Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/29zPifNgC0NHhUiYsI52J1tOFGg.roa
File: 29zPifNgC0NHhUiYsI52J1tOFGg.roa (raw, json)
Hash identifier: 47A1S/xM6aQT+bcnuFyPMtWAUKk8GnfoIXcY/iSQbFQ=
Subject key identifier: DB:DC:CF:89:F3:60:0B:43:47:85:48:98:B0:8E:76:27:5B:4E:14:68
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0192C33BEC5322CA823E0DB460B263A821EF
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/29zPifNgC0NHhUiYsI52J1tOFGg.roa
Signing time: Fri 25 Oct 2024 10:32:17 +0000
ROA not before: Fri 25 Oct 2024 10:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0e:5382::/32 maxlen: 32
2a0e:ccc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:3b:ec:53:22:ca:82:3e:0d:b4:60:b2:63:a8:21:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Oct 25 10:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbdccf89f3600b4347854898b08e76275b4e1468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d0:ab:d0:6c:46:7e:4d:27:cf:a4:3c:69:bf:
d4:03:8c:b7:a1:0b:ac:30:cc:0d:ad:27:35:55:65:
83:72:ce:12:77:d1:a8:8a:d1:e4:45:6d:58:11:bf:
2b:08:45:36:ac:fa:d8:fe:df:9b:dc:db:80:8a:50:
20:22:66:3b:93:fd:97:01:67:c0:8b:b3:25:e4:60:
67:71:1e:ac:0e:74:dc:a4:b4:b9:4e:a8:2c:47:90:
34:68:22:d5:09:13:3d:28:16:b9:28:84:a7:69:52:
6c:a0:f7:47:3c:36:39:93:30:a1:ab:4e:23:2a:cd:
24:ff:df:73:67:a1:ab:61:86:89:8a:4f:f3:f1:06:
56:88:b5:64:df:76:49:8b:0b:b3:65:08:6c:c6:39:
ec:63:b7:66:d4:46:66:a6:60:35:fa:91:8d:d0:59:
24:4d:fd:08:92:fa:14:e6:33:ed:b4:5f:cd:6f:74:
05:0c:4b:79:06:25:25:d9:e6:f8:f6:cf:b6:66:a1:
3c:f6:c0:97:05:03:3a:0e:d8:c8:59:3c:ae:09:bd:
e0:3a:f0:e6:4b:e7:8d:69:8c:6d:7d:ac:1f:b9:b5:
b2:4f:44:a0:9b:13:25:e1:fc:07:21:e5:2d:b8:52:
51:a4:08:ff:c1:37:68:93:2e:0f:ec:37:b2:f1:9a:
48:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DC:CF:89:F3:60:0B:43:47:85:48:98:B0:8E:76:27:5B:4E:14:68
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/29zPifNgC0NHhUiYsI52J1tOFGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5382::/32
2a0e:ccc2::/32
Signature Algorithm: sha256WithRSAEncryption
26:d1:ab:1f:8f:a1:6c:11:7c:9e:a4:84:b7:f9:36:0f:a6:3d:
ba:9e:15:eb:86:88:79:96:de:41:02:eb:ce:16:d3:96:cb:aa:
12:01:ee:b9:19:64:90:cb:cc:5a:b0:4c:ae:40:d6:79:94:7c:
26:e9:40:8e:40:7a:7d:37:35:3e:ab:9b:13:d7:3e:da:51:12:
c1:29:e7:70:82:ca:4e:9b:67:27:b1:e1:93:32:15:da:ab:55:
a5:48:94:14:35:b8:97:62:35:ef:b7:4b:f7:e0:f0:61:94:19:
f3:bb:bc:bf:11:5c:f6:23:3d:81:7a:6b:4f:6c:dc:cb:ac:a7:
7c:a0:57:c7:90:09:cb:60:cd:90:a7:74:f9:47:26:50:8c:75:
2d:9b:cb:da:5d:69:e3:aa:8d:e8:ca:d6:9a:7e:ec:e2:7f:6f:
61:50:eb:78:59:c6:7d:c1:ff:a9:41:b3:9e:42:f2:66:ab:a9:
56:df:dc:57:8d:08:6f:e0:14:45:4f:80:e5:ca:ab:49:90:7c:
fd:71:83:b3:2c:d6:d4:49:f2:ff:ab:35:75:c1:bf:9c:da:ec:
a6:cf:b2:86:d8:95:1b:3e:2c:4e:8c:93:5e:c1:79:c9:a1:6c:
d2:29:86:64:97:06:82:25:b9:31:81:f5:1d:8c:63:a2:0b:ea:
5c:5d:a7:4f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZLDO+xTIsqCPg20YLJjqCHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDI1MTAzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmRjY2Y4OWYzNjAwYjQzNDc4NTQ4OThiMDhlNzYyNzViNGUxNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NCr0GxGfk0nz6Q8ab/UA4y3oQus
MMwNrSc1VWWDcs4Sd9GoitHkRW1YEb8rCEU2rPrY/t+b3NuAilAgImY7k/2XAWfA
i7Ml5GBncR6sDnTcpLS5TqgsR5A0aCLVCRM9KBa5KISnaVJsoPdHPDY5kzChq04j
Ks0k/99zZ6GrYYaJik/z8QZWiLVk33ZJiwuzZQhsxjnsY7dm1EZmpmA1+pGN0Fkk
Tf0IkvoU5jPttF/Nb3QFDEt5BiUl2eb49s+2ZqE89sCXBQM6DtjIWTyuCb3gOvDm
S+eNaYxtfawfubWyT0SgmxMl4fwHIeUtuFJRpAj/wTdoky4P7Dey8ZpIqQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNvcz4nzYAtDR4VImLCOdidbThRoMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvMjl6UGlmTmdDME5IaFVpWXNJNTJKMXRPRkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5TggMF
ACoOzMIwDQYJKoZIhvcNAQELBQADggEBACbRqx+PoWwRfJ6khLf5Ng+mPbqeFeuG
iHmW3kEC684W05bLqhIB7rkZZJDLzFqwTK5A1nmUfCbpQI5Aen03NT6rmxPXPtpR
EsEp53CCyk6bZyex4ZMyFdqrVaVIlBQ1uJdiNe+3S/fg8GGUGfO7vL8RXPYjPYF6
a09s3Musp3ygV8eQCctgzZCndPlHJlCMdS2by9pdaeOqjejK1pp+7OJ/b2FQ63hZ
xn3B/6lBs55C8marqVbf3FeNCG/gFEVPgOXKq0mQfP1xg7Ms1tRJ8v+rNXXBv5za
7KbPsobYlRs+LE6Mk17BecmhbNIphmSXBoIluTGB9R2MY6IL6lxdp08=
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:17 2024 by rpki-client on console-ams.rpki-client.org