Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3mWNUlOzEvxfR3e-A8G4Ix0VEPI.roa
File: 3mWNUlOzEvxfR3e-A8G4Ix0VEPI.roa (raw, json)
Hash identifier: xzirgTmAorojI9rcsbjaT4kuXfh18YPhlgS4wDVrKxY=
Subject key identifier: DE:65:8D:52:53:B3:12:FC:5F:47:77:BE:03:C1:B8:23:1D:15:10:F2
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FDBDE884526C5276CAB2BD86D8E02
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3mWNUlOzEvxfR3e-A8G4Ix0VEPI.roa
Signing time: Sun 01 Jan 2023 21:14:45 +0000
ROA not before: Sun 01 Jan 2023 21:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24239
IP address blocks: 2a0e:aa06:490::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:db:de:88:45:26:c5:27:6c:ab:2b:d8:6d:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de658d5253b312fc5f4777be03c1b8231d1510f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f4:c8:b9:b8:e4:e1:84:51:af:6b:8f:35:87:
48:12:93:2c:ec:b9:49:cc:d1:d7:47:a1:1f:9b:fd:
45:52:cf:67:64:45:b9:a4:70:49:36:bb:06:82:02:
2d:0a:d0:fc:72:69:2a:5f:d1:e6:e1:c7:6b:58:15:
a8:57:ed:76:ba:3c:3a:c5:4a:00:d6:16:08:18:a0:
ab:42:ac:5e:9d:c7:72:71:c1:57:c3:78:86:36:4e:
3a:e2:d7:e6:f4:0f:65:31:12:75:97:4c:72:12:bf:
e6:e3:73:71:b2:34:72:1e:12:88:57:09:be:2e:36:
aa:04:5c:59:4c:6e:74:d5:c9:92:42:e6:b2:58:7a:
f4:e9:cd:2e:37:02:19:9f:cc:a4:e3:21:3a:d4:b0:
99:08:37:70:e9:90:08:3e:43:8d:f4:aa:9c:b5:99:
38:4d:71:fb:32:cc:ce:17:99:82:41:4a:90:db:c1:
5f:ac:55:1c:5f:73:dc:ae:8b:10:48:4c:5c:68:86:
33:ef:7a:3a:73:62:b2:1a:d6:7c:8e:06:22:72:22:
85:ed:5e:8c:dd:53:62:fc:9b:91:0c:2d:8d:f2:ae:
4e:0e:13:e4:ce:d0:14:d1:e0:f5:7d:70:c4:9f:28:
e5:13:64:f1:4d:14:41:81:99:ee:33:a4:5c:8e:48:
46:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:65:8D:52:53:B3:12:FC:5F:47:77:BE:03:C1:B8:23:1D:15:10:F2
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/3mWNUlOzEvxfR3e-A8G4Ix0VEPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa06:490::/44
Signature Algorithm: sha256WithRSAEncryption
92:7b:6b:17:51:9c:f3:a6:7d:f7:5f:76:62:6d:02:4a:ac:d9:
2f:c0:14:41:d2:71:af:50:0d:44:3b:20:d1:2a:31:d7:09:cb:
f4:f9:e0:b7:36:7d:77:c2:81:22:95:b4:ec:c9:b0:7b:5d:d6:
98:ba:88:6b:81:7e:86:2b:f1:e1:fd:e0:e9:79:85:1f:db:13:
be:d2:f4:cf:82:a4:75:92:de:c9:c2:8b:e3:a8:c4:9a:d2:3a:
62:89:44:39:46:20:37:04:c3:0c:af:14:7e:b7:18:5c:c1:58:
61:1e:7c:4a:92:3d:43:dd:e4:4b:49:e0:51:85:d7:43:ff:f3:
11:07:54:34:98:05:15:e2:3a:83:5c:72:b9:67:22:3b:96:f9:
65:4e:ac:aa:5a:b2:dc:80:27:7f:1d:a9:f4:c6:8c:d0:8d:da:
d0:92:b8:13:02:15:ad:bf:cf:cd:9d:9b:cb:84:76:df:a2:84:
0e:aa:de:fc:f2:1a:e2:ce:88:f6:34:3c:94:fe:99:75:7b:57:
0a:5a:57:b5:83:a4:f5:a0:c2:49:2f:22:f3:9c:41:ed:07:8a:
a1:0d:f8:05:77:e3:68:ac:97:03:a7:f5:b2:c7:36:d8:8f:d3:
02:79:34:aa:eb:bd:34:f4:db:0f:96:51:2d:87:0c:41:b3:01:
bd:da:4b:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL9veiEUmxSdsqyvYbY4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY1OGQ1MjUzYjMxMmZjNWY0Nzc3YmUwM2MxYjgyMzFkMTUxMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PTIubjk4YRRr2uPNYdIEpMs7LlJ
zNHXR6Efm/1FUs9nZEW5pHBJNrsGggItCtD8cmkqX9Hm4cdrWBWoV+12ujw6xUoA
1hYIGKCrQqxencdyccFXw3iGNk464tfm9A9lMRJ1l0xyEr/m43NxsjRyHhKIVwm+
LjaqBFxZTG501cmSQuayWHr06c0uNwIZn8yk4yE61LCZCDdw6ZAIPkON9KqctZk4
TXH7MszOF5mCQUqQ28FfrFUcX3PcrosQSExcaIYz73o6c2KyGtZ8jgYiciKF7V6M
3VNi/JuRDC2N8q5ODhPkztAU0eD1fXDEnyjlE2TxTRRBgZnuM6RcjkhG8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5ljVJTsxL8X0d3vgPBuCMdFRDyMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvM21XTlVsT3pFdnhmUjNlLUE4RzRJeDBWRVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qBgSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCSe2sXUZzzpn33X3ZibQJKrNkvwBRB0nGvUA1E
OyDRKjHXCcv0+eC3Nn13woEilbTsybB7XdaYuohrgX6GK/Hh/eDpeYUf2xO+0vTP
gqR1kt7JwovjqMSa0jpiiUQ5RiA3BMMMrxR+txhcwVhhHnxKkj1D3eRLSeBRhddD
//MRB1Q0mAUV4jqDXHK5ZyI7lvllTqyqWrLcgCd/Han0xozQjdrQkrgTAhWtv8/N
nZvLhHbfooQOqt788hrizoj2NDyU/pl1e1cKWle1g6T1oMJJLyLznEHtB4qhDfgF
d+NorJcDp/WyxzbYj9MCeTSq67009NsPllEthwxBswG92kvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org