Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/RDars2a4jFjowl5EqwW1ugr_uAg.roa
File: RDars2a4jFjowl5EqwW1ugr_uAg.roa (raw, json)
Hash identifier: ZiFY14W+6RNn1Nce29J58CwoxftsQmRdrOmaBqu8D8Y=
Subject key identifier: 44:36:AB:B3:66:B8:8C:58:E8:C2:5E:44:AB:05:B5:BA:0A:FF:B8:08
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 018CC4246229D4EAC43319128D4B7845E06F
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/RDars2a4jFjowl5EqwW1ugr_uAg.roa
Signing time: Mon 01 Jan 2024 08:29:27 +0000
ROA not before: Mon 01 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201148
IP address blocks: 2a13:3f40::/29 maxlen: 29
2a13:3f40:1000::/48 maxlen: 48
2a13:3f40:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 13:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:62:29:d4:ea:c4:33:19:12:8d:4b:78:45:e0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jan 1 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4436abb366b88c58e8c25e44ab05b5ba0affb808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:87:c2:79:69:02:44:d2:fb:59:f5:5f:ff:
a8:0b:83:41:00:f3:73:32:b4:71:c3:95:a5:2c:09:
5c:40:75:17:3f:e3:93:9d:d2:38:2a:32:23:aa:fa:
5e:fc:7a:9d:e8:64:3d:ac:7b:0d:a7:f9:46:b2:8d:
7b:3f:96:b3:4e:f9:5a:4d:42:87:db:64:54:2b:28:
1d:10:94:1d:3c:0d:7c:50:e8:e9:3f:f2:64:21:31:
ca:5f:32:38:08:27:7e:f3:57:69:12:26:f3:0d:fc:
ff:33:cb:b4:46:ee:28:ae:84:a3:5d:38:98:51:69:
d6:82:98:cb:97:48:69:e1:b6:58:fc:bd:cc:e7:6a:
3c:6e:8e:2e:7c:6c:30:51:ab:38:32:20:ce:9c:78:
4d:d6:46:88:ae:57:ac:fe:f1:73:c2:cc:c6:e0:00:
2b:20:07:10:c8:1e:f5:eb:8e:98:31:49:d8:d1:f0:
5b:a9:87:6e:dd:85:81:e1:c0:4c:d9:b2:4f:c8:3f:
30:61:83:69:de:4a:e3:87:39:7a:1c:27:76:38:74:
72:82:6a:01:69:63:ad:d8:ea:f0:9b:7a:94:98:f0:
2d:df:d8:b0:e6:3b:14:b6:38:d2:84:f7:25:bc:f9:
f6:1a:01:11:4e:33:93:64:3e:bb:53:4c:e4:ea:1e:
06:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:36:AB:B3:66:B8:8C:58:E8:C2:5E:44:AB:05:B5:BA:0A:FF:B8:08
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/RDars2a4jFjowl5EqwW1ugr_uAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
b2:cc:52:66:75:96:9a:80:4f:be:b4:41:8b:ba:ca:88:fa:93:
08:11:07:ac:6d:c5:5c:29:39:74:57:9e:7c:a2:05:27:43:dd:
08:6e:f4:80:0e:eb:a6:f9:f3:5b:f2:a6:a5:df:c9:e3:91:9a:
5f:08:7c:b4:c5:3b:4c:da:91:dc:f5:73:f6:57:93:92:08:c4:
05:30:2e:96:cf:58:ad:f8:2a:db:56:ba:74:73:8e:01:3e:b0:
58:bd:72:6a:15:9e:5e:7e:31:56:67:72:9b:e3:91:09:ed:e2:
e2:8b:a1:a0:cf:47:11:51:6f:b0:b6:af:03:f7:91:68:8c:80:
04:30:90:42:da:ee:d9:93:e2:fd:f4:37:73:e3:a3:a7:44:51:
69:eb:00:f4:0f:44:4b:70:5c:a7:90:ec:bf:26:51:d8:95:c8:
ac:92:ce:c4:81:6e:bb:89:b1:b7:c7:6a:94:a6:b3:63:31:1f:
41:1c:d3:65:84:42:60:07:a6:d0:af:1a:d3:68:4d:f2:c4:21:
5d:f9:47:2b:f1:b0:f8:7c:f6:dc:a9:b7:90:b2:3e:9c:ea:22:
87:62:0e:7f:a0:a6:12:c8:ed:bf:28:81:4d:99:59:96:f5:c7:
95:30:42:53:35:6e:ff:81:81:a3:6a:1d:b4:db:cd:3e:cd:8a:
16:11:ca:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJGIp1OrEMxkSjUt4ReBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjQwMTAxMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM2YWJiMzY2Yjg4YzU4ZThjMjVlNDRhYjA1YjViYTBhZmZiODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuKHwnlpAkTS+1n1X/+oC4NBAPNz
MrRxw5WlLAlcQHUXP+OTndI4KjIjqvpe/Hqd6GQ9rHsNp/lGso17P5azTvlaTUKH
22RUKygdEJQdPA18UOjpP/JkITHKXzI4CCd+81dpEibzDfz/M8u0Ru4oroSjXTiY
UWnWgpjLl0hp4bZY/L3M52o8bo4ufGwwUas4MiDOnHhN1kaIrles/vFzwszG4AAr
IAcQyB71646YMUnY0fBbqYdu3YWB4cBM2bJPyD8wYYNp3krjhzl6HCd2OHRygmoB
aWOt2Orwm3qUmPAt39iw5jsUtjjShPclvPn2GgERTjOTZD67U0zk6h4GfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEQ2q7NmuIxY6MJeRKsFtboK/7gIMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvUkRhcnMyYTRqRmpvd2w1RXF3VzF1Z3JfdUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAssxSZnWWmoBPvrRBi7rKiPqTCBEHrG3FXCk5dFee
fKIFJ0PdCG70gA7rpvnzW/Kmpd/J45GaXwh8tMU7TNqR3PVz9leTkgjEBTAuls9Y
rfgq21a6dHOOAT6wWL1yahWeXn4xVmdym+ORCe3i4ouhoM9HEVFvsLavA/eRaIyA
BDCQQtru2ZPi/fQ3c+Ojp0RRaesA9A9ES3Bcp5DsvyZR2JXIrJLOxIFuu4mxt8dq
lKazYzEfQRzTZYRCYAem0K8a02hN8sQhXflHK/Gw+Hz23Km3kLI+nOoih2IOf6Cm
EsjtvyiBTZlZlvXHlTBCUzVu/4GBo2odtNvNPs2KFhHK4g==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:03:47 2024 by rpki-client on console-fra.rpki-client.org