Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/D9YNZpW-Ev9YcDkxdF2ar24XfeY.roa
File: D9YNZpW-Ev9YcDkxdF2ar24XfeY.roa (raw, json)
Hash identifier: nHZrGct9BdLAubrvakhr9eVpYK4WmSyUj5x8UKN8ttw=
Subject key identifier: 0F:D6:0D:66:95:BE:12:FF:58:70:39:31:74:5D:9A:AF:6E:17:7D:E6
Certificate issuer: /CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Certificate serial: 0188B56A0200BEEC1BBF084DCC61F0172AA5
Authority key identifier: 3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/D9YNZpW-Ev9YcDkxdF2ar24XfeY.roa
Signing time: Tue 13 Jun 2023 15:40:03 +0000
ROA not before: Tue 13 Jun 2023 15:40:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 2a07:db85::/32 maxlen: 32
2a07:db87::/32 maxlen: 32
2a07:db84::/32 maxlen: 32
2a07:db86::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Nov 2023 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:6a:02:00:be:ec:1b:bf:08:4d:cc:61:f0:17:2a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e28d6f13e359dd0bb4534a24655974c57d2b0fe
Validity
Not Before: Jun 13 15:40:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fd60d6695be12ff58703931745d9aaf6e177de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:5a:30:b7:c1:22:b4:b8:2f:9f:e9:34:15:
8f:1c:eb:2d:c0:84:eb:ab:de:04:24:f7:cc:3e:16:
7a:db:f1:0c:40:01:4a:5f:d0:67:7e:dd:c9:45:5b:
c8:9e:bd:05:de:37:1a:54:fc:8c:a8:ae:16:30:71:
74:4a:c4:17:27:f1:b2:6f:b8:8a:17:69:d1:92:86:
84:a3:91:5f:08:fb:a3:25:24:e8:14:6d:26:8a:a9:
cd:b9:4e:48:c4:ad:48:79:6b:22:62:02:07:35:c8:
39:d5:20:18:bf:2c:f1:c5:d2:ff:fa:20:09:04:ac:
56:13:18:a1:26:58:d3:16:af:79:41:a4:2a:49:44:
2f:5e:e0:5b:d3:49:6c:36:26:92:53:79:93:5c:ec:
af:6b:d3:ee:dc:84:13:21:4c:e3:a6:f2:48:41:ae:
8a:4a:57:39:f0:e1:8e:35:17:b6:9f:46:c7:bb:6a:
95:72:9f:b5:e7:31:2d:06:59:a5:25:dc:31:57:cf:
30:2c:bb:b4:1d:b0:ec:b7:29:47:20:a6:c7:24:1d:
e7:3e:47:e7:29:c7:c9:ee:1e:dc:7a:e0:d2:20:d9:
61:28:64:63:56:53:e1:1a:0a:54:d8:7f:2c:d1:e3:
b8:6a:1a:2e:84:d6:2d:3c:f1:02:11:79:ae:6d:8d:
45:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D6:0D:66:95:BE:12:FF:58:70:39:31:74:5D:9A:AF:6E:17:7D:E6
X509v3 Authority Key Identifier:
keyid:3E:28:D6:F1:3E:35:9D:D0:BB:45:34:A2:46:55:97:4C:57:D2:B0:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PijW8T41ndC7RTSiRlWXTFfSsP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/D9YNZpW-Ev9YcDkxdF2ar24XfeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/645038-255b-44df-ae8a-5488169119e8/1/PijW8T41ndC7RTSiRlWXTFfSsP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:db84::/30
Signature Algorithm: sha256WithRSAEncryption
94:54:2a:ea:32:35:1e:e4:4d:f3:61:21:45:1b:a9:6d:be:2f:
7f:1e:2b:f8:a6:3a:90:c6:4e:67:02:65:fc:8b:82:12:c8:26:
00:66:45:6c:f7:35:99:64:96:b0:5a:76:e2:89:73:2e:0e:40:
c6:5d:38:d3:50:f4:cd:a1:c6:13:ab:ed:aa:21:ba:2d:e8:18:
a1:2e:46:53:5a:a2:06:5e:37:5e:5d:71:7a:d6:f5:15:5b:8c:
0e:89:95:e5:aa:db:51:2d:fd:d2:71:cc:2a:95:68:c6:6f:5a:
00:6e:87:d2:5c:43:be:bf:e6:fd:17:20:29:2e:c5:e0:29:4e:
40:9a:28:3d:c4:48:f2:6f:41:0d:5d:4a:91:3c:03:d5:ee:25:
ee:00:5c:1b:9a:a2:97:05:0f:5d:35:b5:ed:4a:48:d9:11:2d:
55:72:6c:be:28:c1:42:dc:d4:1c:48:c3:0a:78:ca:19:f0:c0:
af:e6:62:72:1c:15:b4:be:9a:42:48:3e:56:e7:50:e8:96:8d:
fc:c8:09:cd:e9:89:8c:a2:a0:81:e3:44:75:5b:19:73:63:df:
80:fd:02:a2:11:1e:78:48:ea:65:af:67:8a:3c:c8:dd:1e:09:
86:19:c4:3a:31:af:b5:73:d7:5a:0f:6c:e7:e6:6f:41:7f:60:
49:f4:14:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYi1agIAvuwbvwhNzGHwFyqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjhkNmYxM2UzNTlkZDBiYjQ1MzRhMjQ2NTU5NzRjNTdk
MmIwZmUwHhcNMjMwNjEzMTU0MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ2MGQ2Njk1YmUxMmZmNTg3MDM5MzE3NDVkOWFhZjZlMTc3ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTlaMLfBIrS4L5/pNBWPHOstwITr
q94EJPfMPhZ62/EMQAFKX9Bnft3JRVvInr0F3jcaVPyMqK4WMHF0SsQXJ/Gyb7iK
F2nRkoaEo5FfCPujJSToFG0miqnNuU5IxK1IeWsiYgIHNcg51SAYvyzxxdL/+iAJ
BKxWExihJljTFq95QaQqSUQvXuBb00lsNiaSU3mTXOyva9Pu3IQTIUzjpvJIQa6K
Slc58OGONRe2n0bHu2qVcp+15zEtBlmlJdwxV88wLLu0HbDstylHIKbHJB3nPkfn
KcfJ7h7ceuDSINlhKGRjVlPhGgpU2H8s0eO4ahouhNYtPPECEXmubY1F5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA/WDWaVvhL/WHA5MXRdmq9uF33mMB8GA1UdIwQY
MBaAFD4o1vE+NZ3Qu0U0okZVl0xX0rD+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEt
NTQ4ODE2OTExOWU4LzEvRDlZTlpwVy1FdjlZY0RreGRGMmFyMjRYZmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy82NDUwMzgtMjU1Yi00NGRmLWFlOGEtNTQ4ODE2OTExOWU4
LzEvUGlqVzhUNDFuZEM3UlRTaVJsV1hURmZTc1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgfbhDAN
BgkqhkiG9w0BAQsFAAOCAQEAlFQq6jI1HuRN82EhRRupbb4vfx4r+KY6kMZOZwJl
/IuCEsgmAGZFbPc1mWSWsFp24olzLg5Axl0401D0zaHGE6vtqiG6LegYoS5GU1qi
Bl43Xl1xetb1FVuMDomV5arbUS390nHMKpVoxm9aAG6H0lxDvr/m/RcgKS7F4ClO
QJooPcRI8m9BDV1KkTwD1e4l7gBcG5qilwUPXTW17UpI2REtVXJsvijBQtzUHEjD
CnjKGfDAr+ZichwVtL6aQkg+VudQ6JaN/MgJzemJjKKggeNEdVsZc2PfgP0CohEe
eEjqZa9nijzI3R4JhhnEOjGvtXPXWg9s5+ZvQX9gSfQUbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:14 2024 by rpki-client on console-fra.rpki-client.org