Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_RRUIwsbqS92cClKv1bxHGiDzeM.roa
File: _RRUIwsbqS92cClKv1bxHGiDzeM.roa (raw, json)
Hash identifier: Tc9/sNz8wcTSQMS+hZe9r7PRxwdi+V5WFD/iCUBxrwg=
Subject key identifier: FD:14:54:23:0B:1B:A9:2F:76:70:29:4A:BF:56:F1:1C:68:83:CD:E3
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01927D4AE08729AD71CCF4FEFA24BB605C39
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_RRUIwsbqS92cClKv1bxHGiDzeM.roa
Signing time: Fri 11 Oct 2024 20:35:12 +0000
ROA not before: Fri 11 Oct 2024 20:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4bc7::/32 maxlen: 32
2a0e:5385::/32 maxlen: 32
2a0e:5901::/32 maxlen: 32
2a0e:8080::/32 maxlen: 32
2a0e:8082::/32 maxlen: 32
2a0e:ccc2::/32 maxlen: 32
2a0e:ccc5::/32 maxlen: 32
2a0f:c081::/32 maxlen: 32
2a0f:c087::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Oct 2024 03:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e0:87:29:ad:71:cc:f4:fe:fa:24:bb:60:5c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Oct 11 20:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd1454230b1ba92f7670294abf56f11c6883cde3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1b:fa:cd:87:a1:a2:9c:a0:6b:33:15:59:f3:
72:9a:75:f7:3a:02:f7:8f:a0:51:31:c7:66:c3:08:
db:af:13:b0:79:c0:25:b6:6e:f1:81:7c:e3:7b:ab:
97:22:71:1c:9a:a1:4a:69:99:d5:24:bf:d0:4f:e6:
d3:80:2d:2e:f2:42:0e:f5:98:73:26:03:a8:14:8a:
5a:63:e0:87:39:64:05:6a:bd:33:fb:c6:b8:8b:1f:
28:5e:47:84:0a:44:0b:a8:eb:1a:ae:5a:8c:e5:38:
1d:3b:e5:3d:69:35:e2:28:fd:37:25:c6:4e:77:1c:
56:63:00:1d:76:4b:43:4e:70:7f:6c:01:a7:2e:82:
5b:9e:8b:0e:b7:dd:54:64:fd:7c:f1:aa:6c:60:0d:
ca:f6:87:ae:05:88:c6:be:50:72:de:c1:1c:12:87:
48:24:7a:db:84:d7:7c:01:97:8e:1c:de:ea:ca:fa:
b1:e2:20:d7:4f:c1:cc:db:71:a1:2f:c5:22:2e:20:
f6:51:69:8b:2b:94:a0:c8:07:c6:8e:7b:bc:71:16:
9b:26:a2:c7:88:88:12:1b:2e:55:94:81:ed:36:8e:
00:f6:5d:f4:75:06:be:47:b5:07:a8:4c:6c:c9:96:
ad:99:d5:98:89:67:53:6e:d2:6f:4a:f0:32:a8:2f:
32:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:14:54:23:0B:1B:A9:2F:76:70:29:4A:BF:56:F1:1C:68:83:CD:E3
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/_RRUIwsbqS92cClKv1bxHGiDzeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc7::/32
2a0e:5385::/32
2a0e:5901::/32
2a0e:8080::/32
2a0e:8082::/32
2a0e:ccc2::/32
2a0e:ccc5::/32
2a0f:c081::/32
2a0f:c087::/32
Signature Algorithm: sha256WithRSAEncryption
31:98:99:03:08:ce:1e:58:dd:21:a4:be:a8:e3:b2:7f:00:17:
c0:19:ba:81:ea:78:b1:53:db:cb:02:6f:53:84:b0:27:4a:1e:
ab:f6:28:45:6f:9a:d5:4b:4e:d0:9b:5a:cf:34:54:a6:48:9b:
d7:f7:14:21:f6:64:a3:f5:93:44:ae:1a:f3:96:d4:9e:59:02:
75:f2:cd:b6:bd:49:f2:7a:59:91:3f:01:a1:a3:be:d8:f0:f3:
ac:08:85:fe:e4:b6:60:50:9c:4e:0f:8e:e4:b8:8c:97:c9:e6:
e6:d9:3e:52:4a:02:e4:41:39:72:ea:83:e4:15:00:59:d1:0a:
07:6d:2f:15:27:0c:35:bb:3f:62:4c:e6:de:31:ee:8a:9b:1b:
7c:a7:75:e8:fd:70:91:46:ab:ab:83:95:5b:f9:09:cd:83:dd:
5b:bf:98:af:39:e4:ee:52:11:a8:1f:34:b5:a9:88:8b:5f:7c:
30:6c:e1:fd:79:fc:60:f9:cc:97:2c:3b:dc:ed:a0:cf:2a:5a:
f9:1c:75:ed:0e:95:fa:e7:71:26:a3:3b:1d:ad:61:ca:7c:a6:
ce:1a:a7:2d:99:a1:e9:1f:da:43:59:c7:aa:dc:7a:68:75:5b:
0c:d2:19:34:d0:48:b5:fc:eb:21:33:fe:80:3c:2b:c3:e4:be:
c7:4e:e6:7a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZJ9SuCHKa1xzPT++iS7YFw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMDExMjAzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE0NTQyMzBiMWJhOTJmNzY3MDI5NGFiZjU2ZjExYzY4ODNjZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxv6zYehopygazMVWfNymnX3OgL3
j6BRMcdmwwjbrxOwecAltm7xgXzje6uXInEcmqFKaZnVJL/QT+bTgC0u8kIO9Zhz
JgOoFIpaY+CHOWQFar0z+8a4ix8oXkeECkQLqOsarlqM5TgdO+U9aTXiKP03JcZO
dxxWYwAddktDTnB/bAGnLoJbnosOt91UZP188apsYA3K9oeuBYjGvlBy3sEcEodI
JHrbhNd8AZeOHN7qyvqx4iDXT8HM23GhL8UiLiD2UWmLK5SgyAfGjnu8cRabJqLH
iIgSGy5VlIHtNo4A9l30dQa+R7UHqExsyZatmdWYiWdTbtJvSvAyqC8yLQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFP0UVCMLG6kvdnApSr9W8Rxog83jMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvX1JSVUl3c2JxUzkyY0NsS3YxYnhIR2lEemVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUAKg5LxwMF
ACoOU4UDBQAqDlkBAwUAKg6AgAMFACoOgIIDBQAqDszCAwUAKg7MxQMFACoPwIED
BQAqD8CHMA0GCSqGSIb3DQEBCwUAA4IBAQAxmJkDCM4eWN0hpL6o47J/ABfAGbqB
6nixU9vLAm9ThLAnSh6r9ihFb5rVS07Qm1rPNFSmSJvX9xQh9mSj9ZNErhrzltSe
WQJ18s22vUnyelmRPwGho77Y8POsCIX+5LZgUJxOD47kuIyXyebm2T5SSgLkQTly
6oPkFQBZ0QoHbS8VJww1uz9iTObeMe6Kmxt8p3Xo/XCRRqurg5Vb+QnNg91bv5iv
OeTuUhGoHzS1qYiLX3wwbOH9efxg+cyXLDvc7aDPKlr5HHXtDpX653EmozsdrWHK
fKbOGqctmaHpH9pDWceq3HpodVsM0hk00Ei1/OshM/6APCvD5L7HTuZ6
-----END CERTIFICATE-----
Generated at Mon Oct 14 05:49:48 2024 by rpki-client on console-ams.rpki-client.org