Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/3G71hBMcf6qzy2-8VUDOJtDQ1zc.roa
File: 3G71hBMcf6qzy2-8VUDOJtDQ1zc.roa (raw, json)
Hash identifier: TRbtShqViP8FpwRlflszAesC+RkNyr/iuBJORwd33UM=
Subject key identifier: DC:6E:F5:84:13:1C:7F:AA:B3:CB:6F:BC:55:40:CE:26:D0:D0:D7:37
Certificate issuer: /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial: 0192B50F05C34A3CA0FEE95262C617921D73
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/3G71hBMcf6qzy2-8VUDOJtDQ1zc.roa
Signing time: Tue 22 Oct 2024 16:28:33 +0000
ROA not before: Tue 22 Oct 2024 16:28:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62425
IP address blocks: 2a07:5dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 31 Oct 2024 22:57:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:0f:05:c3:4a:3c:a0:fe:e9:52:62:c6:17:92:1d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
Validity
Not Before: Oct 22 16:28:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc6ef584131c7faab3cb6fbc5540ce26d0d0d737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:69:86:97:2b:3f:5b:44:52:f1:bc:90:fc:60:
73:24:ef:ce:73:a2:80:36:6c:a5:ad:5c:cc:e2:33:
55:eb:c7:d8:02:a7:22:91:02:df:22:97:2b:41:d2:
a6:0f:11:3d:e2:00:91:87:9b:0a:e4:9a:65:89:73:
9f:bd:8b:8d:8f:8a:17:9f:4f:e8:cb:07:4e:c2:4c:
a2:a3:6b:1a:ef:4b:67:38:22:a4:73:55:da:b3:22:
ff:ea:cd:f6:68:37:20:7e:7f:32:61:4f:da:98:29:
87:21:46:3d:3d:a3:e8:db:1a:e6:83:8b:a4:36:e5:
7f:7d:8a:bc:80:7c:22:47:f4:7d:51:d1:77:92:ef:
58:d3:9f:ee:e3:9c:46:d9:20:58:79:8f:4b:51:7e:
27:9c:d3:53:a3:38:b0:f5:b0:e6:29:6f:1a:be:7a:
88:79:bb:ad:e5:64:7a:d7:78:0b:2f:5a:be:9c:52:
d6:ce:d9:98:bd:b9:40:13:23:ab:77:cd:3e:a3:eb:
3d:cd:20:fa:02:97:bf:dd:31:91:d2:a4:5b:02:5a:
45:20:ae:09:46:0c:b7:4d:77:fb:4a:a0:98:b3:da:
01:f5:93:7a:04:85:b3:f8:f7:36:48:c6:a4:24:8f:
5f:29:e4:3b:7c:6d:16:a2:8f:6c:e0:00:42:1e:c6:
03:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6E:F5:84:13:1C:7F:AA:B3:CB:6F:BC:55:40:CE:26:D0:D0:D7:37
X509v3 Authority Key Identifier:
keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/3G71hBMcf6qzy2-8VUDOJtDQ1zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:3c:4e:ae:99:54:3a:25:e6:44:f4:c9:3e:26:08:6c:e7:fa:
dc:77:3f:9d:df:22:33:4f:bd:fe:b7:46:1e:e5:c9:76:22:06:
9e:87:f0:42:25:6b:92:58:4f:02:6d:63:26:c9:16:cb:7a:33:
ab:94:e4:e6:68:45:25:8e:8c:23:36:e1:5a:40:66:f6:be:2d:
37:38:2a:b3:d9:79:ae:8e:33:51:ec:21:68:96:3a:75:54:e2:
55:6b:03:e2:b2:3c:7b:cd:b0:2e:dc:62:d2:b9:29:9d:bd:fd:
46:a5:ca:e4:3a:fa:39:53:a6:37:41:db:0a:20:69:a5:3e:4a:
78:63:a0:0b:26:b0:13:c9:d6:3b:ed:8e:9c:89:34:ce:36:ad:
a1:4d:32:11:6d:f0:15:ca:ff:cf:b1:e1:21:ea:b8:cd:8f:d8:
61:11:5d:1f:08:97:44:f8:76:25:2c:3d:04:d0:ea:d1:84:ec:
b7:70:69:6a:2d:92:48:42:d3:a6:29:cc:e9:85:be:53:4c:23:
c5:87:7e:c6:e3:94:38:17:11:66:7a:24:88:79:72:df:d6:a4:
eb:31:72:9e:af:04:59:3f:08:3b:7e:34:cf:82:f8:c2:c0:e5:
bd:ad:cc:6b:d5:ea:f1:b4:f7:43:75:89:a1:59:dd:18:5c:fd:
c7:0b:76:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZK1DwXDSjyg/ulSYsYXkh1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjQxMDIyMTYyODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZlZjU4NDEzMWM3ZmFhYjNjYjZmYmM1NTQwY2UyNmQwZDBkNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GmGlys/W0RS8byQ/GBzJO/Oc6KA
NmylrVzM4jNV68fYAqcikQLfIpcrQdKmDxE94gCRh5sK5JpliXOfvYuNj4oXn0/o
ywdOwkyio2sa70tnOCKkc1XasyL/6s32aDcgfn8yYU/amCmHIUY9PaPo2xrmg4uk
NuV/fYq8gHwiR/R9UdF3ku9Y05/u45xG2SBYeY9LUX4nnNNToziw9bDmKW8avnqI
ebut5WR613gLL1q+nFLWztmYvblAEyOrd80+o+s9zSD6Ape/3TGR0qRbAlpFIK4J
Rgy3TXf7SqCYs9oB9ZN6BIWz+Pc2SMakJI9fKeQ7fG0Woo9s4ABCHsYDHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNxu9YQTHH+qs8tvvFVAzibQ0Nc3MB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvM0c3MWhCTWNmNnF6eTItOFZVRE9KdERRMXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgddwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkzxOrplUOiXmRPTJPiYIbOf63Hc/nd8iM0+9/rdG
HuXJdiIGnofwQiVrklhPAm1jJskWy3ozq5Tk5mhFJY6MIzbhWkBm9r4tNzgqs9l5
ro4zUewhaJY6dVTiVWsD4rI8e82wLtxi0rkpnb39RqXK5Dr6OVOmN0HbCiBppT5K
eGOgCyawE8nWO+2OnIk0zjatoU0yEW3wFcr/z7HhIeq4zY/YYRFdHwiXRPh2JSw9
BNDq0YTst3Bpai2SSELTpinM6YW+U0wjxYd+xuOUOBcRZnokiHly39ak6zFynq8E
WT8IO340z4L4wsDlva3Ma9Xq8bT3Q3WJoVndGFz9xwt2nw==
-----END CERTIFICATE-----
Generated at Fri Nov 1 00:18:39 2024 by rpki-client on console-ams.rpki-client.org