Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/0h42V4ugE74JlWduoQtP8s71SNc.roa
File: 0h42V4ugE74JlWduoQtP8s71SNc.roa (raw, json)
Hash identifier: HvAkbWXnDBWc0C1zXnWr/QsikhXVbjhfNidTog/tjAM=
Subject key identifier: D2:1E:36:57:8B:A0:13:BE:09:95:67:6E:A1:0B:4F:F2:CE:F5:48:D7
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018F061F0B6864002ADBE391D4B1D27A16CF
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/0h42V4ugE74JlWduoQtP8s71SNc.roa
Signing time: Mon 22 Apr 2024 14:04:08 +0000
ROA not before: Mon 22 Apr 2024 14:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4bc7::/32 maxlen: 32
2a0e:ccc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 28 Sep 2024 08:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:1f:0b:68:64:00:2a:db:e3:91:d4:b1:d2:7a:16:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Apr 22 14:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d21e36578ba013be0995676ea10b4ff2cef548d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:12:6f:ff:0b:63:a6:87:9a:e6:f1:d1:dd:4f:
e8:5b:14:c5:2b:74:7c:71:87:3e:fb:f3:42:92:e2:
b5:f1:b4:33:61:ad:ed:e7:96:fb:0b:98:42:92:85:
6f:1d:40:8f:46:d1:2a:c7:43:82:2f:c6:55:be:cf:
27:7c:19:30:14:54:16:44:22:5c:c2:d2:72:ac:7d:
cf:2a:3a:f4:b6:5e:5c:d6:a2:bd:d2:00:61:d6:e1:
de:38:ad:f7:44:d0:1e:d4:80:88:54:f6:d3:ac:ac:
ab:5c:f1:3a:5b:5e:1b:18:99:57:05:cb:25:5e:c7:
e7:8c:af:c9:c6:b5:ab:78:7f:29:ea:03:3c:3f:15:
54:bf:88:d4:04:6f:1d:f6:6c:89:22:a9:28:12:a3:
02:a0:18:76:57:e5:2c:51:c2:bc:b2:68:1f:78:4f:
d4:c4:7e:f6:d6:5a:8b:38:89:fb:05:81:05:76:ee:
55:e8:fc:5e:f6:80:c0:b5:41:ea:77:2a:c8:e7:0c:
fb:4d:29:19:dd:96:95:89:f6:53:4a:6f:c9:bb:45:
19:97:22:7d:31:8d:0f:74:3c:e3:2b:8e:e6:b1:ad:
c1:6f:11:5b:5f:c6:03:f6:d2:f2:17:50:c1:f4:84:
a6:96:7b:d8:f0:93:77:b3:dc:86:5f:1e:3a:0d:e7:
33:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1E:36:57:8B:A0:13:BE:09:95:67:6E:A1:0B:4F:F2:CE:F5:48:D7
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/0h42V4ugE74JlWduoQtP8s71SNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc7::/32
2a0e:ccc5::/32
Signature Algorithm: sha256WithRSAEncryption
73:a1:fb:1f:49:e8:64:1d:63:5a:67:8a:f8:cc:ef:b6:d7:af:
3f:32:ca:63:68:b6:04:31:dd:0a:9b:1d:97:eb:79:66:b1:e5:
07:d0:5a:91:07:e2:97:50:60:31:a7:ee:8e:b4:a0:ad:e9:1b:
a6:77:9a:4e:d0:c5:6f:29:63:b2:fa:f8:85:aa:f6:20:67:e8:
3e:11:55:a0:19:5d:e8:0c:82:8b:cc:e4:20:1e:52:97:08:0c:
fb:db:0c:ad:28:ee:93:52:34:f9:f9:4a:cf:65:f1:ed:3c:f4:
6f:7c:49:c4:7f:7b:22:3f:2d:b3:1c:87:5e:fe:30:54:2f:fc:
a7:61:76:60:2c:34:52:5a:06:4a:f0:de:38:92:4e:da:e1:3e:
56:5b:8f:f9:6a:b5:dd:3e:7f:81:33:60:3b:9b:1c:d6:98:64:
28:6f:44:fb:c3:32:cb:00:e2:42:ba:c1:3a:fc:44:c0:1d:46:
b2:e4:12:f8:b6:d9:93:bd:ea:ae:9c:40:3f:05:e6:27:79:4b:
e3:07:26:a1:f4:a3:53:9e:d7:a4:31:1e:8d:02:f0:9a:2f:2f:
55:96:87:16:c4:50:9e:6d:a4:a0:57:68:67:85:95:09:d3:cf:
26:22:5e:d3:af:76:07:d5:7a:00:fe:63:d1:25:b7:c2:4f:55:
65:46:49:a0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8GHwtoZAAq2+OR1LHSehbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwNDIyMTQwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFlMzY1NzhiYTAxM2JlMDk5NTY3NmVhMTBiNGZmMmNlZjU0OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxJv/wtjpoea5vHR3U/oWxTFK3R8
cYc++/NCkuK18bQzYa3t55b7C5hCkoVvHUCPRtEqx0OCL8ZVvs8nfBkwFFQWRCJc
wtJyrH3PKjr0tl5c1qK90gBh1uHeOK33RNAe1ICIVPbTrKyrXPE6W14bGJlXBcsl
XsfnjK/JxrWreH8p6gM8PxVUv4jUBG8d9myJIqkoEqMCoBh2V+UsUcK8smgfeE/U
xH721lqLOIn7BYEFdu5V6Pxe9oDAtUHqdyrI5wz7TSkZ3ZaVifZTSm/Ju0UZlyJ9
MY0PdDzjK47msa3BbxFbX8YD9tLyF1DB9ISmlnvY8JN3s9yGXx46DeczdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNIeNleLoBO+CZVnbqELT/LO9UjXMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvMGg0MlY0dWdFNzRKbFdkdW9RdFA4czcxU05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5LxwMF
ACoOzMUwDQYJKoZIhvcNAQELBQADggEBAHOh+x9J6GQdY1pnivjM77bXrz8yymNo
tgQx3QqbHZfreWax5QfQWpEH4pdQYDGn7o60oK3pG6Z3mk7QxW8pY7L6+IWq9iBn
6D4RVaAZXegMgovM5CAeUpcIDPvbDK0o7pNSNPn5Ss9l8e089G98ScR/eyI/LbMc
h17+MFQv/KdhdmAsNFJaBkrw3jiSTtrhPlZbj/lqtd0+f4EzYDubHNaYZChvRPvD
MssA4kK6wTr8RMAdRrLkEvi22ZO96q6cQD8F5id5S+MHJqH0o1Oe16QxHo0C8Jov
L1WWhxbEUJ5tpKBXaGeFlQnTzyYiXtOvdgfVegD+Y9Elt8JPVWVGSaA=
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:34:55 2024 by rpki-client on console-ams.rpki-client.org