Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XkgfkKWPoRURb6Wes5ZsQc0lkJc.roa
File: XkgfkKWPoRURb6Wes5ZsQc0lkJc.roa (raw, json)
Hash identifier: dvQChCkpSr88LEqu4sLCpoo/9SZMFHldtfhNpPgBB3A=
Subject key identifier: 5E:48:1F:90:A5:8F:A1:15:11:6F:A5:9E:B3:96:6C:41:CD:25:90:97
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018F4D672662B89C4CFAC049598F13426F44
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XkgfkKWPoRURb6Wes5ZsQc0lkJc.roa
Signing time: Mon 06 May 2024 10:15:56 +0000
ROA not before: Mon 06 May 2024 10:15:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205745
IP address blocks: 2a09:140::/29 maxlen: 29
2a0d:e0c0::/29 maxlen: 29
2a0e:1b40::/29 maxlen: 29
2a10:240::/29 maxlen: 29
2a10:240::/30 maxlen: 30
2a10:244::/30 maxlen: 30
2a10:740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jun 2024 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:67:26:62:b8:9c:4c:fa:c0:49:59:8f:13:42:6f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 6 10:15:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e481f90a58fa115116fa59eb3966c41cd259097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c3:1d:7e:f9:fa:a3:d8:f7:e4:5a:5a:34:27:
3d:86:82:ad:a9:38:f0:65:e6:24:a9:5a:1e:42:99:
e4:ad:29:b0:3a:5c:a7:9e:3b:d9:f7:09:97:09:1f:
32:21:cf:89:b7:3d:bd:27:86:45:c2:5e:56:4b:20:
68:4c:25:33:e3:f5:d8:ac:97:97:81:1d:ae:73:76:
17:22:b0:4c:76:09:d5:8d:92:86:59:95:5f:55:d3:
50:85:66:f3:70:91:15:b2:47:c3:89:59:4e:fc:b9:
9b:f2:bc:14:7c:66:ce:53:5f:72:7b:db:f0:f7:4b:
7d:50:b7:c9:b4:4d:cf:1e:24:cd:b0:1e:60:4d:82:
bb:2a:2c:52:8d:cd:b9:a8:b2:47:65:93:f3:5c:78:
c2:43:97:62:d4:5d:8e:e3:f2:b0:8f:f8:14:a6:fe:
16:67:55:0d:2e:0c:12:74:92:82:48:f8:1b:5e:e5:
4f:5f:6f:05:a8:a7:50:91:75:21:b2:87:1f:ab:3b:
e6:e9:de:57:b4:bb:0c:84:53:d2:fc:ba:81:23:ef:
b2:40:7b:3a:5f:28:ab:0a:6b:62:5a:12:c0:74:b0:
8e:53:c6:2b:2e:e4:71:25:c4:bf:6b:ec:d3:13:30:
d7:46:8a:02:ca:2b:7b:3f:7a:53:51:5e:03:de:06:
5d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:48:1F:90:A5:8F:A1:15:11:6F:A5:9E:B3:96:6C:41:CD:25:90:97
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/XkgfkKWPoRURb6Wes5ZsQc0lkJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:140::/29
2a0d:e0c0::/29
2a0e:1b40::/29
2a10:240::/29
2a10:740::/29
Signature Algorithm: sha256WithRSAEncryption
68:52:4f:ea:24:75:00:b5:ad:e2:86:85:50:0c:66:27:d6:42:
5a:73:21:19:bb:76:85:43:f7:e1:5d:e7:21:04:49:1a:2e:d8:
7e:df:03:89:76:36:ae:89:d1:e1:7e:9e:66:f2:32:fe:e1:69:
56:ca:0e:ab:9b:fa:da:74:a3:17:bd:1e:ac:76:53:a5:e4:ac:
f0:7e:19:e0:0b:7a:b6:d3:01:a6:ce:94:5f:f0:af:6f:e9:a7:
a2:ed:10:16:9f:2f:d9:75:0f:b1:31:2f:59:6a:c7:24:09:90:
fc:67:4c:61:3a:d0:1f:b4:bc:94:69:4b:3a:c7:8f:13:33:24:
46:0e:84:e4:a6:43:13:6e:94:02:9f:42:56:9b:a2:73:fa:a4:
7c:35:c4:80:5c:68:60:a5:f8:20:a9:d8:82:49:b4:f2:03:b0:
87:77:ef:bc:fe:96:60:a8:69:5c:82:83:21:1a:df:4e:73:be:
8d:9e:5b:cb:6c:c2:a2:e9:de:a2:86:b4:67:5b:10:f9:55:9c:
48:0f:6a:fa:da:a0:3a:23:ec:64:2c:d7:f3:d6:e7:70:99:ea:
91:8e:af:7e:b3:63:30:4e:a3:8d:c1:a6:fd:21:93:6c:a0:eb:
17:96:07:2e:a7:ce:7a:8a:1b:9a:1c:26:fd:ba:18:e6:d5:08:
cf:92:89:3d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY9NZyZiuJxM+sBJWY8TQm9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwNTA2MTAxNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQ4MWY5MGE1OGZhMTE1MTE2ZmE1OWViMzk2NmM0MWNkMjU5MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcMdfvn6o9j35FpaNCc9hoKtqTjw
ZeYkqVoeQpnkrSmwOlynnjvZ9wmXCR8yIc+Jtz29J4ZFwl5WSyBoTCUz4/XYrJeX
gR2uc3YXIrBMdgnVjZKGWZVfVdNQhWbzcJEVskfDiVlO/Lmb8rwUfGbOU19ye9vw
90t9ULfJtE3PHiTNsB5gTYK7KixSjc25qLJHZZPzXHjCQ5di1F2O4/Kwj/gUpv4W
Z1UNLgwSdJKCSPgbXuVPX28FqKdQkXUhsocfqzvm6d5XtLsMhFPS/LqBI++yQHs6
XyirCmtiWhLAdLCOU8YrLuRxJcS/a+zTEzDXRooCyit7P3pTUV4D3gZdywIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF5IH5Clj6EVEW+lnrOWbEHNJZCXMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvWGtnZmtLV1BvUlVSYjZXZXM1WnNRYzBsa0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgkBQAMF
AyoN4MADBQMqDhtAAwUDKhACQAMFAyoQB0AwDQYJKoZIhvcNAQELBQADggEBAGhS
T+okdQC1reKGhVAMZifWQlpzIRm7doVD9+Fd5yEESRou2H7fA4l2Nq6J0eF+nmby
Mv7haVbKDqub+tp0oxe9Hqx2U6XkrPB+GeALerbTAabOlF/wr2/pp6LtEBafL9l1
D7ExL1lqxyQJkPxnTGE60B+0vJRpSzrHjxMzJEYOhOSmQxNulAKfQlabonP6pHw1
xIBcaGCl+CCp2IJJtPIDsId377z+lmCoaVyCgyEa305zvo2eW8tswqLp3qKGtGdb
EPlVnEgPavraoDoj7GQs1/PW53CZ6pGOr36zYzBOo43Bpv0hk2yg6xeWBy6nznqK
G5ocJv26GObVCM+SiT0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:04 2025 by rpki-client