Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dIhEJ4GSGgv0I-BpfkEcWKEvfc0.roa
File: dIhEJ4GSGgv0I-BpfkEcWKEvfc0.roa (raw, json)
Hash identifier: 4jilKnpiqYXHq2RqpwSMXDSo0KjAL8R68M7OUiofRW8=
Subject key identifier: 74:88:44:27:81:92:1A:0B:F4:23:E0:69:7E:41:1C:58:A1:2F:7D:CD
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018D8A1124D599ADC97AA021B230A6265B12
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dIhEJ4GSGgv0I-BpfkEcWKEvfc0.roa
Signing time: Thu 08 Feb 2024 18:53:15 +0000
ROA not before: Thu 08 Feb 2024 18:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 2a0b:a280::/29 maxlen: 29
2a0b:a280::/32 maxlen: 32
2a0b:a281::/32 maxlen: 32
2a0b:a282::/32 maxlen: 32
2a0b:a283::/32 maxlen: 32
2a0b:a284::/32 maxlen: 32
2a0b:a285::/32 maxlen: 32
2a0b:a286::/32 maxlen: 32
2a0b:a287::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 17:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:11:24:d5:99:ad:c9:7a:a0:21:b2:30:a6:26:5b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Feb 8 18:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7488442781921a0bf423e0697e411c58a12f7dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:72:fd:8e:51:71:3e:5d:cb:64:5d:54:be:
ee:03:ab:29:9b:56:6f:3e:b4:cb:a5:12:56:69:a3:
88:fe:01:98:74:f5:e3:f0:e8:1d:8c:37:01:59:4e:
6b:c9:16:aa:62:27:c6:3d:5e:77:cf:15:5c:f1:34:
00:b7:95:9e:22:ea:cb:b4:35:e9:93:92:0b:73:a6:
f5:ad:fb:81:1d:9a:85:c1:ad:1d:e4:3a:46:3d:15:
0b:86:2f:39:54:83:51:53:67:89:64:b8:92:30:c7:
62:97:fa:95:ab:67:48:d4:e3:db:6d:f2:20:c7:ed:
e8:2a:0c:3a:a7:5f:0b:2d:52:79:80:c3:c2:cf:76:
d1:70:9a:c8:34:bc:60:bf:65:99:0b:ad:bf:c2:2f:
17:92:73:59:22:5e:e6:bc:ee:a7:03:c1:86:21:6e:
0f:d9:f7:45:a8:aa:05:6e:58:aa:0c:25:0e:33:70:
46:e7:06:15:ad:23:06:01:b1:01:39:eb:8a:c1:67:
ea:d4:fa:2d:35:33:54:85:c3:67:6e:97:70:81:77:
54:f0:06:ea:5c:b9:12:63:6c:4e:f7:32:88:51:db:
28:22:b1:8f:5a:1c:6a:bd:06:71:e6:70:90:4a:59:
92:36:ac:79:2f:a6:f9:07:68:72:f0:9b:f6:1b:a9:
72:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:88:44:27:81:92:1A:0B:F4:23:E0:69:7E:41:1C:58:A1:2F:7D:CD
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/dIhEJ4GSGgv0I-BpfkEcWKEvfc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a280::/29
Signature Algorithm: sha256WithRSAEncryption
76:d6:64:89:4a:9d:4a:14:d0:7c:6a:bf:3d:68:a5:98:a9:75:
3c:50:06:ee:5e:52:57:4f:d2:37:e4:da:82:43:85:b1:4b:b5:
a2:ba:18:b6:2c:e4:f5:8f:75:bd:6f:74:ae:55:f4:40:46:51:
26:0c:0f:1e:a1:2d:1e:df:96:25:6f:f4:10:a2:e3:4d:75:b2:
ee:b5:f7:ab:8d:e0:c7:8d:93:62:71:76:58:87:5c:f6:2d:58:
15:5c:84:d9:99:95:08:72:80:34:7b:ff:57:e5:c0:69:91:5d:
aa:5b:98:b1:3b:3f:3c:4d:32:13:36:a7:07:39:a5:8e:d6:86:
da:9f:ee:c0:2e:ed:be:ea:52:83:ad:43:df:a1:a2:03:d8:e5:
9a:c4:ed:4e:88:e0:c6:08:ad:13:be:f6:bd:88:2c:9b:c5:eb:
f6:3c:84:33:c6:e4:6c:5d:a6:c0:bf:e3:ba:d1:9c:2f:1b:ee:
5f:d8:61:9c:1e:79:f1:8e:77:10:67:cf:bb:a0:94:ff:86:1f:
31:f1:fa:4a:d0:72:f5:d4:de:4a:e0:6f:65:47:f1:aa:fd:40:
1b:53:f6:4f:45:77:6f:14:a6:82:0f:66:ad:b4:28:7d:a1:7b:
53:cc:37:2f:b1:fe:26:a9:24:ab:91:da:57:77:bd:fc:d4:76:
e1:79:92:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2KESTVma3JeqAhsjCmJlsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMjA4MTg1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDg4NDQyNzgxOTIxYTBiZjQyM2UwNjk3ZTQxMWM1OGExMmY3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+Vy/Y5RcT5dy2RdVL7uA6spm1Zv
PrTLpRJWaaOI/gGYdPXj8OgdjDcBWU5ryRaqYifGPV53zxVc8TQAt5WeIurLtDXp
k5ILc6b1rfuBHZqFwa0d5DpGPRULhi85VINRU2eJZLiSMMdil/qVq2dI1OPbbfIg
x+3oKgw6p18LLVJ5gMPCz3bRcJrINLxgv2WZC62/wi8XknNZIl7mvO6nA8GGIW4P
2fdFqKoFbliqDCUOM3BG5wYVrSMGAbEBOeuKwWfq1PotNTNUhcNnbpdwgXdU8Abq
XLkSY2xO9zKIUdsoIrGPWhxqvQZx5nCQSlmSNqx5L6b5B2hy8Jv2G6lytQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHSIRCeBkhoL9CPgaX5BHFihL33NMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvZEloRUo0R1NHZ3YwSS1CcGZrRWNXS0V2ZmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguigDAN
BgkqhkiG9w0BAQsFAAOCAQEAdtZkiUqdShTQfGq/PWilmKl1PFAG7l5SV0/SN+Ta
gkOFsUu1oroYtizk9Y91vW90rlX0QEZRJgwPHqEtHt+WJW/0EKLjTXWy7rX3q43g
x42TYnF2WIdc9i1YFVyE2ZmVCHKANHv/V+XAaZFdqluYsTs/PE0yEzanBzmljtaG
2p/uwC7tvupSg61D36GiA9jlmsTtTojgxgitE772vYgsm8Xr9jyEM8bkbF2mwL/j
utGcLxvuX9hhnB558Y53EGfPu6CU/4YfMfH6StBy9dTeSuBvZUfxqv1AG1P2T0V3
bxSmgg9mrbQofaF7U8w3L7H+Jqkkq5HaV3e9/NR24XmSBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:24 2024 by rpki-client on console-ams.rpki-client.org