Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/29b7txVCL-qLBSFCL1XrAlbS4Cc.roa
File: 29b7txVCL-qLBSFCL1XrAlbS4Cc.roa (raw, json)
Hash identifier: kkh++yCkCz1aceAJyBbJWF6N/Hp8K1kvo72a9Js+OWo=
Subject key identifier: DB:D6:FB:B7:15:42:2F:EA:8B:05:21:42:2F:55:EB:02:56:D2:E0:27
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018C02EA58EC1F9955452A16CE26B075D0AF
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/29b7txVCL-qLBSFCL1XrAlbS4Cc.roa
Signing time: Fri 24 Nov 2023 19:59:21 +0000
ROA not before: Fri 24 Nov 2023 19:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5420
IP address blocks: 192.40.73.0/24 maxlen: 24
192.40.76.0/24 maxlen: 24
192.40.74.0/24 maxlen: 24
192.40.77.0/24 maxlen: 24
192.40.78.0/24 maxlen: 24
192.40.72.0/24 maxlen: 24
192.40.75.0/24 maxlen: 24
2001:67c:21a4::/48 maxlen: 48
2a06:f040::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:ea:58:ec:1f:99:55:45:2a:16:ce:26:b0:75:d0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Nov 24 19:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbd6fbb715422fea8b0521422f55eb0256d2e027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:52:49:a4:02:79:89:89:e1:56:3c:0a:b8:59:
0c:e0:10:48:63:b7:04:1d:6d:60:1f:01:45:35:55:
a3:ec:e5:c4:16:48:39:74:ce:95:c1:c0:8d:f2:3e:
ff:72:b9:2c:05:53:f6:e0:51:0f:ac:fb:11:55:64:
ae:39:86:85:47:1d:20:d0:7b:6c:57:b3:63:84:3f:
48:79:f6:75:37:51:db:fd:a3:7f:30:b4:78:0b:65:
83:f6:9f:f6:16:a8:80:75:1a:80:ba:a8:c8:2f:b3:
31:ef:11:78:40:47:d3:27:28:cf:72:1e:e3:6e:70:
2a:02:c8:9b:5c:fc:f8:e5:80:62:b9:f1:8a:49:95:
c8:be:dd:ad:51:ab:72:9e:b1:10:f1:4b:8d:9e:a5:
2a:e1:0c:2e:0b:f2:41:f5:77:71:f9:08:dc:a1:a1:
73:d3:40:ad:6d:ab:61:4a:01:cc:fb:1b:39:20:d7:
e8:d5:89:3d:b3:20:c4:8d:60:28:6d:51:de:ac:13:
40:0a:df:7d:a3:be:5a:10:7d:77:6d:eb:a4:3f:d6:
9c:63:c6:71:c4:e4:2f:c6:c8:f3:1d:db:f2:cc:1c:
04:18:e9:79:73:c8:30:d2:32:0d:06:d1:76:fc:c2:
f6:66:f6:36:74:2c:f1:07:35:7a:31:66:8b:52:84:
4e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D6:FB:B7:15:42:2F:EA:8B:05:21:42:2F:55:EB:02:56:D2:E0:27
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/29b7txVCL-qLBSFCL1XrAlbS4Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.72.0-192.40.78.255
IPv6:
2001:67c:21a4::/48
2a06:f040::/32
Signature Algorithm: sha256WithRSAEncryption
b0:ed:a0:4c:82:d6:5f:f5:8a:d7:ae:26:ee:51:2c:0c:72:7d:
4a:56:d5:ae:30:7a:fc:4c:3e:06:82:26:fd:ba:2f:3a:23:87:
2f:fb:1b:6a:b0:ee:32:86:bd:f0:ae:18:91:bb:7b:91:1c:5c:
a7:b7:07:71:e9:93:c1:f6:32:e0:78:6b:50:51:d1:f6:9d:79:
0d:bf:f5:c8:15:4e:2c:32:58:c8:dd:7a:a0:74:a7:c8:26:4e:
29:77:a2:f6:79:86:74:b1:fb:bb:97:77:6a:21:ff:e5:c8:a4:
4c:68:7b:1a:d5:68:68:ee:5d:a5:2f:fd:15:b9:10:e7:1b:92:
1b:8d:b6:23:3c:f0:7b:94:08:b4:0b:ae:6f:b2:d4:4b:3d:e0:
89:7d:a6:40:92:6f:a1:f1:dc:6b:c6:ca:db:a4:c3:83:43:59:
33:2e:e6:d8:66:0f:ff:1d:a1:66:51:31:a0:3b:f5:a1:59:b3:
65:11:d7:cf:18:47:01:58:b3:18:08:2c:cb:e7:f8:89:c5:aa:
74:c0:dc:e1:61:16:6f:df:38:b9:c4:6e:4a:f8:a8:89:b7:d6:
6e:ff:00:4e:8e:99:2a:48:20:49:b2:a1:51:0d:a8:5d:21:1d:
d8:a2:fc:16:2c:61:6f:d9:6a:2e:5a:5b:d9:d5:13:dc:71:43:
3a:05:b6:f1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYwC6ljsH5lVRSoWziawddCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjMxMTI0MTk1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQ2ZmJiNzE1NDIyZmVhOGIwNTIxNDIyZjU1ZWIwMjU2ZDJlMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVJJpAJ5iYnhVjwKuFkM4BBIY7cE
HW1gHwFFNVWj7OXEFkg5dM6VwcCN8j7/crksBVP24FEPrPsRVWSuOYaFRx0g0Hts
V7NjhD9IefZ1N1Hb/aN/MLR4C2WD9p/2FqiAdRqAuqjIL7Mx7xF4QEfTJyjPch7j
bnAqAsibXPz45YBiufGKSZXIvt2tUatynrEQ8UuNnqUq4QwuC/JB9Xdx+QjcoaFz
00CtbathSgHM+xs5INfo1Yk9syDEjWAobVHerBNACt99o75aEH13beukP9acY8Zx
xOQvxsjzHdvyzBwEGOl5c8gw0jINBtF2/ML2ZvY2dCzxBzV6MWaLUoRO1wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNvW+7cVQi/qiwUhQi9V6wJW0uAnMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xLzI5Yjd0eFZDTC1xTEJTRkNMMVhyQWxiUzRDYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEA8Ao
SAMEAMAoTjAWBAIAAjAQAwcAIAEGfCGkAwUAKgbwQDANBgkqhkiG9w0BAQsFAAOC
AQEAsO2gTILWX/WK164m7lEsDHJ9SlbVrjB6/Ew+BoIm/bovOiOHL/sbarDuMoa9
8K4Ykbt7kRxcp7cHcemTwfYy4HhrUFHR9p15Db/1yBVOLDJYyN16oHSnyCZOKXei
9nmGdLH7u5d3aiH/5cikTGh7GtVoaO5dpS/9FbkQ5xuSG422Izzwe5QItAuub7LU
Sz3giX2mQJJvofHca8bK26TDg0NZMy7m2GYP/x2hZlExoDv1oVmzZRHXzxhHAViz
GAgsy+f4icWqdMDc4WEWb984ucRuSvioibfWbv8ATo6ZKkggSbKhUQ2oXSEd2KL8
Fixhb9lqLlpb2dUT3HFDOgW28Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org