Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/2GyzlsSUuaFrjqyYdO_J2KpdpaQ.roa
File: 2GyzlsSUuaFrjqyYdO_J2KpdpaQ.roa (raw, json)
Hash identifier: nklnCRfEtQG8PSYDqW752HIvJl7Z5F2/Un+56Gr4oKo=
Subject key identifier: D8:6C:B3:96:C4:94:B9:A1:6B:8E:AC:98:74:EF:C9:D8:AA:5D:A5:A4
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01927D4BCB042E5747A797AF2C591C467F29
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/2GyzlsSUuaFrjqyYdO_J2KpdpaQ.roa
Signing time: Fri 11 Oct 2024 20:36:11 +0000
ROA not before: Fri 11 Oct 2024 20:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0e:4bc7::/32 maxlen: 32
2a0e:5385::/32 maxlen: 32
2a0e:5901::/32 maxlen: 32
2a0e:8080::/32 maxlen: 32
2a0e:8082::/32 maxlen: 32
2a0e:ccc2::/32 maxlen: 32
2a0e:ccc5::/32 maxlen: 32
2a0f:c081::/32 maxlen: 32
2a0f:c087::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Oct 2024 03:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:cb:04:2e:57:47:a7:97:af:2c:59:1c:46:7f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Oct 11 20:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86cb396c494b9a16b8eac9874efc9d8aa5da5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:2c:e4:4b:fb:87:43:09:57:fa:16:ae:7f:
f0:c4:6b:44:2e:e3:53:e7:b1:9e:59:52:37:58:6b:
0f:7a:fc:9a:6b:4b:f4:ab:26:26:6a:8c:90:a0:7e:
5b:35:e1:53:5c:f8:a0:89:80:4a:1c:6f:fa:9a:0e:
bf:dc:0d:b4:ea:d1:41:1f:0d:b5:56:dc:76:26:ce:
41:79:32:d7:be:13:e0:20:75:9a:b2:8b:50:ce:14:
9f:52:6a:97:82:bf:2e:c6:58:31:7f:b6:ab:8c:d4:
05:5d:1a:bf:c9:04:25:82:9e:69:28:39:a7:a1:62:
fe:25:12:0d:46:8a:f5:3f:4d:26:a1:86:59:19:01:
53:51:cd:bd:e6:0d:54:69:7f:31:0d:09:eb:6f:65:
ec:d5:b5:43:4a:8c:56:46:51:f7:43:e5:39:e1:8f:
ca:4d:28:24:70:32:75:e0:95:2f:6a:08:96:95:02:
b3:7d:5c:f7:e0:41:45:3e:cd:9a:6e:72:58:e7:e2:
87:a1:16:8a:66:1b:4a:cf:bb:f1:2c:26:dc:35:df:
f5:60:25:c3:24:65:93:75:40:51:66:7c:c8:f6:1b:
23:10:2c:b0:a8:ef:02:13:9a:4a:86:74:b7:38:a0:
dd:99:77:6c:fa:f8:10:3f:b8:3a:fe:e4:62:4e:9c:
ae:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6C:B3:96:C4:94:B9:A1:6B:8E:AC:98:74:EF:C9:D8:AA:5D:A5:A4
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/2GyzlsSUuaFrjqyYdO_J2KpdpaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc7::/32
2a0e:5385::/32
2a0e:5901::/32
2a0e:8080::/32
2a0e:8082::/32
2a0e:ccc2::/32
2a0e:ccc5::/32
2a0f:c081::/32
2a0f:c087::/32
Signature Algorithm: sha256WithRSAEncryption
1f:7b:85:5f:bb:b7:fb:63:72:c1:e5:15:b7:46:58:08:0b:d8:
3b:48:e7:d9:62:56:75:b2:ad:ba:6d:d3:04:65:02:bb:b6:ec:
7b:34:c6:df:c8:71:da:df:1c:58:67:9a:a7:58:41:33:28:b3:
97:28:35:54:23:aa:09:65:a7:7a:a6:a1:94:44:b9:17:66:c7:
de:6b:c2:e1:24:11:13:a8:ad:f7:71:17:a1:be:6c:02:d2:b8:
70:84:e3:63:1e:12:d2:38:d3:12:ef:78:cd:fe:3b:f5:ce:d9:
38:f9:79:a6:2d:25:b3:6e:09:d8:cd:75:1d:46:14:65:70:8e:
b4:e7:a7:86:c8:f1:08:9b:0b:e8:e2:69:41:84:82:07:f9:0c:
5c:05:34:57:7c:2b:83:3d:ca:6b:40:be:50:1c:5a:98:06:4b:
51:5f:11:de:4a:2a:0b:5c:ca:e9:87:4a:96:ba:2d:c1:e3:6d:
dd:cb:23:27:d4:af:34:8e:ee:57:86:05:04:8c:d2:26:44:07:
f7:12:35:3c:85:33:f5:b2:6c:cf:ec:32:6d:bb:ea:19:ea:fe:
46:cd:45:d0:f2:9d:c5:a0:60:81:a1:6a:22:2b:be:e4:c8:94:
22:73:62:78:3b:f3:82:2e:53:36:ac:db:a2:74:1e:7c:27:3d:
96:06:11:a3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZJ9S8sELldHp5evLFkcRn8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDExMjAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZjYjM5NmM0OTRiOWExNmI4ZWFjOTg3NGVmYzlkOGFhNWRhNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX4s5Ev7h0MJV/oWrn/wxGtELuNT
57GeWVI3WGsPevyaa0v0qyYmaoyQoH5bNeFTXPigiYBKHG/6mg6/3A206tFBHw21
Vtx2Js5BeTLXvhPgIHWasotQzhSfUmqXgr8uxlgxf7arjNQFXRq/yQQlgp5pKDmn
oWL+JRINRor1P00moYZZGQFTUc295g1UaX8xDQnrb2Xs1bVDSoxWRlH3Q+U54Y/K
TSgkcDJ14JUvagiWlQKzfVz34EFFPs2abnJY5+KHoRaKZhtKz7vxLCbcNd/1YCXD
JGWTdUBRZnzI9hsjECywqO8CE5pKhnS3OKDdmXds+vgQP7g6/uRiTpyuVwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNhss5bElLmha46smHTvydiqXaWkMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvMkd5emxzU1V1YUZyanF5WWRPX0oyS3BkcGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUAKg5LxwMF
ACoOU4UDBQAqDlkBAwUAKg6AgAMFACoOgIIDBQAqDszCAwUAKg7MxQMFACoPwIED
BQAqD8CHMA0GCSqGSIb3DQEBCwUAA4IBAQAfe4Vfu7f7Y3LB5RW3RlgIC9g7SOfZ
YlZ1sq26bdMEZQK7tux7NMbfyHHa3xxYZ5qnWEEzKLOXKDVUI6oJZad6pqGURLkX
Zsfea8LhJBETqK33cRehvmwC0rhwhONjHhLSONMS73jN/jv1ztk4+XmmLSWzbgnY
zXUdRhRlcI6056eGyPEImwvo4mlBhIIH+QxcBTRXfCuDPcprQL5QHFqYBktRXxHe
SioLXMrph0qWui3B423dyyMn1K80ju5XhgUEjNImRAf3EjU8hTP1smzP7DJtu+oZ
6v5GzUXQ8p3FoGCBoWoiK77kyJQic2J4O/OCLlM2rNuidB58Jz2WBhGj
-----END CERTIFICATE-----
Generated at Mon Oct 14 05:33:04 2024 by rpki-client on console-fra.rpki-client.org