Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/0ccjRwU5Qbfaso-asD0dD0E0vvY.roa
File: 0ccjRwU5Qbfaso-asD0dD0E0vvY.roa (raw, json)
Hash identifier: +YpTF82jFbFVRTC0K7J/b4+NBOdkuhBJr3Nc4mmkGt0=
Subject key identifier: D1:C7:23:47:05:39:41:B7:DA:B2:8F:9A:B0:3D:1D:0F:41:34:BE:F6
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0190BD1342777AA432C5396EB2944C102BFE
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/0ccjRwU5Qbfaso-asD0dD0E0vvY.roa
Signing time: Tue 16 Jul 2024 19:44:34 +0000
ROA not before: Tue 16 Jul 2024 19:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0c:72c0::/29 maxlen: 29
2a0e:b200::/29 maxlen: 29
2a12:39c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Aug 2024 14:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bd:13:42:77:7a:a4:32:c5:39:6e:b2:94:4c:10:2b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jul 16 19:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c72347053941b7dab28f9ab03d1d0f4134bef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:52:63:38:e1:9a:04:5a:38:58:38:7c:a3:df:
aa:8b:6d:15:b5:25:aa:ee:9c:9c:7b:45:61:1b:f7:
ed:db:11:d6:f2:91:62:c2:81:9c:58:ae:3b:a5:72:
15:1b:bc:d3:a7:f5:41:f4:fa:c2:b2:99:0d:4a:96:
73:5a:ad:a8:8d:8e:f0:07:21:31:60:54:25:11:1e:
40:c9:7f:fd:23:72:19:7a:7d:53:cc:eb:2c:26:e7:
24:ba:e4:07:00:e0:0a:f9:32:f2:5b:42:3e:e4:6f:
4b:80:c8:0e:e8:14:a1:88:b5:ab:d1:b7:49:1b:58:
47:3f:9a:bd:35:05:9c:de:d7:62:10:1d:69:01:3f:
59:7b:dc:dc:e9:4e:f1:9c:1b:27:8c:e8:68:23:eb:
98:11:eb:66:be:a7:c8:cb:72:5f:68:e0:c6:b5:f7:
dc:56:37:fd:15:7a:a1:b3:13:84:bb:ff:4d:3c:87:
00:82:1a:23:cf:4e:2b:27:31:62:12:df:24:86:25:
d1:f5:7d:82:33:49:b5:9d:f8:a5:d5:80:16:8b:61:
d9:33:d7:95:07:00:22:b2:5c:f3:d4:2a:d9:ae:29:
df:a0:94:d1:c5:ff:dd:bc:5e:bf:bb:2d:67:b0:e3:
4e:85:a1:19:3e:6f:06:f5:1d:f9:c1:87:2e:12:36:
1d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C7:23:47:05:39:41:B7:DA:B2:8F:9A:B0:3D:1D:0F:41:34:BE:F6
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/0ccjRwU5Qbfaso-asD0dD0E0vvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:72c0::/29
2a0e:b200::/29
2a12:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
18:ef:16:27:48:3a:69:e7:01:37:a3:1c:2e:4f:b9:51:95:fd:
b6:ab:ad:2c:15:18:9c:44:46:b0:1c:9a:c3:35:03:c1:31:2a:
fe:fa:b7:3a:00:9f:0c:29:74:1a:00:f8:48:bd:9e:e6:d2:f7:
60:ca:2c:9b:05:af:74:ce:f4:c6:c0:46:0f:74:73:a3:70:54:
54:45:04:28:fa:ad:6e:57:c3:11:a6:8c:0c:96:78:30:f7:a9:
10:a7:fc:77:49:50:5d:b9:83:2a:77:ab:be:26:c8:0a:dd:bf:
aa:0f:db:2a:68:35:aa:01:c4:3e:81:ac:2e:1c:99:6d:80:bf:
62:4e:06:e3:72:27:b4:a4:90:e1:15:93:a4:69:5a:4b:64:a9:
0a:09:9a:9b:33:21:7a:77:0a:8e:1b:09:e4:e1:50:d5:cf:53:
3f:d6:12:2e:d6:f8:54:98:31:0b:9a:48:d4:c3:d4:3b:81:b4:
f1:8a:f0:63:e4:32:2e:df:7b:83:82:ec:9b:d2:fb:be:f1:bb:
29:12:b5:fc:e2:08:ff:42:de:30:d7:3a:aa:b3:28:9b:84:75:
b2:6a:e8:2d:cb:d5:86:8f:1f:fa:17:2f:e4:b9:71:ff:a4:49:
a2:18:8e:55:9c:85:c3:d1:8a:17:81:c0:67:7a:3d:5b:7e:c6:
95:1e:96:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZC9E0J3eqQyxTluspRMECv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNzE2MTk0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM3MjM0NzA1Mzk0MWI3ZGFiMjhmOWFiMDNkMWQwZjQxMzRiZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVJjOOGaBFo4WDh8o9+qi20VtSWq
7pyce0VhG/ft2xHW8pFiwoGcWK47pXIVG7zTp/VB9PrCspkNSpZzWq2ojY7wByEx
YFQlER5AyX/9I3IZen1TzOssJuckuuQHAOAK+TLyW0I+5G9LgMgO6BShiLWr0bdJ
G1hHP5q9NQWc3tdiEB1pAT9Ze9zc6U7xnBsnjOhoI+uYEetmvqfIy3JfaODGtffc
Vjf9FXqhsxOEu/9NPIcAghojz04rJzFiEt8khiXR9X2CM0m1nfil1YAWi2HZM9eV
BwAislzz1CrZrinfoJTRxf/dvF6/uy1nsONOhaEZPm8G9R35wYcuEjYd+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHHI0cFOUG32rKPmrA9HQ9BNL72MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvMGNjalJ3VTVRYmZhc28tYXNEMGREMEUwdnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgxywAMF
AyoOsgADBQMqEjnAMA0GCSqGSIb3DQEBCwUAA4IBAQAY7xYnSDpp5wE3oxwuT7lR
lf22q60sFRicREawHJrDNQPBMSr++rc6AJ8MKXQaAPhIvZ7m0vdgyiybBa90zvTG
wEYPdHOjcFRURQQo+q1uV8MRpowMlngw96kQp/x3SVBduYMqd6u+JsgK3b+qD9sq
aDWqAcQ+gawuHJltgL9iTgbjcie0pJDhFZOkaVpLZKkKCZqbMyF6dwqOGwnk4VDV
z1M/1hIu1vhUmDELmkjUw9Q7gbTxivBj5DIu33uDguyb0vu+8bspErX84gj/Qt4w
1zqqsyibhHWyaugty9WGjx/6Fy/kuXH/pEmiGI5VnIXD0YoXgcBnej1bfsaVHpZP
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:53:12 2024 by rpki-client on console-ams.rpki-client.org