Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/Pq5IOIiWyv1npqmYAyx0ZziLtsY.roa
File: Pq5IOIiWyv1npqmYAyx0ZziLtsY.roa (raw, json)
Hash identifier: VtD+3sQu80BFtX0fNYLXAfg0bjVvhlaoWA36VkG+h4Q=
Subject key identifier: 3E:AE:48:38:88:96:CA:FD:67:A6:A9:98:03:2C:74:67:38:8B:B6:C6
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018DD0A0FE8E8F3708947A955B2D0AF186CC
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/Pq5IOIiWyv1npqmYAyx0ZziLtsY.roa
Signing time: Thu 22 Feb 2024 11:43:48 +0000
ROA not before: Thu 22 Feb 2024 11:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 2a05:541:110::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:a0:fe:8e:8f:37:08:94:7a:95:5b:2d:0a:f1:86:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Feb 22 11:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eae48388896cafd67a6a998032c7467388bb6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:24:fe:88:a2:1f:a0:d3:fa:ec:a3:2a:10:b8:
87:88:33:51:10:1a:5a:0a:2f:b6:ef:f6:dc:bb:b5:
31:81:6c:f9:43:25:d0:a9:d3:29:48:5f:26:3f:a4:
c1:6b:7f:75:79:8f:2b:1b:c0:b2:94:b0:dc:44:e5:
48:bc:48:bc:97:9e:48:aa:1a:c5:ea:54:ab:f7:ca:
cb:19:23:72:19:ca:af:d7:59:44:d4:53:84:67:f6:
4b:cc:d0:0e:22:da:7e:f8:48:e1:7c:c0:4e:b5:bb:
61:12:ca:6c:89:60:1d:ed:21:fb:e9:c2:0b:ff:a6:
fd:b4:6a:75:a7:41:08:c2:45:97:cf:7b:b0:c6:2c:
6f:84:c0:8a:09:db:fc:fc:18:53:5e:2b:a4:22:0e:
e1:55:4f:55:0e:18:25:82:ba:9f:fc:22:d7:aa:04:
86:7a:11:8e:14:bf:cb:40:3d:96:0d:17:fe:e0:4a:
55:9e:d7:85:46:64:12:14:dd:8f:b0:b3:d4:3e:26:
77:31:8d:95:bc:46:72:36:39:31:cf:55:1c:b2:e4:
e0:6e:b1:75:a1:e0:14:b4:72:b3:d5:19:ee:20:81:
0c:77:a0:b2:47:44:47:d9:3e:a8:cd:ff:12:4e:91:
d1:c8:7d:31:72:c8:59:af:42:db:b2:5a:bc:83:25:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:AE:48:38:88:96:CA:FD:67:A6:A9:98:03:2C:74:67:38:8B:B6:C6
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/Pq5IOIiWyv1npqmYAyx0ZziLtsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:110::/48
2a05:541:129::/48
Signature Algorithm: sha256WithRSAEncryption
52:95:f7:ec:eb:57:73:3f:88:02:54:2b:eb:8b:35:46:3e:25:
7b:98:1e:fe:04:65:05:60:97:af:08:65:c4:0e:c7:a6:ca:ca:
05:40:f0:38:41:67:0c:fe:27:2e:01:cf:ac:77:92:86:89:09:
d8:8d:aa:7c:6e:6a:1b:00:53:57:ad:49:96:c5:d1:5f:f3:46:
e4:4e:b5:08:fa:9b:e5:38:fe:74:78:a4:df:59:97:27:20:19:
ad:cf:bf:b0:f4:de:8f:38:db:16:5b:5e:7a:5b:23:41:93:29:
c4:5b:f7:6e:0b:24:9e:16:f1:d3:73:c1:c3:c4:11:4f:bf:21:
e3:25:4c:dc:7d:6b:73:32:ac:ed:e3:43:a8:bc:a7:da:c2:72:
7b:09:fc:b7:89:f9:87:a6:50:f5:35:14:7f:32:3e:c8:fa:a7:
3e:0b:31:87:26:12:00:07:23:c0:98:67:31:1c:9f:20:f3:b3:
b9:66:e0:17:a8:54:54:32:2f:f6:5d:48:0c:f4:c6:29:24:91:
65:72:c0:97:ee:bc:a2:dd:10:02:6c:0b:16:c2:93:e8:ff:b4:
68:25:ec:de:06:44:80:89:ca:47:49:62:4f:21:d2:90:c7:83:
90:45:6c:38:7b:76:7e:87:6d:a3:16:1d:12:50:04:ac:49:e2:
c0:92:22:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3QoP6OjzcIlHqVWy0K8YbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwMjIyMTE0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWFlNDgzODg4OTZjYWZkNjdhNmE5OTgwMzJjNzQ2NzM4OGJiNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyT+iKIfoNP67KMqELiHiDNREBpa
Ci+27/bcu7UxgWz5QyXQqdMpSF8mP6TBa391eY8rG8CylLDcROVIvEi8l55IqhrF
6lSr98rLGSNyGcqv11lE1FOEZ/ZLzNAOItp++EjhfMBOtbthEspsiWAd7SH76cIL
/6b9tGp1p0EIwkWXz3uwxixvhMCKCdv8/BhTXiukIg7hVU9VDhglgrqf/CLXqgSG
ehGOFL/LQD2WDRf+4EpVnteFRmQSFN2PsLPUPiZ3MY2VvEZyNjkxz1UcsuTgbrF1
oeAUtHKz1RnuIIEMd6CyR0RH2T6ozf8STpHRyH0xcshZr0Lbslq8gyVLwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD6uSDiIlsr9Z6apmAMsdGc4i7bGMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvUHE1SU9JaVd5djFucHFtWUF5eDBaemlMdHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgUFQQEQ
AwcAKgUFQQEpMA0GCSqGSIb3DQEBCwUAA4IBAQBSlffs61dzP4gCVCvrizVGPiV7
mB7+BGUFYJevCGXEDsemysoFQPA4QWcM/icuAc+sd5KGiQnYjap8bmobAFNXrUmW
xdFf80bkTrUI+pvlOP50eKTfWZcnIBmtz7+w9N6PONsWW156WyNBkynEW/duCySe
FvHTc8HDxBFPvyHjJUzcfWtzMqzt40OovKfawnJ7Cfy3ifmHplD1NRR/Mj7I+qc+
CzGHJhIAByPAmGcxHJ8g87O5ZuAXqFRUMi/2XUgM9MYpJJFlcsCX7ryi3RACbAsW
wpPo/7RoJezeBkSAicpHSWJPIdKQx4OQRWw4e3Z+h22jFh0SUASsSeLAkiLc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:42 2024 by rpki-client on console-ams.rpki-client.org