Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/A15nOT9PuqiZROUgwP3On8zgOno.roa
File: A15nOT9PuqiZROUgwP3On8zgOno.roa (raw, json)
Hash identifier: sJfjSoLxQO40n6bHuwaVRTpZareqroh6TrhwT2qWJlE=
Subject key identifier: 03:5E:67:39:3F:4F:BA:A8:99:44:E5:20:C0:FD:CE:9F:CC:E0:3A:7A
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0192B99314C0DE838C48C2EA4E347BC341FD
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/A15nOT9PuqiZROUgwP3On8zgOno.roa
Signing time: Wed 23 Oct 2024 13:31:17 +0000
ROA not before: Wed 23 Oct 2024 13:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0e:5382::/32 maxlen: 32
2a0e:5385::/32 maxlen: 32
2a0e:ccc2::/32 maxlen: 32
2a0f:c081::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:93:14:c0:de:83:8c:48:c2:ea:4e:34:7b:c3:41:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Oct 23 13:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=035e67393f4fbaa89944e520c0fdce9fcce03a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a8:a2:ce:3b:87:cf:8d:c1:0a:bf:fc:e6:da:
bc:3e:4f:b4:9f:00:ed:5b:95:78:d5:d6:1c:5e:34:
b9:eb:98:1c:61:c7:6b:e3:a5:94:78:00:38:83:a9:
b7:f3:7a:1f:f3:96:34:74:c8:aa:c1:43:79:2e:bd:
4b:7f:73:2a:3c:d9:1b:94:2d:41:32:5f:e5:a0:46:
55:d6:10:3a:95:d6:4a:03:e9:df:70:67:69:88:ee:
cd:ca:b1:22:91:f2:0e:80:ab:6b:06:0a:34:56:15:
79:c1:7a:a0:ad:e7:54:1b:ac:0d:d3:c2:66:7b:09:
13:09:86:3a:e4:eb:16:8f:99:7e:01:84:86:91:5d:
ab:92:fb:cd:7f:dd:3c:b3:19:f3:9c:90:b1:95:41:
52:30:30:95:2b:6b:6b:a1:48:20:60:83:94:07:0e:
56:ad:f3:95:96:1d:a9:ec:39:52:dd:00:40:5d:12:
97:f6:d3:ab:a5:b2:c9:38:6a:11:3c:6a:db:f2:e7:
8e:ab:53:48:49:0d:f0:d6:d9:03:c0:49:1b:94:6b:
66:fe:89:12:98:e5:ab:61:8e:21:59:5b:6b:1f:89:
22:12:fa:94:dc:b3:0d:1e:e9:68:9a:9d:48:da:b6:
2b:79:5a:a5:e7:36:b1:9c:8d:f5:52:67:f7:28:b5:
8d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5E:67:39:3F:4F:BA:A8:99:44:E5:20:C0:FD:CE:9F:CC:E0:3A:7A
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/A15nOT9PuqiZROUgwP3On8zgOno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5382::/32
2a0e:5385::/32
2a0e:ccc2::/32
2a0f:c081::/32
Signature Algorithm: sha256WithRSAEncryption
5c:22:f5:8e:c1:16:ef:63:7c:87:bd:5c:f3:2e:98:71:3d:88:
7d:a2:29:e0:a9:95:35:8e:08:74:92:1e:41:3c:a0:d1:be:75:
1c:d0:3a:fd:91:c9:46:8f:0f:bf:0c:9a:d6:f6:a8:71:ef:18:
bb:4b:26:45:95:45:e8:34:5f:6b:2e:ea:e0:c7:2b:dd:d6:b6:
be:95:e4:a1:70:93:93:fb:67:c4:4a:48:b3:c6:99:f5:2e:06:
91:df:cd:77:c8:ad:9e:4d:66:5d:33:6e:8c:b5:8a:14:e3:df:
4a:90:cc:3a:05:cd:3b:02:ee:1b:ec:58:f6:07:fb:2f:93:1f:
8e:f2:79:3a:e6:13:65:35:42:82:7b:f4:80:27:74:82:32:a1:
6c:63:21:6f:5d:a3:94:04:e4:bf:fc:1b:7f:1e:93:f0:9c:10:
6c:9e:ae:e3:60:d9:b0:c8:80:ec:18:9c:20:b7:20:ea:bb:da:
07:2e:28:22:2a:ee:c5:7b:1b:bc:52:28:de:64:bd:6c:79:ca:
e0:46:91:d5:be:3f:64:bc:c9:71:ae:67:ee:f7:31:fc:7e:8d:
cb:df:bd:e7:a3:19:22:64:8c:b7:fb:1b:76:fc:0c:55:3c:bb:
ef:33:dd:7b:a3:52:c3:de:0b:0b:12:bf:9e:3a:bc:33:5d:ae:
7a:bf:b4:f5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZK5kxTA3oOMSMLqTjR7w0H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDIzMTMzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVlNjczOTNmNGZiYWE4OTk0NGU1MjBjMGZkY2U5ZmNjZTAzYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aiizjuHz43BCr/85tq8Pk+0nwDt
W5V41dYcXjS565gcYcdr46WUeAA4g6m383of85Y0dMiqwUN5Lr1Lf3MqPNkblC1B
Ml/loEZV1hA6ldZKA+nfcGdpiO7NyrEikfIOgKtrBgo0VhV5wXqgredUG6wN08Jm
ewkTCYY65OsWj5l+AYSGkV2rkvvNf908sxnznJCxlUFSMDCVK2troUggYIOUBw5W
rfOVlh2p7DlS3QBAXRKX9tOrpbLJOGoRPGrb8ueOq1NISQ3w1tkDwEkblGtm/okS
mOWrYY4hWVtrH4kiEvqU3LMNHulomp1I2rYreVql5zaxnI31Umf3KLWNBQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFANeZzk/T7qomUTlIMD9zp/M4Dp6MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvQTE1bk9UOVB1cWlaUk9VZ3dQM09uOHpnT25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg5TggMF
ACoOU4UDBQAqDszCAwUAKg/AgTANBgkqhkiG9w0BAQsFAAOCAQEAXCL1jsEW72N8
h71c8y6YcT2IfaIp4KmVNY4IdJIeQTyg0b51HNA6/ZHJRo8Pvwya1vaoce8Yu0sm
RZVF6DRfay7q4Mcr3da2vpXkoXCTk/tnxEpIs8aZ9S4Gkd/Nd8itnk1mXTNujLWK
FOPfSpDMOgXNOwLuG+xY9gf7L5MfjvJ5OuYTZTVCgnv0gCd0gjKhbGMhb12jlATk
v/wbfx6T8JwQbJ6u42DZsMiA7BicILcg6rvaBy4oIiruxXsbvFIo3mS9bHnK4EaR
1b4/ZLzJca5n7vcx/H6Ny9+956MZImSMt/sbdvwMVTy77zPde6NSw94LCxK/njq8
M12uer+09Q==
-----END CERTIFICATE-----
Generated at Fri Oct 25 12:38:02 2024 by rpki-client on console-ams.rpki-client.org