Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2e881a-8141-44a0-8f3c-cb7c9ecc7798/1/TX0dONtHR4qmdFJjUXcHVGA2rRs.roa
File: TX0dONtHR4qmdFJjUXcHVGA2rRs.roa (raw, json)
Hash identifier: nxQlogtSSMTfbcVxlgsB+pkA43q7fSrQuv+wgdHJP4A=
Subject key identifier: 4D:7D:1D:38:DB:47:47:8A:A6:74:52:63:51:77:07:54:60:36:AD:1B
Certificate issuer: /CN=d6f2e142c44d5d51bc7e42ca0710f6b64ef11091
Certificate serial: 018C43A3266DB1CB3C0ED16AB4808222A533
Authority key identifier: D6:F2:E1:42:C4:4D:5D:51:BC:7E:42:CA:07:10:F6:B6:4E:F1:10:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vLhQsRNXVG8fkLKBxD2tk7xEJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2e881a-8141-44a0-8f3c-cb7c9ecc7798/1/TX0dONtHR4qmdFJjUXcHVGA2rRs.roa
Signing time: Thu 07 Dec 2023 09:36:54 +0000
ROA not before: Thu 07 Dec 2023 09:36:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33988
IP address blocks: 2a04:f500::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:a3:26:6d:b1:cb:3c:0e:d1:6a:b4:80:82:22:a5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6f2e142c44d5d51bc7e42ca0710f6b64ef11091
Validity
Not Before: Dec 7 09:36:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d7d1d38db47478aa6745263517707546036ad1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4c:31:50:e3:d3:26:68:b8:b0:72:22:85:d2:
09:42:5a:fa:5a:de:4b:c0:8f:a2:e4:27:7d:43:69:
c7:2e:a6:4c:8c:24:39:79:22:0d:2a:79:8f:84:0e:
57:fa:bb:9e:dc:23:02:af:94:b2:5c:3b:77:08:44:
aa:97:11:9b:17:36:5b:2d:0f:a2:e0:a1:51:4a:5d:
01:ef:c2:ed:99:9b:7c:99:79:7e:2c:76:e6:8d:a8:
c0:ac:13:25:83:9c:06:99:7a:af:40:03:fd:be:64:
96:9f:24:d5:7b:4b:25:f7:09:b1:57:ae:26:8b:8f:
b3:87:04:c4:a2:91:5f:5b:80:ae:2b:6b:7b:a3:cc:
2b:3f:74:7d:b9:63:b9:b2:fa:65:8a:e5:cd:4d:5d:
50:26:df:4f:c1:d6:71:a5:d4:7d:89:54:03:ce:d7:
d5:7a:cc:79:fc:d1:2c:1b:c5:9c:c5:bd:52:18:84:
dc:17:f0:90:6d:43:ea:61:9f:6b:86:a5:68:9a:e8:
e0:aa:98:ea:52:37:a0:a1:40:ac:6a:82:39:34:cb:
20:e6:38:db:38:16:ab:ee:d8:2a:11:b4:61:37:dc:
c3:0b:03:84:88:69:e7:f9:92:48:16:20:51:6f:a8:
75:5c:65:f0:9c:59:f9:7c:3d:8d:a5:1e:d2:65:12:
1e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7D:1D:38:DB:47:47:8A:A6:74:52:63:51:77:07:54:60:36:AD:1B
X509v3 Authority Key Identifier:
keyid:D6:F2:E1:42:C4:4D:5D:51:BC:7E:42:CA:07:10:F6:B6:4E:F1:10:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vLhQsRNXVG8fkLKBxD2tk7xEJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2e881a-8141-44a0-8f3c-cb7c9ecc7798/1/TX0dONtHR4qmdFJjUXcHVGA2rRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2e881a-8141-44a0-8f3c-cb7c9ecc7798/1/1vLhQsRNXVG8fkLKBxD2tk7xEJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:f500::/29
Signature Algorithm: sha256WithRSAEncryption
ea:47:ec:4f:9b:18:8b:2a:d2:86:41:56:54:bb:00:d2:aa:5f:
a7:37:ac:d8:f5:98:81:92:02:99:11:d5:d1:76:31:6e:cb:db:
75:07:8c:1c:96:62:b1:31:98:57:14:b8:db:5c:78:da:c6:e2:
69:21:c7:c4:11:30:d9:92:ea:6f:d7:3a:2e:84:e0:28:ee:4b:
d5:7f:d9:04:67:26:3f:db:7b:3d:b8:3a:f0:2e:3b:4f:14:eb:
24:08:25:45:6a:1d:97:6f:35:51:93:8e:02:5d:6f:4e:48:7c:
29:76:63:fa:3e:7d:4b:0f:ed:57:57:e2:f3:87:b2:11:b9:07:
0a:75:44:f7:03:ab:93:46:1c:41:ec:80:f2:fc:3e:4a:04:c8:
2d:b2:9b:c0:ee:bc:8f:85:e7:54:cc:a4:93:fa:04:b8:ea:7e:
28:9d:99:2f:9a:0d:c8:e9:c0:b8:35:d9:6d:39:57:16:68:e9:
c8:d9:8d:58:93:71:f9:f1:29:76:4e:8c:06:16:26:ab:91:af:
b9:eb:77:20:6f:47:54:99:9f:53:6e:91:af:be:93:3d:21:bb:
63:6f:19:c4:b0:35:d8:08:23:1f:b2:a9:58:b2:c2:c9:5e:c1:
ba:bb:3f:a3:00:fa:e9:e9:4a:56:57:cc:99:b1:ed:4c:74:d0:
fa:33:a7:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxDoyZtscs8DtFqtICCIqUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZjJlMTQyYzQ0ZDVkNTFiYzdlNDJjYTA3MTBmNmI2NGVm
MTEwOTEwHhcNMjMxMjA3MDkzNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdkMWQzOGRiNDc0NzhhYTY3NDUyNjM1MTc3MDc1NDYwMzZhZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUwxUOPTJmi4sHIihdIJQlr6Wt5L
wI+i5Cd9Q2nHLqZMjCQ5eSINKnmPhA5X+rue3CMCr5SyXDt3CESqlxGbFzZbLQ+i
4KFRSl0B78LtmZt8mXl+LHbmjajArBMlg5wGmXqvQAP9vmSWnyTVe0sl9wmxV64m
i4+zhwTEopFfW4CuK2t7o8wrP3R9uWO5svpliuXNTV1QJt9PwdZxpdR9iVQDztfV
esx5/NEsG8Wcxb1SGITcF/CQbUPqYZ9rhqVomujgqpjqUjegoUCsaoI5NMsg5jjb
OBar7tgqEbRhN9zDCwOEiGnn+ZJIFiBRb6h1XGXwnFn5fD2NpR7SZRIeHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE19HTjbR0eKpnRSY1F3B1RgNq0bMB8GA1UdIwQY
MBaAFNby4ULETV1RvH5CygcQ9rZO8RCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZMaFFzUk5YVkc4ZmtMS0J4RDJ0azd4RUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yZTg4MWEtODE0MS00NGEwLThmM2Mt
Y2I3YzllY2M3Nzk4LzEvVFgwZE9OdEhSNHFtZEZKalVYY0hWR0EyclJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yZTg4MWEtODE0MS00NGEwLThmM2MtY2I3YzllY2M3Nzk4
LzEvMXZMaFFzUk5YVkc4ZmtMS0J4RDJ0azd4RUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgT1ADAN
BgkqhkiG9w0BAQsFAAOCAQEA6kfsT5sYiyrShkFWVLsA0qpfpzes2PWYgZICmRHV
0XYxbsvbdQeMHJZisTGYVxS421x42sbiaSHHxBEw2ZLqb9c6LoTgKO5L1X/ZBGcm
P9t7Pbg68C47TxTrJAglRWodl281UZOOAl1vTkh8KXZj+j59Sw/tV1fi84eyEbkH
CnVE9wOrk0YcQeyA8vw+SgTILbKbwO68j4XnVMykk/oEuOp+KJ2ZL5oNyOnAuDXZ
bTlXFmjpyNmNWJNx+fEpdk6MBhYmq5Gvuet3IG9HVJmfU26Rr76TPSG7Y28ZxLA1
2AgjH7KpWLLCyV7Burs/owD66elKVlfMmbHtTHTQ+jOnvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:49 2024 by rpki-client on console-fra.rpki-client.org