Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/0dG9O0a8gSTdf_fWQ5IcH2tXYtQ.roa
File: 0dG9O0a8gSTdf_fWQ5IcH2tXYtQ.roa (raw, json)
Hash identifier: w30NU1FQD1ui3HZOa2RPL26e363ROVH1klkWYqjsuEQ=
Subject key identifier: D1:D1:BD:3B:46:BC:81:24:DD:7F:F7:D6:43:92:1C:1F:6B:57:62:D4
Certificate issuer: /CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Certificate serial: 018FF523B07FE2BF7C14BBAA301377C850F9
Authority key identifier: 5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/0dG9O0a8gSTdf_fWQ5IcH2tXYtQ.roa
Signing time: Fri 07 Jun 2024 23:58:27 +0000
ROA not before: Fri 07 Jun 2024 23:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64286
IP address blocks: 2a0a:7740::/32 maxlen: 32
2a0a:7744::/32 maxlen: 32
2a0a:7745::/32 maxlen: 32
2a0a:7746::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 30 Jun 2024 13:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f5:23:b0:7f:e2:bf:7c:14:bb:aa:30:13:77:c8:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Validity
Not Before: Jun 7 23:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1d1bd3b46bc8124dd7ff7d643921c1f6b5762d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:73:9c:ed:c2:0a:9f:6c:35:d0:13:bc:bd:
dc:2b:9b:91:7f:b1:2b:90:da:77:62:bb:91:df:70:
b0:91:15:67:7e:20:7c:47:5f:6f:f6:78:ab:45:6b:
e2:9b:97:6e:6c:d2:c7:89:ed:1f:95:a3:49:37:64:
58:ec:a7:aa:81:c3:61:53:c1:f6:c3:3a:d1:16:86:
4f:24:d7:66:c0:00:f9:7a:cb:23:50:be:62:e0:07:
f9:5b:43:23:2b:a5:42:47:32:ec:99:eb:5e:ba:8c:
40:f1:11:c5:b1:79:39:07:1f:89:4e:c9:01:15:83:
d2:bb:1b:71:42:20:0e:57:bc:e6:76:60:c4:de:9f:
c0:80:dc:4a:c1:61:0e:5e:87:68:a2:65:fc:cc:ef:
16:5f:27:63:56:93:91:71:19:7c:9e:4e:1a:38:45:
9f:c1:ce:96:06:ac:ae:b6:54:62:40:95:2f:c9:d7:
41:ac:a9:cc:a6:b9:29:2b:6b:b7:73:91:33:e1:f4:
a0:8d:45:b1:8d:a2:dc:7a:49:69:ee:f5:cd:c9:4d:
10:11:ec:a4:94:37:06:98:e1:4b:57:d7:e1:49:b7:
81:a4:6b:61:28:6a:34:c7:a9:b4:87:8a:cf:89:27:
2b:2d:d1:6f:88:2f:20:f4:8c:93:f9:40:58:1f:60:
95:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D1:BD:3B:46:BC:81:24:DD:7F:F7:D6:43:92:1C:1F:6B:57:62:D4
X509v3 Authority Key Identifier:
keyid:5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/0dG9O0a8gSTdf_fWQ5IcH2tXYtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:7740::/32
2a0a:7744::-2a0a:7746:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3d:8e:e9:7c:a1:e4:b6:e5:0c:f5:9f:6b:0f:fb:cb:71:41:70:
8a:6a:ca:b6:34:53:99:fc:f7:e9:c7:19:9d:bf:9c:2b:c3:9c:
ba:b1:41:ca:99:33:bd:47:5e:72:c1:e3:0d:12:ce:be:3b:99:
94:9c:37:52:2e:5c:b6:f3:36:e3:95:46:91:4d:8f:12:c2:be:
6b:4e:e3:4c:77:bc:b2:fc:25:d3:5e:87:c1:c5:24:6b:d9:4e:
64:0e:5e:5c:05:84:58:e4:fa:c0:c8:66:48:e6:b6:3e:14:e6:
70:0b:b6:b1:48:e1:57:18:4a:1b:a9:13:c2:7a:51:74:21:b1:
0a:b7:2e:e7:f4:92:71:fb:5a:5d:f5:21:e2:f0:14:da:21:7a:
d4:de:6a:be:bb:4d:b9:3e:61:d9:8d:57:ee:4e:e4:c9:93:d3:
0e:ed:4f:cb:2d:a7:53:2f:52:bc:b3:f0:3e:a3:10:de:f7:bc:
a8:df:39:59:9f:82:76:07:0d:5a:56:4a:d1:58:5e:60:96:c5:
04:69:bc:00:c6:7a:51:f1:99:70:ce:c0:d1:b4:f5:59:a9:3d:
0b:e4:24:bb:f8:a1:d1:f6:32:ab:12:b4:43:16:60:27:d5:94:
cd:6b:66:7e:b9:60:2c:db:52:cf:82:c5:cc:8c:d8:be:03:53:
95:8b:95:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/1I7B/4r98FLuqMBN3yFD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDMyOTA2NjEzOGJiNTU2NDU3MWZjM2MyOWVlOTUzZTVj
MWM3YTMwHhcNMjQwNjA3MjM1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQxYmQzYjQ2YmM4MTI0ZGQ3ZmY3ZDY0MzkyMWMxZjZiNTc2MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0VznO3CCp9sNdATvL3cK5uRf7Er
kNp3YruR33CwkRVnfiB8R19v9nirRWvim5dubNLHie0flaNJN2RY7KeqgcNhU8H2
wzrRFoZPJNdmwAD5essjUL5i4Af5W0MjK6VCRzLsmeteuoxA8RHFsXk5Bx+JTskB
FYPSuxtxQiAOV7zmdmDE3p/AgNxKwWEOXodoomX8zO8WXydjVpORcRl8nk4aOEWf
wc6WBqyutlRiQJUvyddBrKnMprkpK2u3c5Ez4fSgjUWxjaLceklp7vXNyU0QEeyk
lDcGmOFLV9fhSbeBpGthKGo0x6m0h4rPiScrLdFviC8g9IyT+UBYH2CVkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNHRvTtGvIEk3X/31kOSHB9rV2LUMB8GA1UdIwQY
MBaAFFsDKQZhOLtVZFcfw8Ke6VPlwcejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAt
MzBjN2YzOWQ4ZTFjLzEvMGRHOU8wYThnU1RkZl9mV1E1SWNIMnRYWXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAtMzBjN2YzOWQ4ZTFj
LzEvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKgp3QDAO
AwUCKgp3RAMFACoKd0YwDQYJKoZIhvcNAQELBQADggEBAD2O6Xyh5LblDPWfaw/7
y3FBcIpqyrY0U5n89+nHGZ2/nCvDnLqxQcqZM71HXnLB4w0Szr47mZScN1IuXLbz
NuOVRpFNjxLCvmtO40x3vLL8JdNeh8HFJGvZTmQOXlwFhFjk+sDIZkjmtj4U5nAL
trFI4VcYShupE8J6UXQhsQq3Luf0knH7Wl31IeLwFNohetTear67Tbk+YdmNV+5O
5MmT0w7tT8stp1MvUryz8D6jEN73vKjfOVmfgnYHDVpWStFYXmCWxQRpvADGelHx
mXDOwNG09VmpPQvkJLv4odH2MqsStEMWYCfVlM1rZn65YCzbUs+CxcyM2L4DU5WL
lec=
-----END CERTIFICATE-----
Generated at Sun Jun 30 18:29:26 2024 by rpki-client on console-ams.rpki-client.org