Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/dnpc7wxq2oQ6aOau4EVSxu6Jhds.roa
File: dnpc7wxq2oQ6aOau4EVSxu6Jhds.roa (raw, json)
Hash identifier: dRALAiPgS2uVyViXqwm9aJqExaaAIM+KIzQyeUT+6dc=
Subject key identifier: 76:7A:5C:EF:0C:6A:DA:84:3A:68:E6:AE:E0:45:52:C6:EE:89:85:DB
Certificate issuer: /CN=473163527e83542dce693b16d0aedcd126d3319a
Certificate serial: 01856F8B77E24C4A80443014B41D6D5C3074
Authority key identifier: 47:31:63:52:7E:83:54:2D:CE:69:3B:16:D0:AE:DC:D1:26:D3:31:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzFjUn6DVC3OaTsW0K7c0SbTMZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/dnpc7wxq2oQ6aOau4EVSxu6Jhds.roa
Signing time: Sun 01 Jan 2023 22:54:49 +0000
ROA not before: Sun 01 Jan 2023 22:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31479
IP address blocks: 2a04:d700::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:77:e2:4c:4a:80:44:30:14:b4:1d:6d:5c:30:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473163527e83542dce693b16d0aedcd126d3319a
Validity
Not Before: Jan 1 22:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=767a5cef0c6ada843a68e6aee04552c6ee8985db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2c:88:85:ce:9f:6b:e4:ad:0d:13:de:25:ef:
d1:cc:d8:9c:27:d8:2c:1f:54:49:0f:db:9c:90:dc:
99:7a:a4:18:b4:51:79:1f:34:68:be:7b:8b:e4:d7:
ec:15:73:5a:4f:a4:9c:33:a0:e6:35:d0:44:b6:3a:
3d:d6:e7:5a:22:c5:3c:3c:2c:be:c8:57:eb:7c:42:
07:4f:5c:c5:35:e5:f7:52:d3:47:21:55:4a:b5:85:
52:c6:27:bf:d5:a0:2c:97:9d:8a:60:d3:4a:bf:5c:
a2:38:63:8d:eb:c6:87:02:57:ef:54:e4:05:26:2d:
12:4f:19:f5:fe:b6:ab:f3:bb:8e:c8:d2:41:64:b3:
d0:87:6d:4d:44:18:2b:da:25:ef:e1:aa:21:85:40:
45:39:84:85:e2:73:9a:5f:6d:1b:f6:e5:cd:5b:ac:
14:a5:bb:09:80:4a:86:1f:96:9a:66:70:ba:ba:86:
c1:88:c7:e0:17:f3:2a:69:f5:29:ac:97:74:e3:36:
11:5f:4a:f1:d4:6b:63:75:4a:aa:8b:85:83:05:41:
e5:75:46:d1:83:78:dc:c2:5e:86:d3:8d:5d:34:8c:
16:e9:60:85:3b:24:94:48:88:19:0e:4d:92:b1:fa:
6b:da:a1:e5:50:49:8f:cb:80:d2:26:cd:35:4f:83:
97:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7A:5C:EF:0C:6A:DA:84:3A:68:E6:AE:E0:45:52:C6:EE:89:85:DB
X509v3 Authority Key Identifier:
keyid:47:31:63:52:7E:83:54:2D:CE:69:3B:16:D0:AE:DC:D1:26:D3:31:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzFjUn6DVC3OaTsW0K7c0SbTMZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/dnpc7wxq2oQ6aOau4EVSxu6Jhds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/ab2389-8d36-43fe-af42-9a3841967181/1/RzFjUn6DVC3OaTsW0K7c0SbTMZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:d700::/29
Signature Algorithm: sha256WithRSAEncryption
b3:ed:ae:c2:46:9a:78:a8:09:6e:6c:0d:08:57:85:e9:c6:df:
28:dc:4e:f6:69:14:cd:b6:c3:d6:54:e2:e2:b3:76:73:96:61:
46:42:b5:b6:09:18:c6:71:a6:ca:6c:37:26:88:10:2d:b6:69:
19:1e:31:b3:7b:1c:04:68:d8:e5:32:04:b5:42:8f:90:b9:5e:
ef:42:73:44:eb:e5:11:e7:ab:94:10:eb:6e:65:5f:6f:e8:25:
41:02:ac:aa:14:b9:c6:09:85:68:9a:b2:c4:d4:0d:b8:98:ff:
97:30:39:5d:f4:36:c3:e6:37:f4:99:52:da:b2:d3:49:77:0d:
ca:c1:2e:09:71:98:2c:8d:6d:15:84:81:cf:d5:bc:91:88:84:
f0:fd:c8:e0:1f:0b:77:bb:50:1f:02:06:d1:61:65:33:5e:ec:
ea:56:ef:fd:9b:e7:cd:25:6c:82:f6:1a:7e:ac:b9:d9:80:e3:
90:a3:87:5e:19:52:02:75:73:4f:92:b1:20:5b:6d:b8:fd:c9:
14:1b:45:cb:95:5b:67:7a:e9:5a:e2:92:46:9a:55:65:ae:c3:
28:fb:6c:c1:31:ca:9b:9e:3b:e1:7a:ae:a6:a1:9a:3f:bc:d4:
aa:b2:65:23:a5:53:4c:c7:80:d4:d1:d8:1a:b3:5f:2b:8e:49:
4f:7c:3c:78
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvi3fiTEqARDAUtB1tXDB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzE2MzUyN2U4MzU0MmRjZTY5M2IxNmQwYWVkY2QxMjZk
MzMxOWEwHhcNMjMwMTAxMjI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjdhNWNlZjBjNmFkYTg0M2E2OGU2YWVlMDQ1NTJjNmVlODk4NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSyIhc6fa+StDRPeJe/RzNicJ9gs
H1RJD9uckNyZeqQYtFF5HzRovnuL5NfsFXNaT6ScM6DmNdBEtjo91udaIsU8PCy+
yFfrfEIHT1zFNeX3UtNHIVVKtYVSxie/1aAsl52KYNNKv1yiOGON68aHAlfvVOQF
Ji0STxn1/rar87uOyNJBZLPQh21NRBgr2iXv4aohhUBFOYSF4nOaX20b9uXNW6wU
pbsJgEqGH5aaZnC6uobBiMfgF/MqafUprJd04zYRX0rx1GtjdUqqi4WDBUHldUbR
g3jcwl6G041dNIwW6WCFOySUSIgZDk2Ssfpr2qHlUEmPy4DSJs01T4OX5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHZ6XO8MatqEOmjmruBFUsbuiYXbMB8GA1UdIwQY
MBaAFEcxY1J+g1Qtzmk7FtCu3NEm0zGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpGalVuNkRWQzNPYVRzVzBLN2MwU2JUTVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hYjIzODktOGQzNi00M2ZlLWFmNDIt
OWEzODQxOTY3MTgxLzEvZG5wYzd3eHEyb1E2YU9hdTRFVlN4dTZKaGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hYjIzODktOGQzNi00M2ZlLWFmNDItOWEzODQxOTY3MTgx
LzEvUnpGalVuNkRWQzNPYVRzVzBLN2MwU2JUTVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgTXADAN
BgkqhkiG9w0BAQsFAAOCAQEAs+2uwkaaeKgJbmwNCFeF6cbfKNxO9mkUzbbD1lTi
4rN2c5ZhRkK1tgkYxnGmymw3JogQLbZpGR4xs3scBGjY5TIEtUKPkLle70JzROvl
EeerlBDrbmVfb+glQQKsqhS5xgmFaJqyxNQNuJj/lzA5XfQ2w+Y39JlS2rLTSXcN
ysEuCXGYLI1tFYSBz9W8kYiE8P3I4B8Ld7tQHwIG0WFlM17s6lbv/ZvnzSVsgvYa
fqy52YDjkKOHXhlSAnVzT5KxIFttuP3JFBtFy5VbZ3rpWuKSRppVZa7DKPtswTHK
m5474XqupqGaP7zUqrJlI6VTTMeA1NHYGrNfK45JT3w8eA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:07 2024 by rpki-client on console-ams.rpki-client.org