Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNxo2dXZhzHFv4AvHpBiXmvNEXM.roa
File: DNxo2dXZhzHFv4AvHpBiXmvNEXM.roa (raw, json)
Hash identifier: f0Mt2Q51gSDAfUrg81yz1aifUrJ1kJua6cSfwTYYhJM=
Subject key identifier: 0C:DC:68:D9:D5:D9:87:31:C5:BF:80:2F:1E:90:62:5E:6B:CD:11:73
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F79777748039C9ACA45DC8CFDE2232D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNxo2dXZhzHFv4AvHpBiXmvNEXM.roa
Signing time: Sun 01 Jan 2023 22:35:09 +0000
ROA not before: Sun 01 Jan 2023 22:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a0e:a580::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 10 Mar 2023 06:35:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:77:77:48:03:9c:9a:ca:45:dc:8c:fd:e2:23:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cdc68d9d5d98731c5bf802f1e90625e6bcd1173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1e:94:2e:4a:67:6b:9e:dc:84:c8:cc:13:65:
8b:ef:13:c0:6c:aa:f8:6d:34:9b:26:68:f1:7f:0f:
52:f3:71:c6:5a:3c:34:9c:2d:80:31:81:3e:67:16:
ab:bd:1e:61:0f:97:03:da:df:22:ea:06:d0:be:f8:
57:fb:4d:f8:31:d2:ae:04:29:cf:1f:fa:8e:68:3a:
f1:e1:05:f2:d3:44:3b:23:35:a3:78:84:82:a2:ac:
1c:6a:cc:7e:eb:e6:7d:2f:9a:c2:69:f6:ce:a0:91:
73:67:1e:3f:c4:8e:bf:9f:ab:40:01:99:ab:d9:39:
3b:69:7b:84:1c:c7:87:7a:09:68:79:53:5a:74:b3:
74:a8:67:dc:25:6c:85:f8:6c:d3:13:4e:c1:c7:b5:
50:8d:05:bc:99:5d:fe:d0:57:49:49:59:6e:87:9e:
46:2e:2b:ee:19:08:e3:fb:50:49:c0:88:49:5a:bf:
e9:b5:70:81:21:ae:53:87:2c:b6:12:73:e8:e7:ab:
3c:16:26:eb:1b:81:e5:88:b8:95:a3:6f:16:43:9a:
77:32:ad:ae:3e:79:2e:01:94:5b:e9:56:97:a6:f4:
be:0a:26:3f:a9:e4:28:40:33:ae:d6:d5:76:c5:83:
7c:47:aa:b7:39:bd:1a:0d:91:0a:48:43:3a:f0:db:
29:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DC:68:D9:D5:D9:87:31:C5:BF:80:2F:1E:90:62:5E:6B:CD:11:73
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNxo2dXZhzHFv4AvHpBiXmvNEXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:bc:14:37:ee:5b:48:39:6c:2c:41:1a:e9:c7:cc:1b:0b:63:
c5:c1:92:30:f4:06:08:a1:7f:3f:cd:ae:d1:73:97:39:e5:d2:
ff:8c:a4:a5:7c:46:7f:4e:db:02:1d:69:9b:5c:28:5c:46:97:
80:2b:02:16:f1:38:c1:63:b8:f0:8d:e7:1b:3d:d3:ea:9b:e3:
8e:dd:3b:48:5f:34:31:87:ba:9a:bb:4a:6d:ec:ba:0b:9b:97:
85:56:2d:fa:31:8f:53:cc:45:f9:d7:22:53:1c:16:aa:10:cc:
db:8a:5c:2f:f0:a7:a7:a3:b1:60:71:b2:f4:f2:df:44:6b:5f:
1e:77:4e:ab:b5:cb:81:bb:0e:36:85:ed:c0:41:a5:0b:d4:bb:
07:9e:c6:a6:e6:bf:c0:f7:aa:2e:a0:d8:91:28:48:4f:fd:d0:
6f:af:05:45:77:9a:49:ee:fc:72:a7:3e:86:74:be:d9:72:fe:
ed:e2:02:af:f9:98:48:f2:2c:f0:af:89:a1:70:6d:e4:59:34:
e2:4b:a1:ee:64:82:4f:80:65:98:71:5e:1f:d2:10:01:7c:a2:
9b:17:fd:b2:b3:f9:1c:06:4a:28:57:05:72:e6:de:58:95:51:
af:88:bb:95:87:64:27:3e:a4:39:50:39:66:cd:33:d2:c8:fa:
77:d0:67:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveXd3SAOcmspF3Iz94iMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RjNjhkOWQ1ZDk4NzMxYzViZjgwMmYxZTkwNjI1ZTZiY2QxMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh6ULkpna57chMjME2WL7xPAbKr4
bTSbJmjxfw9S83HGWjw0nC2AMYE+ZxarvR5hD5cD2t8i6gbQvvhX+034MdKuBCnP
H/qOaDrx4QXy00Q7IzWjeISCoqwcasx+6+Z9L5rCafbOoJFzZx4/xI6/n6tAAZmr
2Tk7aXuEHMeHegloeVNadLN0qGfcJWyF+GzTE07Bx7VQjQW8mV3+0FdJSVluh55G
LivuGQjj+1BJwIhJWr/ptXCBIa5Thyy2EnPo56s8FibrG4HliLiVo28WQ5p3Mq2u
PnkuAZRb6VaXpvS+CiY/qeQoQDOu1tV2xYN8R6q3Ob0aDZEKSEM68NspYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAzcaNnV2Ycxxb+ALx6QYl5rzRFzMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRE54bzJkWFpoekhGdjRBdkhwQmlYbXZORVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg6jwAMF
AyoOpYADBQMqDrrAMA0GCSqGSIb3DQEBCwUAA4IBAQBuvBQ37ltIOWwsQRrpx8wb
C2PFwZIw9AYIoX8/za7Rc5c55dL/jKSlfEZ/TtsCHWmbXChcRpeAKwIW8TjBY7jw
jecbPdPqm+OO3TtIXzQxh7qau0pt7LoLm5eFVi36MY9TzEX51yJTHBaqEMzbilwv
8Keno7FgcbL08t9Ea18ed06rtcuBuw42he3AQaUL1LsHnsam5r/A96ouoNiRKEhP
/dBvrwVFd5pJ7vxypz6GdL7Zcv7t4gKv+ZhI8izwr4mhcG3kWTTiS6HuZIJPgGWY
cV4f0hABfKKbF/2ys/kcBkooVwVy5t5YlVGviLuVh2QnPqQ5UDlmzTPSyPp30GdC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org