Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/5gh5C8jzAGRP6mtQqr4KmcLyF20.roa
File: 5gh5C8jzAGRP6mtQqr4KmcLyF20.roa (raw, json)
Hash identifier: maJ9qvMdUmSHLrYaSqb8wgPgPlywiVbXw7uh/yKovLM=
Subject key identifier: E6:08:79:0B:C8:F3:00:64:4F:EA:6B:50:AA:BE:0A:99:C2:F2:17:6D
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 018CC7943EA5DC9F4E1177B088F6B38CC3B4
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/5gh5C8jzAGRP6mtQqr4KmcLyF20.roa
Signing time: Tue 02 Jan 2024 00:30:30 +0000
ROA not before: Tue 02 Jan 2024 00:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211603
IP address blocks: 2a0f:4d00:1::/48 maxlen: 48
2a0f:4d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Jan 2024 14:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:3e:a5:dc:9f:4e:11:77:b0:88:f6:b3:8c:c3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Jan 2 00:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e608790bc8f300644fea6b50aabe0a99c2f2176d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c4:55:ec:59:6b:db:7a:86:74:05:b5:bb:60:
18:46:55:1e:45:48:f5:4c:f5:93:be:3a:79:55:c3:
25:f0:48:f2:fd:76:eb:55:fc:5c:76:8d:7d:e7:ec:
6b:db:a9:56:5e:7a:c4:f7:e4:9b:40:15:17:a5:ff:
57:c7:37:20:dd:ed:6a:a9:fb:8f:74:21:d9:28:5d:
64:39:9b:a4:2a:02:82:e1:be:84:8f:3f:97:cf:96:
57:45:e1:15:8b:1c:f0:76:49:06:95:92:d5:16:06:
6f:df:b1:14:6d:3a:8d:cb:73:90:c3:dd:0d:7e:80:
dd:f3:4f:40:98:28:97:ef:ba:6f:9e:a5:b5:57:5a:
a5:12:39:11:3a:0a:24:a0:ca:81:db:de:dc:43:c1:
5b:8d:15:f7:18:09:af:09:c1:d4:83:0c:0b:67:ba:
ce:e0:c4:40:a3:34:b2:14:ab:56:25:75:d0:3b:f9:
37:c2:9b:df:30:8a:ad:5a:1d:52:fe:f1:8e:a2:e3:
43:52:17:fa:e5:58:bb:cc:a3:54:15:f6:07:77:6c:
6c:f9:0c:34:e6:8e:eb:c2:d3:ba:f7:0c:73:61:77:
20:87:91:70:6c:0d:0c:55:f2:76:d6:57:7c:64:d5:
3b:93:d5:7b:cc:18:77:1f:02:fe:08:d4:b6:3c:a5:
b9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:08:79:0B:C8:F3:00:64:4F:EA:6B:50:AA:BE:0A:99:C2:F2:17:6D
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/5gh5C8jzAGRP6mtQqr4KmcLyF20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
2a:5b:ca:35:8f:17:1b:b7:ba:a1:22:2c:71:cf:ea:06:c3:e4:
cb:6f:23:43:6c:65:60:da:46:cd:74:25:22:25:c9:29:7e:cb:
fe:63:27:42:b9:31:33:44:d1:2d:a8:ae:d0:e1:fe:3c:be:46:
41:ca:6e:50:6f:c3:6f:4d:84:79:65:ec:0e:a4:93:ec:e5:bc:
3b:6a:9a:5c:bf:5c:7a:2e:2d:7f:cd:02:4f:e7:5f:ca:6e:a9:
1e:93:02:ad:9d:1c:c3:6e:d4:a7:5c:dd:34:a8:b0:5d:93:7b:
08:70:cd:f7:ba:1f:00:ec:84:d6:36:bd:87:04:ac:f7:3b:f1:
8f:ff:30:61:e9:3b:ac:95:aa:09:86:63:f9:fe:f0:10:1b:74:
69:22:54:1a:ee:40:e5:81:95:26:91:b6:fa:bd:13:d9:f2:f4:
66:9f:77:5b:26:0f:c3:db:47:42:02:fe:4e:33:23:f1:9f:05:
90:42:4f:be:85:57:34:71:12:0e:37:7d:1b:0b:98:db:c4:2e:
9e:f7:e7:50:6b:bd:46:81:ae:43:e1:63:f1:8b:59:9a:c6:5c:
f8:98:b7:d5:c5:c6:a7:bf:8f:ff:1d:15:02:10:93:19:06:00:
14:72:7c:42:ed:ff:7b:75:af:52:20:f0:c8:5b:e1:51:96:3c:
8d:e4:bd:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlD6l3J9OEXewiPazjMO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjQwMTAyMDAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjA4NzkwYmM4ZjMwMDY0NGZlYTZiNTBhYWJlMGE5OWMyZjIxNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMRV7Flr23qGdAW1u2AYRlUeRUj1
TPWTvjp5VcMl8Ejy/XbrVfxcdo195+xr26lWXnrE9+SbQBUXpf9Xxzcg3e1qqfuP
dCHZKF1kOZukKgKC4b6Ejz+Xz5ZXReEVixzwdkkGlZLVFgZv37EUbTqNy3OQw90N
foDd809AmCiX77pvnqW1V1qlEjkROgokoMqB297cQ8FbjRX3GAmvCcHUgwwLZ7rO
4MRAozSyFKtWJXXQO/k3wpvfMIqtWh1S/vGOouNDUhf65Vi7zKNUFfYHd2xs+Qw0
5o7rwtO69wxzYXcgh5FwbA0MVfJ21ld8ZNU7k9V7zBh3HwL+CNS2PKW5NQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOYIeQvI8wBkT+prUKq+CpnC8hdtMB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvNWdoNUM4anpBR1JQNm10UXFyNEttY0x5RjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9NADAN
BgkqhkiG9w0BAQsFAAOCAQEAKlvKNY8XG7e6oSIscc/qBsPky28jQ2xlYNpGzXQl
IiXJKX7L/mMnQrkxM0TRLaiu0OH+PL5GQcpuUG/Db02EeWXsDqST7OW8O2qaXL9c
ei4tf80CT+dfym6pHpMCrZ0cw27Up1zdNKiwXZN7CHDN97ofAOyE1ja9hwSs9zvx
j/8wYek7rJWqCYZj+f7wEBt0aSJUGu5A5YGVJpG2+r0T2fL0Zp93WyYPw9tHQgL+
TjMj8Z8FkEJPvoVXNHESDjd9GwuY28QunvfnUGu9RoGuQ+Fj8YtZmsZc+Ji31cXG
p7+P/x0VAhCTGQYAFHJ8Qu3/e3WvUiDwyFvhUZY8jeS9mQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:28 2025 by rpki-client