Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/R9j0SMzGoMDQuso26hIaTv8Yvi4.roa
File: R9j0SMzGoMDQuso26hIaTv8Yvi4.roa (raw, json)
Hash identifier: dGli9ldxeThvst8yuWcl3GaMCriwHAakPnGFixbrDOQ=
Subject key identifier: 47:D8:F4:48:CC:C6:A0:C0:D0:BA:CA:36:EA:12:1A:4E:FF:18:BE:2E
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018FA55501198CED595803AF1B759F9E899E
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/R9j0SMzGoMDQuso26hIaTv8Yvi4.roa
Signing time: Thu 23 May 2024 12:02:42 +0000
ROA not before: Thu 23 May 2024 12:02:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a0e:4580::/29 maxlen: 29
2a12:2740::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 May 2024 12:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:55:01:19:8c:ed:59:58:03:af:1b:75:9f:9e:89:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: May 23 12:02:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47d8f448ccc6a0c0d0baca36ea121a4eff18be2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:32:30:1d:df:c6:08:af:90:fb:71:7d:c5:0f:
c9:8f:d3:bc:3e:85:af:3c:bd:93:a0:71:da:9d:f4:
78:8a:f5:1b:d1:1b:76:87:2c:10:c2:ae:2c:8e:07:
0b:33:a8:02:4e:92:6e:f7:ba:bb:1b:d8:40:cb:6c:
ee:6c:b6:85:30:5d:dc:c9:33:10:7e:4f:9d:6e:58:
a2:d5:85:e1:58:6d:ff:20:15:20:80:e5:c6:6c:f7:
37:84:a1:12:20:8f:0e:e7:31:c5:82:42:9f:16:c9:
7e:18:8e:ff:ad:71:c3:8f:ff:6f:e6:32:4e:d6:d0:
00:55:f2:34:74:69:15:48:9e:8c:f5:a8:9b:d1:fb:
d0:d7:79:0b:76:fa:1b:29:f7:cc:07:d7:dc:9e:eb:
fb:5d:4c:68:02:22:5b:ce:84:c4:ae:4b:d6:64:03:
f3:71:b7:67:62:9e:94:92:17:1b:ad:07:e7:01:70:
1f:97:84:c1:b1:d9:c6:c4:3a:d0:79:9b:4c:f8:66:
f1:58:c5:6b:62:16:a8:fe:0e:b5:a2:06:c7:f8:72:
88:1a:94:36:78:0e:e7:dc:42:40:35:89:9d:50:2b:
8c:d0:50:c6:ef:38:91:3f:bb:23:08:b9:26:d6:70:
74:1b:29:97:2d:71:28:9d:db:83:da:2b:ee:31:bb:
9f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D8:F4:48:CC:C6:A0:C0:D0:BA:CA:36:EA:12:1A:4E:FF:18:BE:2E
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/R9j0SMzGoMDQuso26hIaTv8Yvi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4580::/29
2a12:2740::/29
Signature Algorithm: sha256WithRSAEncryption
96:68:76:6e:7c:7c:11:02:ca:fe:ec:9f:57:0b:ec:ca:61:fd:
fc:2e:fa:22:86:91:38:d2:b4:d6:77:10:a0:43:72:93:b8:96:
dc:41:45:97:ac:91:71:22:de:da:29:14:01:12:24:17:89:70:
12:c7:93:30:09:19:09:93:08:dd:f5:37:f2:02:86:c9:46:c9:
47:fb:4a:72:d1:25:a4:ef:ac:3e:09:4c:30:47:9b:68:75:60:
b0:2f:2d:cb:01:fd:94:4b:d6:f8:12:a3:5c:a7:13:a0:22:02:
06:0c:48:77:94:af:7f:a5:25:3b:9b:d7:0a:da:89:d1:63:ac:
f9:79:62:34:ea:52:5e:92:81:63:22:e8:48:3e:65:41:c5:a2:
ac:81:f7:1d:ad:b5:63:db:92:3b:78:3f:11:a5:ae:70:93:e4:
c9:22:c9:a0:b2:41:1e:48:b2:8b:80:56:38:75:12:9c:73:33:
61:e6:8e:2c:f7:81:29:5e:87:79:53:1d:e9:02:9f:54:e8:3e:
f4:38:cd:47:a4:cb:bb:ad:1c:f1:0b:c7:1c:92:8f:61:dc:a0:
63:9a:af:01:a7:29:a9:bc:31:99:2b:e5:b3:ae:a3:d9:bb:be:
0d:03:b5:97:ba:1c:20:d5:a2:2c:e7:eb:f0:f0:79:f9:a1:5e:
a9:45:27:b7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+lVQEZjO1ZWAOvG3WfnomeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwNTIzMTIwMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Q4ZjQ0OGNjYzZhMGMwZDBiYWNhMzZlYTEyMWE0ZWZmMThiZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljIwHd/GCK+Q+3F9xQ/Jj9O8PoWv
PL2ToHHanfR4ivUb0Rt2hywQwq4sjgcLM6gCTpJu97q7G9hAy2zubLaFMF3cyTMQ
fk+dblii1YXhWG3/IBUggOXGbPc3hKESII8O5zHFgkKfFsl+GI7/rXHDj/9v5jJO
1tAAVfI0dGkVSJ6M9aib0fvQ13kLdvobKffMB9fcnuv7XUxoAiJbzoTErkvWZAPz
cbdnYp6UkhcbrQfnAXAfl4TBsdnGxDrQeZtM+GbxWMVrYhao/g61ogbH+HKIGpQ2
eA7n3EJANYmdUCuM0FDG7ziRP7sjCLkm1nB0GymXLXEonduD2ivuMbufwQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEfY9EjMxqDA0LrKNuoSGk7/GL4uMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvUjlqMFNNekdvTURRdXNvMjZoSWFUdjhZdmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg5FgAMF
AyoSJ0AwDQYJKoZIhvcNAQELBQADggEBAJZodm58fBECyv7sn1cL7Mph/fwu+iKG
kTjStNZ3EKBDcpO4ltxBRZeskXEi3topFAESJBeJcBLHkzAJGQmTCN31N/IChslG
yUf7SnLRJaTvrD4JTDBHm2h1YLAvLcsB/ZRL1vgSo1ynE6AiAgYMSHeUr3+lJTub
1wraidFjrPl5YjTqUl6SgWMi6Eg+ZUHFoqyB9x2ttWPbkjt4PxGlrnCT5MkiyaCy
QR5IsouAVjh1EpxzM2Hmjiz3gSleh3lTHekCn1ToPvQ4zUeky7utHPELxxySj2Hc
oGOarwGnKam8MZkr5bOuo9m7vg0DtZe6HCDVoizn6/DwefmhXqlFJ7c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:47 2024 by rpki-client on console-ams.rpki-client.org