Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/p5Rh2n-EQ4PNOKIHrUDMyZEpZgA.roa
File: p5Rh2n-EQ4PNOKIHrUDMyZEpZgA.roa (raw, json)
Hash identifier: EY0KKzyxnd7kba2kRvcUDp9w74MBQui2WVAJq0kC2pk=
Subject key identifier: A7:94:61:DA:7F:84:43:83:CD:38:A2:07:AD:40:CC:C9:91:29:66:00
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0187FC7FD76A1C19E12155D8EE29383E9A7B
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/p5Rh2n-EQ4PNOKIHrUDMyZEpZgA.roa
Signing time: Mon 08 May 2023 17:54:09 +0000
ROA not before: Mon 08 May 2023 17:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203629
IP address blocks: 2a0f:cf84::/30 maxlen: 30
2a09:3800::/30 maxlen: 30
2a0b:ab04::/30 maxlen: 30
2a09:3b04::/30 maxlen: 30
2a0a:2880::/30 maxlen: 30
2a09:3804::/30 maxlen: 30
2a0a:2884::/30 maxlen: 30
2a10:d8c4::/30 maxlen: 30
2a0d:2e44::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 27 Jun 2023 07:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:7f:d7:6a:1c:19:e1:21:55:d8:ee:29:38:3e:9a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: May 8 17:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a79461da7f844383cd38a207ad40ccc991296600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:2f:fc:88:2c:c5:cd:01:ac:1b:94:4a:91:
fe:b0:af:75:b0:f9:f8:27:37:82:5e:4c:32:fd:f8:
2f:f8:51:04:6b:dc:38:2f:e6:81:b5:f1:59:09:90:
a1:ef:6e:c9:55:7e:26:68:3e:d7:59:5b:02:f2:ee:
8f:5b:5b:7b:c9:f2:5d:76:83:3c:c5:a1:0e:fb:c6:
46:63:fe:ee:b6:9a:7e:c1:62:a9:3b:03:80:62:0f:
0a:07:2c:46:59:32:fb:bf:c6:1a:12:37:65:89:b7:
c1:af:6f:be:f9:0f:fd:90:dd:0d:65:d7:3f:79:ae:
b6:df:8f:d6:c9:51:6d:15:fb:ce:80:f6:84:76:1c:
73:64:c9:00:a3:4f:96:b7:41:a4:cc:47:44:20:d5:
2e:92:66:d7:3c:c1:60:70:f1:af:82:e1:a2:40:b5:
c8:12:4d:09:f9:d5:89:33:2e:ba:38:33:c8:96:28:
14:df:1e:a8:d4:ca:05:89:08:6c:3e:ad:e4:85:28:
ac:12:c9:e7:bf:bf:18:1b:9a:cb:23:e1:81:9b:44:
3d:e0:63:1e:1d:ec:7c:f2:ef:e8:9d:b6:ba:7b:c9:
1d:8e:08:5c:33:bc:6a:7b:55:f6:e9:87:65:03:18:
10:30:37:bb:27:4b:a4:6f:28:7a:26:fe:7c:63:cd:
be:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:94:61:DA:7F:84:43:83:CD:38:A2:07:AD:40:CC:C9:91:29:66:00
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/p5Rh2n-EQ4PNOKIHrUDMyZEpZgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3800::/29
2a09:3b04::/30
2a0a:2880::/29
2a0b:ab04::/30
2a0d:2e44::/30
2a0f:cf84::/30
2a10:d8c4::/30
Signature Algorithm: sha256WithRSAEncryption
b3:73:52:ac:8d:ad:27:cc:b7:15:11:3a:7f:39:ba:17:64:67:
5a:e4:94:5e:25:c8:cc:bd:ad:5f:51:f7:ea:a2:9f:03:47:75:
96:21:1e:ce:cb:20:42:e1:be:9f:d0:59:d2:9f:00:5b:ad:6a:
18:47:c9:72:9e:a6:13:47:9c:31:ca:86:5d:86:7a:42:ea:1f:
a7:58:84:d0:7d:52:fd:30:1d:3f:0f:29:aa:d5:fe:a4:42:7d:
46:b4:4a:75:08:59:29:e9:9b:0c:56:f2:f7:c9:a1:33:7e:3f:
2f:3e:44:27:ac:95:67:35:0d:09:c3:ab:b6:c9:9c:67:81:0e:
77:81:ae:78:59:b0:9d:3b:af:ba:31:4c:3e:73:6b:b5:3e:5c:
71:04:99:e1:34:40:a4:52:a1:74:8a:89:2b:b9:51:89:c9:a2:
da:0f:e8:d0:2f:9f:f5:90:a1:14:ee:e1:86:bf:c9:62:0b:e3:
93:35:61:28:70:a2:91:f4:35:b9:27:31:7f:96:21:15:98:cd:
69:d7:a7:23:73:25:4c:5d:3e:7f:88:bb:66:d5:3d:42:a8:67:
a6:d5:91:fe:cc:2d:ec:04:96:18:78:d2:38:5f:4d:4f:22:8b:
a2:2c:f7:ca:86:49:28:3f:25:d4:72:83:8b:f5:f3:a4:da:35:
06:1f:d7:03
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYf8f9dqHBnhIVXY7ik4Ppp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNTA4MTc1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk0NjFkYTdmODQ0MzgzY2QzOGEyMDdhZDQwY2NjOTkxMjk2NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAYv/Igsxc0BrBuUSpH+sK91sPn4
JzeCXkwy/fgv+FEEa9w4L+aBtfFZCZCh727JVX4maD7XWVsC8u6PW1t7yfJddoM8
xaEO+8ZGY/7utpp+wWKpOwOAYg8KByxGWTL7v8YaEjdlibfBr2+++Q/9kN0NZdc/
ea6234/WyVFtFfvOgPaEdhxzZMkAo0+Wt0GkzEdEINUukmbXPMFgcPGvguGiQLXI
Ek0J+dWJMy66ODPIligU3x6o1MoFiQhsPq3khSisEsnnv78YG5rLI+GBm0Q94GMe
Hex88u/onba6e8kdjghcM7xqe1X26YdlAxgQMDe7J0ukbyh6Jv58Y82+NwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKeUYdp/hEODzTiiB61AzMmRKWYAMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcDVSaDJuLUVRNFBOT0tJSHJVRE15WkVwWmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgk4AAMF
AioJOwQDBQMqCiiAAwUCKgurBAMFAioNLkQDBQIqD8+EAwUCKhDYxDANBgkqhkiG
9w0BAQsFAAOCAQEAs3NSrI2tJ8y3FRE6fzm6F2RnWuSUXiXIzL2tX1H36qKfA0d1
liEezssgQuG+n9BZ0p8AW61qGEfJcp6mE0ecMcqGXYZ6Quofp1iE0H1S/TAdPw8p
qtX+pEJ9RrRKdQhZKembDFby98mhM34/Lz5EJ6yVZzUNCcOrtsmcZ4EOd4GueFmw
nTuvujFMPnNrtT5ccQSZ4TRApFKhdIqJK7lRicmi2g/o0C+f9ZChFO7hhr/JYgvj
kzVhKHCikfQ1uScxf5YhFZjNadenI3MlTF0+f4i7ZtU9QqhnptWR/swt7ASWGHjS
OF9NTyKLoiz3yoZJKD8l1HKDi/XzpNo1Bh/XAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org