Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/_0g8xrUgoj03e_uWuLhpPte_gFE.roa
File: _0g8xrUgoj03e_uWuLhpPte_gFE.roa (raw, json)
Hash identifier: TjGXeBOnr2xi1UWUC39g/ytyVCXtDVHz3NhuXFNLMv4=
Subject key identifier: FF:48:3C:C6:B5:20:A2:3D:37:7B:FB:96:B8:B8:69:3E:D7:BF:80:51
Certificate issuer: /CN=3d0483538737453e2f57ffb57499c3922e83636d
Certificate serial: 018C168BAC3510B0132B07413C706A9DC2C5
Authority key identifier: 3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/_0g8xrUgoj03e_uWuLhpPte_gFE.roa
Signing time: Tue 28 Nov 2023 15:28:21 +0000
ROA not before: Tue 28 Nov 2023 15:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 2a07:6d40::/29 maxlen: 29
2a07:6d40:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:8b:ac:35:10:b0:13:2b:07:41:3c:70:6a:9d:c2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0483538737453e2f57ffb57499c3922e83636d
Validity
Not Before: Nov 28 15:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff483cc6b520a23d377bfb96b8b8693ed7bf8051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b8:46:8f:16:2c:82:89:44:38:0a:82:4b:07:
fb:6a:09:77:9a:f3:b4:c6:39:ab:cb:64:0b:8f:44:
05:70:d8:b3:86:62:67:1f:83:72:bd:96:3d:99:09:
6d:76:12:c5:e0:c9:4f:d5:01:22:42:0f:fa:7c:a3:
b6:36:ff:83:ed:02:5a:8c:3b:9a:65:ed:8e:ce:77:
81:3a:f7:62:cd:c5:af:df:d9:ce:61:92:b2:86:24:
e9:af:66:9f:f9:52:6b:a0:0e:2f:26:68:1d:5c:39:
90:22:ce:f2:32:60:b3:3e:cd:99:88:c2:ab:8e:5e:
90:ff:ac:d3:8c:7d:5d:27:78:f0:4b:cb:d2:83:59:
96:83:4d:2a:84:3b:9f:35:4c:31:ca:a9:88:f6:02:
e8:32:52:47:26:35:87:91:23:72:23:89:33:17:f0:
22:d1:0f:c3:1f:30:e6:cb:ba:2d:30:51:0b:87:a9:
80:d1:44:13:d7:f1:a9:6c:3c:21:6b:43:d3:cb:6d:
9f:37:0b:0a:4e:88:79:22:e7:c1:c2:4f:3c:94:fb:
17:a0:e7:18:f9:c6:18:e0:c0:de:89:7c:54:88:d0:
e7:9c:a3:b9:d1:d3:60:55:10:24:f8:64:74:d4:0a:
26:aa:ae:2f:16:a7:f3:fb:ab:3c:9b:a7:9b:ce:f6:
e8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:48:3C:C6:B5:20:A2:3D:37:7B:FB:96:B8:B8:69:3E:D7:BF:80:51
X509v3 Authority Key Identifier:
keyid:3D:04:83:53:87:37:45:3E:2F:57:FF:B5:74:99:C3:92:2E:83:63:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQSDU4c3RT4vV_-1dJnDki6DY20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/_0g8xrUgoj03e_uWuLhpPte_gFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/e106c3-0b1f-4010-86f1-65a46c8e41e9/1/PQSDU4c3RT4vV_-1dJnDki6DY20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:52:73:40:fd:17:b2:2f:65:d0:b9:24:46:04:d7:87:dc:7f:
3d:45:dd:2f:d0:d5:31:47:3c:d3:ae:0e:61:2c:9c:d6:df:ab:
3e:63:bf:b9:a8:7c:cd:8e:c4:35:ee:77:23:63:16:7b:f0:e4:
f1:0e:20:da:17:55:86:0e:66:b7:28:56:9a:5f:ff:24:72:ee:
dd:bd:33:ad:d2:12:a9:a0:f2:0e:57:8e:9b:8b:a5:54:a2:f4:
4e:ce:29:3d:f3:3b:79:89:44:38:ef:11:77:d3:d4:a4:5f:00:
8c:2d:32:e4:7d:a2:37:96:bc:65:a2:09:0d:d2:e4:04:fc:07:
fa:36:1a:a4:e9:2b:23:a2:3a:b7:21:ce:3d:76:67:94:bf:91:
57:7d:80:b0:8a:f8:2a:c4:ef:b0:61:87:1f:30:04:eb:0f:30:
81:f8:9a:5a:8c:93:47:41:91:53:c6:e8:56:57:d7:9e:08:56:
d6:f7:ac:a8:a3:85:bd:b0:03:b3:df:52:70:6b:e9:88:f8:89:
1c:34:15:b8:ce:30:a4:85:91:0f:97:18:ba:55:6f:aa:98:86:
0e:c2:9b:d4:d8:a2:1c:37:62:1e:77:50:2c:18:7b:81:98:77:
76:af:7d:e9:05:9c:21:99:d6:df:3f:e7:8b:c2:d2:79:b5:95:
40:f4:82:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwWi6w1ELATKwdBPHBqncLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDQ4MzUzODczNzQ1M2UyZjU3ZmZiNTc0OTljMzkyMmU4
MzYzNmQwHhcNMjMxMTI4MTUyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ4M2NjNmI1MjBhMjNkMzc3YmZiOTZiOGI4NjkzZWQ3YmY4MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurhGjxYsgolEOAqCSwf7agl3mvO0
xjmry2QLj0QFcNizhmJnH4NyvZY9mQltdhLF4MlP1QEiQg/6fKO2Nv+D7QJajDua
Ze2OzneBOvdizcWv39nOYZKyhiTpr2af+VJroA4vJmgdXDmQIs7yMmCzPs2ZiMKr
jl6Q/6zTjH1dJ3jwS8vSg1mWg00qhDufNUwxyqmI9gLoMlJHJjWHkSNyI4kzF/Ai
0Q/DHzDmy7otMFELh6mA0UQT1/GpbDwha0PTy22fNwsKToh5IufBwk88lPsXoOcY
+cYY4MDeiXxUiNDnnKO50dNgVRAk+GR01Aomqq4vFqfz+6s8m6ebzvbo7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP9IPMa1IKI9N3v7lri4aT7Xv4BRMB8GA1UdIwQY
MBaAFD0Eg1OHN0U+L1f/tXSZw5Iug2NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEt
NjVhNDZjOGU0MWU5LzEvXzBnOHhyVWdvajAzZV91V3VMaHBQdGVfZ0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9lMTA2YzMtMGIxZi00MDEwLTg2ZjEtNjVhNDZjOGU0MWU5
LzEvUFFTRFU0YzNSVDR2Vl8tMWRKbkRraTZEWTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdtQDAN
BgkqhkiG9w0BAQsFAAOCAQEALVJzQP0Xsi9l0LkkRgTXh9x/PUXdL9DVMUc8064O
YSyc1t+rPmO/uah8zY7ENe53I2MWe/Dk8Q4g2hdVhg5mtyhWml//JHLu3b0zrdIS
qaDyDleOm4ulVKL0Ts4pPfM7eYlEOO8Rd9PUpF8AjC0y5H2iN5a8ZaIJDdLkBPwH
+jYapOkrI6I6tyHOPXZnlL+RV32AsIr4KsTvsGGHHzAE6w8wgfiaWoyTR0GRU8bo
VlfXnghW1vesqKOFvbADs99ScGvpiPiJHDQVuM4wpIWRD5cYulVvqpiGDsKb1Nii
HDdiHndQLBh7gZh3dq996QWcIZnW3z/ni8LSebWVQPSCYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:32 2024 by rpki-client on console-fra.rpki-client.org