Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/PowymsPDU8abWB0rFA8dv3SlbRs.roa
File: PowymsPDU8abWB0rFA8dv3SlbRs.roa (raw, json)
Hash identifier: VtPtYeaH41d6RGRhGnk2uNYpTRMB77FOWASQvfo0iW0=
Subject key identifier: 3E:8C:32:9A:C3:C3:53:C6:9B:58:1D:2B:14:0F:1D:BF:74:A5:6D:1B
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018CD00AA76F12EA9E3423747F35D797C2D3
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/PowymsPDU8abWB0rFA8dv3SlbRs.roa
Signing time: Wed 03 Jan 2024 15:56:48 +0000
ROA not before: Wed 03 Jan 2024 15:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 05 Jan 2024 20:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:0a:a7:6f:12:ea:9e:34:23:74:7f:35:d7:97:c2:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jan 3 15:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e8c329ac3c353c69b581d2b140f1dbf74a56d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:86:1b:9f:03:0f:2f:9b:0b:82:a1:a3:b2:67:
33:20:1b:94:2a:be:9b:32:14:ce:18:cd:fb:3f:39:
e6:04:07:47:80:7c:50:8f:04:ea:87:55:75:24:92:
52:6f:ae:88:72:40:c4:98:bf:d7:46:11:ab:75:0e:
3b:21:b9:5e:16:7b:73:b3:ec:46:65:f2:84:5c:53:
fc:2c:f1:29:2a:5d:e9:07:50:6c:d6:b5:52:5a:61:
9d:a1:66:82:5b:64:4c:6f:41:85:f3:5b:68:f5:8a:
bf:fd:81:fd:6b:71:e9:b0:27:e4:b1:44:8c:44:3e:
58:c7:fa:0d:c4:6b:76:1e:66:27:8f:ff:24:00:f0:
19:33:1a:67:f0:a3:42:19:1c:91:03:42:cc:fb:71:
a4:e7:f3:65:d1:bc:39:8b:87:79:29:06:ed:9a:c9:
b4:5e:7e:35:0f:09:6b:5b:7f:35:c5:65:2c:cb:4d:
40:f5:69:2d:12:81:b4:95:f3:86:f2:31:67:ab:79:
26:4f:d3:41:32:f3:ee:8c:42:1a:d8:16:ae:85:c4:
54:e6:39:cb:47:26:be:d5:c9:35:74:4f:82:91:73:
9d:cf:52:33:68:fb:d5:0f:b0:53:fa:27:4c:ad:6f:
cd:dd:e8:d0:dd:24:7f:6b:5c:8a:95:bd:30:2a:98:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8C:32:9A:C3:C3:53:C6:9B:58:1D:2B:14:0F:1D:BF:74:A5:6D:1B
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/PowymsPDU8abWB0rFA8dv3SlbRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
Signature Algorithm: sha256WithRSAEncryption
49:c0:71:44:1a:1d:75:45:22:40:65:5c:7c:ae:95:c3:60:c7:
d7:48:0a:35:13:63:ef:76:a8:e2:7b:b0:2c:b2:38:52:33:f9:
44:e4:f8:73:af:9d:3f:a0:9f:4f:20:6e:29:08:0f:93:67:3f:
29:9d:ea:cb:7e:fd:22:9e:c5:48:6d:2f:ed:54:34:84:24:87:
6e:c1:d5:2f:42:85:8b:ba:8f:83:03:a8:1f:8d:a4:77:c5:ca:
24:68:fd:ad:ee:36:a4:c5:93:bd:5f:cb:74:44:10:5b:b7:ff:
3f:d9:ce:0a:66:40:ba:91:c8:e3:86:3e:4a:6c:a3:4d:81:df:
b4:54:29:a4:65:49:45:77:3b:aa:73:38:b7:5d:52:ae:01:2c:
8a:6e:b4:0d:0a:e6:12:28:85:db:87:e3:3d:dd:44:04:2a:6a:
9d:58:44:ec:c2:db:0e:aa:07:f0:2a:46:d6:c0:1b:28:62:69:
19:d4:8b:59:54:0e:f8:48:29:e9:16:09:33:e8:26:6b:47:37:
24:d6:11:81:f5:27:c1:78:1e:10:2c:9e:06:91:59:5b:97:42:
e1:99:df:3d:66:74:aa:28:a5:a8:17:a6:f4:a8:f8:09:58:3b:
34:1c:6a:4f:4d:08:2f:99:b2:e8:f2:21:ef:ce:00:b3:5a:1e:
2b:09:d2:6e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzQCqdvEuqeNCN0fzXXl8LTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwMTAzMTU1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThjMzI5YWMzYzM1M2M2OWI1ODFkMmIxNDBmMWRiZjc0YTU2ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYYbnwMPL5sLgqGjsmczIBuUKr6b
MhTOGM37PznmBAdHgHxQjwTqh1V1JJJSb66IckDEmL/XRhGrdQ47IbleFntzs+xG
ZfKEXFP8LPEpKl3pB1Bs1rVSWmGdoWaCW2RMb0GF81to9Yq//YH9a3HpsCfksUSM
RD5Yx/oNxGt2HmYnj/8kAPAZMxpn8KNCGRyRA0LM+3Gk5/Nl0bw5i4d5KQbtmsm0
Xn41DwlrW381xWUsy01A9WktEoG0lfOG8jFnq3kmT9NBMvPujEIa2BauhcRU5jnL
Rya+1ck1dE+CkXOdz1IzaPvVD7BT+idMrW/N3ejQ3SR/a1yKlb0wKpiAgQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD6MMprDw1PGm1gdKxQPHb90pW0bMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvUG93eW1zUERVOGFiV0IwckZBOGR2M1NsYlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYAKgPvwBcD
BgAqA+/AIwMGACoD78AlAwYAKgPvwCcDBgAqA+/AKTANBgkqhkiG9w0BAQsFAAOC
AQEAScBxRBoddUUiQGVcfK6Vw2DH10gKNRNj73ao4nuwLLI4UjP5ROT4c6+dP6Cf
TyBuKQgPk2c/KZ3qy379Ip7FSG0v7VQ0hCSHbsHVL0KFi7qPgwOoH42kd8XKJGj9
re42pMWTvV/LdEQQW7f/P9nOCmZAupHI44Y+SmyjTYHftFQppGVJRXc7qnM4t11S
rgEsim60DQrmEiiF24fjPd1EBCpqnVhE7MLbDqoH8CpG1sAbKGJpGdSLWVQO+Egp
6RYJM+gma0c3JNYRgfUnwXgeECyeBpFZW5dC4ZnfPWZ0qiilqBem9Kj4CVg7NBxq
T00IL5my6PIh784As1oeKwnSbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org