Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/RnGsv9ag7WxbJ1pYCPqG8S1oj9s.roa
File: RnGsv9ag7WxbJ1pYCPqG8S1oj9s.roa (raw, json)
Hash identifier: 4bY1D9SEBhn1t5/57ioddEse+Xwb88/R2aLY5uGjqfM=
Subject key identifier: 46:71:AC:BF:D6:A0:ED:6C:5B:27:5A:58:08:FA:86:F1:2D:68:8F:DB
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AD0C81A251A189FA99314D63C648
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/RnGsv9ag7WxbJ1pYCPqG8S1oj9s.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0e:d786::/32 maxlen: 32
2a0e:d785::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ad:0c:81:a2:51:a1:89:fa:99:31:4d:63:c6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4671acbfd6a0ed6c5b275a5808fa86f12d688fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:81:48:30:65:24:53:79:09:21:e9:e3:cc:9e:
cb:d5:12:59:af:84:d6:a7:82:9f:60:c2:10:37:08:
2b:a7:fc:82:e9:88:f8:65:8c:5a:66:84:10:0a:25:
06:e2:79:c7:79:36:ae:5a:c8:25:f4:56:a6:78:a8:
5b:1b:20:37:05:63:6b:4a:61:4e:35:d9:8a:6b:2e:
72:02:63:39:43:98:7d:94:14:aa:cf:4c:b9:b2:83:
40:4f:56:78:dd:da:31:1e:1b:06:d0:88:29:d9:a1:
60:7c:95:cf:d8:7e:ec:5f:74:92:48:c7:92:21:c5:
1c:b1:f2:2c:b5:ad:a6:27:12:37:0a:43:82:cc:9b:
e7:dd:ab:05:e0:a4:01:f9:d4:fb:b2:b3:e5:ae:c6:
70:3d:9f:6d:57:80:d7:9e:40:c6:76:93:0c:46:7b:
86:75:d8:79:e3:3a:48:15:6f:16:70:db:d1:84:0c:
dd:f5:f6:03:72:6a:b6:07:9c:fe:46:80:4b:fa:a4:
2f:0f:0b:77:c5:53:53:4a:23:0c:d5:71:c5:79:c8:
e2:17:88:ca:ca:f0:75:6b:6e:cf:f1:18:3d:aa:04:
13:6d:4b:b4:59:dd:9d:87:0c:de:2e:52:89:fe:5d:
30:a7:81:db:1a:ed:0d:ed:3c:e4:7a:1f:2d:36:6e:
2c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:71:AC:BF:D6:A0:ED:6C:5B:27:5A:58:08:FA:86:F1:2D:68:8F:DB
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/RnGsv9ag7WxbJ1pYCPqG8S1oj9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d785::-2a0e:d786:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:f1:12:7f:ec:22:d9:01:28:01:25:c4:6f:b0:d4:44:91:d0:
0d:95:b1:a9:90:6a:5c:eb:54:7b:d2:9a:06:ff:34:dc:90:af:
70:2f:37:70:11:1a:12:29:73:93:12:b0:0b:e4:29:87:26:e0:
41:f5:b0:2d:a9:f4:ea:83:e1:26:77:eb:da:f5:87:4e:c3:fe:
2d:fb:69:28:ad:cf:91:33:9b:67:10:1c:27:d0:11:f4:7a:3f:
2b:61:c5:64:67:be:96:1d:11:ba:9b:b6:42:97:d1:7f:8c:e7:
08:6f:08:fe:5b:93:b6:52:9e:6a:ff:73:cb:7c:bc:84:13:79:
f6:12:0f:ff:59:72:fe:8e:42:af:a8:ec:e3:ce:80:af:41:79:
72:3c:b9:3a:6c:f8:ea:04:4d:77:d5:da:0e:61:e0:36:a9:a2:
11:4b:c5:39:fe:49:51:2c:8b:fa:c3:e5:23:78:21:f7:56:2e:
e7:27:32:4a:f0:66:51:27:65:8b:bb:ea:91:ca:f8:07:16:71:
6d:b3:2b:71:a4:5e:28:af:9b:cd:71:eb:2f:6c:73:80:b2:a0:
85:ec:e2:6f:25:c0:e1:50:d4:94:8d:d9:22:e0:73:ac:95:a9:
ed:51:96:8f:d8:4e:85:e0:f1:f9:9f:e4:e3:2b:09:df:3c:ac:
f5:01:2c:d1
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzDSK0MgaJRoYn6mTFNY8ZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjcxYWNiZmQ2YTBlZDZjNWIyNzVhNTgwOGZhODZmMTJkNjg4ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYFIMGUkU3kJIenjzJ7L1RJZr4TW
p4KfYMIQNwgrp/yC6Yj4ZYxaZoQQCiUG4nnHeTauWsgl9FameKhbGyA3BWNrSmFO
NdmKay5yAmM5Q5h9lBSqz0y5soNAT1Z43doxHhsG0Igp2aFgfJXP2H7sX3SSSMeS
IcUcsfIsta2mJxI3CkOCzJvn3asF4KQB+dT7srPlrsZwPZ9tV4DXnkDGdpMMRnuG
ddh54zpIFW8WcNvRhAzd9fYDcmq2B5z+RoBL+qQvDwt3xVNTSiMM1XHFecjiF4jK
yvB1a27P8Rg9qgQTbUu0Wd2dhwzeLlKJ/l0wp4HbGu0N7Tzkeh8tNm4sFQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEZxrL/WoO1sWydaWAj6hvEtaI/bMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUm5Hc3Y5YWc3V3hiSjFwWUNQcUc4UzFvajlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDteF
AwUAKg7XhjANBgkqhkiG9w0BAQsFAAOCAQEAd/ESf+wi2QEoASXEb7DURJHQDZWx
qZBqXOtUe9KaBv803JCvcC83cBEaEilzkxKwC+QphybgQfWwLan06oPhJnfr2vWH
TsP+LftpKK3PkTObZxAcJ9AR9Ho/K2HFZGe+lh0Rupu2QpfRf4znCG8I/luTtlKe
av9zy3y8hBN59hIP/1ly/o5Cr6js486Ar0F5cjy5Omz46gRNd9XaDmHgNqmiEUvF
Of5JUSyL+sPlI3gh91Yu5ycySvBmUSdli7vqkcr4BxZxbbMrcaReKK+bzXHrL2xz
gLKghezibyXA4VDUlI3ZIuBzrJWp7VGWj9hOheDx+Z/k4ysJ3zys9QEs0Q==
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:46 2024 by rpki-client on console-fra.rpki-client.org