:d5:f6:d5:6f:1f:b0:e3:d5:07:3a:a1:73:29:65:
b1:8b:ef:90:05:ab:4a:39:cd:ae:2f:43:be:cc:62:
57:4d:b8:e7:f9:0d:b3:b8:c1:52:45:64:4b:e2:72:
63:ad:b9:a5:66:c6:11:49:f3:8e:ad:87:96:bd:0d:
25:7a:75:25:f4:05:95:69:e4:dd:0b:97:ae:49:fb:
9e:b1:99:75:fe:a4:f7:3f:00:50:49:36:c0:9e:d0:
eb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:89:0C:14:60:93:C1:D9:86:B5:8F:F8:D2:F4:46:E8:D0:1C:FD:A2
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/xIkMFGCTwdmGtY_40vRG6NAc_aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:76c7:200::/48
Signature Algorithm: sha256WithRSAEncryption
9c:d2:81:69:72:b7:e4:53:70:34:2e:b9:04:7a:9c:38:bc:0f:
64:32:cb:df:19:fb:a0:f0:2d:81:84:6c:56:a6:48:fb:fb:0a:
33:2a:e1:ec:15:28:1a:26:e1:41:e7:86:ce:34:59:29:71:d5:
a2:7c:15:4f:9b:d9:a1:33:bd:94:3b:95:fb:ff:b7:e8:1e:df:
8a:1d:0c:a0:ec:3f:bd:42:76:e0:a6:99:7e:73:42:da:66:d2:
f8:74:5a:90:0f:39:66:f6:2f:6e:01:94:a6:74:0c:77:45:ce:
62:a4:bb:b1:26:52:b4:a1:8a:40:77:bd:e9:ab:37:97:fa:8e:
18:d6:25:ba:9b:dd:45:d3:37:14:dc:f4:86:11:2a:4b:0a:2f:
94:3a:49:bd:f7:a1:4e:e2:05:e9:b1:87:bf:d1:96:ca:61:b1:
32:7d:dd:84:4d:45:7e:df:62:ab:d6:e5:95:f9:7e:e9:19:ca:
1f:55:8f:e8:bd:13:44:bf:fa:96:fa:b4:1a:30:5d:a6:a5:2d:
63:41:04:cb:89:47:c3:de:44:65:00:9d:ba:d6:59:4e:fb:df:
56:ad:a0:71:47:a3:9e:6e:de:42:21:ad:6a:c2:8c:0d:60:0b:
29:e7:14:29:3d:f8:3d:fb:6d:2f:ad:a3:fa:43:f1:a2:c5:81:
12:80:3e:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVv1SUXHcVWih8XkMPNFjtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg5MGMxNDYwOTNjMWQ5ODZiNThmZjhkMmY0NDZlOGQwMWNmZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQD9IB7db60eW7eGIqHOoDCebLmy
afi/INgxqIqy2DHwvrt8quZ5Z8JGTD8OJ9yS3mxURnHOopdWBIBlkUcpecGO+moj
3jMRMf+NdoeNJfqnJakB6ZqDlhrMckU5QrDNDectF/yWftq6Ul+wg2YHkURmfPF3
EJ2niDLP1VqT11AvrhqCzhv/+GhStZzuOsv38LOmuAH3J0F9MXRLO4EKIrdpIuYw
1fbVbx+w49UHOqFzKWWxi++QBatKOc2uL0O+zGJXTbjn+Q2zuMFSRWRL4nJjrbml
ZsYRSfOOrYeWvQ0lenUl9AWVaeTdC5euSfuesZl1/qT3PwBQSTbAntDraQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMSJDBRgk8HZhrWP+NL0RujQHP2iMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEveElrTUZHQ1R3ZG1HdFlfNDB2Ukc2TkFjX2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgR2xwIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCc0oFpcrfkU3A0LrkEepw4vA9kMsvfGfug8C2B
hGxWpkj7+wozKuHsFSgaJuFB54bONFkpcdWifBVPm9mhM72UO5X7/7foHt+KHQyg
7D+9Qnbgppl+c0LaZtL4dFqQDzlm9i9uAZSmdAx3Rc5ipLuxJlK0oYpAd73pqzeX
+o4Y1iW6m91F0zcU3PSGESpLCi+UOkm996FO4gXpsYe/0ZbKYbEyfd2ETUV+32Kr
1uWV+X7pGcofVY/ovRNEv/qW+rQaMF2mpS1jQQTLiUfD3kRlAJ261llO+99WraBx
R6Oebt5CIa1qwowNYAsp5xQpPfg9+20vraP6Q/GixYESgD4p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org