Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/2mAoANUpghLoHc7qKkageFmpxCk.roa
File: 2mAoANUpghLoHc7qKkageFmpxCk.roa (raw, json)
Hash identifier: 3g/if5hPjLKXl82HLIaczsvXNSi5ubSOwLRW/clxufM=
Subject key identifier: DA:60:28:00:D5:29:82:12:E8:1D:CE:EA:2A:46:A0:78:59:A9:C4:29
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 0189942917005AD313A229FA8EF2863ABF36
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/2mAoANUpghLoHc7qKkageFmpxCk.roa
Signing time: Wed 26 Jul 2023 21:44:28 +0000
ROA not before: Wed 26 Jul 2023 21:44:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198571
IP address blocks: 2a07:db81::/32 maxlen: 32
2a07:db83::/32 maxlen: 32
2a07:db82::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Jul 2023 21:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:94:29:17:00:5a:d3:13:a2:29:fa:8e:f2:86:3a:bf:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jul 26 21:44:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da602800d5298212e81dceea2a46a07859a9c429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:68:30:ef:57:c5:03:bc:7d:44:8e:7b:dc:
c2:90:68:2d:ee:31:e0:0c:a4:4c:0d:f9:5b:9a:ad:
3c:f5:d8:45:97:29:4c:33:c6:77:a3:88:30:3d:b0:
b6:af:55:d3:ac:87:2b:24:b6:3d:21:66:9a:93:9f:
b6:51:3d:fb:88:5c:e0:11:98:3a:28:14:b6:49:61:
df:aa:76:dc:3f:14:f6:03:73:5b:df:62:6b:e8:fe:
09:04:60:9e:49:07:0c:b2:b3:f4:37:7f:e5:58:00:
fd:eb:00:16:10:e0:88:7c:5e:ac:82:a1:8b:32:ab:
0a:ce:e1:48:42:ce:44:7c:f4:d0:bb:97:38:9a:38:
54:7f:fe:65:c8:90:85:b2:dd:76:3f:d6:81:22:de:
97:fd:df:d9:3b:23:a0:93:43:65:42:95:7b:c5:aa:
fe:2b:b9:0c:37:4c:7e:e2:fe:39:cb:6a:f9:8f:d5:
51:35:f6:be:f5:67:50:d8:02:3d:a6:50:f4:5b:6c:
f9:d1:6f:34:63:39:ca:1e:b0:e8:81:78:3e:41:56:
24:c9:6d:4d:19:20:f8:eb:84:23:c8:6f:3d:71:3d:
fe:c8:85:ee:60:ad:8c:3c:9a:3f:21:2a:3e:92:b9:
0c:f6:06:b4:8a:d2:30:30:34:bd:e9:b3:48:32:40:
50:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:60:28:00:D5:29:82:12:E8:1D:CE:EA:2A:46:A0:78:59:A9:C4:29
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/2mAoANUpghLoHc7qKkageFmpxCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db81::-2a07:db83:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:81:80:d9:0a:b3:17:18:13:d0:2b:40:a4:14:2c:d1:11:73:
90:ef:83:64:57:ee:73:a7:a3:22:de:7f:e3:66:ce:00:e9:ea:
1d:ba:09:63:3e:98:d8:b8:e5:bf:94:45:04:03:34:8a:7a:b9:
f7:69:69:5f:52:c5:4c:6d:f9:e5:6e:38:aa:7b:d1:f7:1b:d3:
d7:d5:b2:0e:9e:a3:71:a2:eb:5c:e0:79:74:a3:41:88:68:72:
b3:35:d0:ba:35:4c:4a:ef:d6:b8:dc:f0:80:3e:f3:00:ed:89:
18:73:19:c2:8c:13:17:f7:cf:9c:45:cf:c0:b7:d8:cc:38:43:
cc:3a:fe:3e:5c:b2:40:55:dc:bb:b8:63:e6:96:c2:3c:e1:fe:
db:a8:a8:90:c1:04:40:34:3d:45:c6:cc:8f:ba:89:09:7e:fd:
b2:d3:e5:a1:aa:a9:70:9b:42:72:16:73:31:c0:7e:f6:20:0d:
36:20:a4:2d:6b:0b:b3:7f:45:17:fe:96:0e:7a:31:0a:97:ef:
1f:93:7e:9f:74:74:7b:c9:be:b2:89:a1:af:6f:e0:48:28:46:
74:19:e1:8e:3f:89:34:57:77:16:40:2e:09:09:2d:c7:92:a1:
f3:c9:8c:5c:fc:e7:41:54:3f:f9:19:aa:fd:70:64:68:8a:1b:
a4:76:31:db
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYmUKRcAWtMToin6jvKGOr82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwNzI2MjE0NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTYwMjgwMGQ1Mjk4MjEyZTgxZGNlZWEyYTQ2YTA3ODU5YTljNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCBoMO9XxQO8fUSOe9zCkGgt7jHg
DKRMDflbmq089dhFlylMM8Z3o4gwPbC2r1XTrIcrJLY9IWaak5+2UT37iFzgEZg6
KBS2SWHfqnbcPxT2A3Nb32Jr6P4JBGCeSQcMsrP0N3/lWAD96wAWEOCIfF6sgqGL
MqsKzuFIQs5EfPTQu5c4mjhUf/5lyJCFst12P9aBIt6X/d/ZOyOgk0NlQpV7xar+
K7kMN0x+4v45y2r5j9VRNfa+9WdQ2AI9plD0W2z50W80YznKHrDogXg+QVYkyW1N
GSD464QjyG89cT3+yIXuYK2MPJo/ISo+krkM9ga0itIwMDS96bNIMkBQhwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNpgKADVKYIS6B3O6ipGoHhZqcQpMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvMm1Bb0FOVXBnaExvSGM3cUtrYWdlRm1weENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqB9uB
AwUCKgfbgDANBgkqhkiG9w0BAQsFAAOCAQEAL4GA2QqzFxgT0CtApBQs0RFzkO+D
ZFfuc6ejIt5/42bOAOnqHboJYz6Y2Ljlv5RFBAM0inq592lpX1LFTG355W44qnvR
9xvT19WyDp6jcaLrXOB5dKNBiGhyszXQujVMSu/WuNzwgD7zAO2JGHMZwowTF/fP
nEXPwLfYzDhDzDr+PlyyQFXcu7hj5pbCPOH+26iokMEEQDQ9RcbMj7qJCX79stPl
oaqpcJtCchZzMcB+9iANNiCkLWsLs39FF/6WDnoxCpfvH5N+n3R0e8m+somhr2/g
SChGdBnhjj+JNFd3FkAuCQktx5Kh88mMXPznQVQ/+Rmq/XBkaIobpHYx2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:11 2024 by rpki-client on console-ams.rpki-client.org