Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/1YSUqNpZwO54sb9OCr-lti3PXbc.roa
File: 1YSUqNpZwO54sb9OCr-lti3PXbc.roa (raw, json)
Hash identifier: glMt0/N60yU4ZsN/hOG3lXxBnGN63mRITROkriqDgzU=
Subject key identifier: D5:84:94:A8:DA:59:C0:EE:78:B1:BF:4E:0A:BF:A5:B6:2D:CF:5D:B7
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018E5C6CE91E612AF8D62807E2F211F0574C
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/1YSUqNpZwO54sb9OCr-lti3PXbc.roa
Signing time: Wed 20 Mar 2024 15:13:45 +0000
ROA not before: Wed 20 Mar 2024 15:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57358
IP address blocks: 2a02:2e0:3ec::/48 maxlen: 128
Validation: Failed, certificate revoked on Fri 03 May 2024 06:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:6c:e9:1e:61:2a:f8:d6:28:07:e2:f2:11:f0:57:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Mar 20 15:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d58494a8da59c0ee78b1bf4e0abfa5b62dcf5db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cd:26:58:21:15:00:77:ec:72:30:18:15:a9:
a4:da:18:31:bf:31:51:66:ed:09:67:67:48:1c:7b:
41:b3:0a:0f:fb:6a:c7:d6:ad:d7:18:62:e2:47:20:
27:0a:f2:01:e1:a1:40:59:8a:5c:9b:1d:56:15:9c:
47:79:d1:bc:04:20:8e:a3:19:c0:ca:67:9f:ff:62:
8c:3d:24:3d:53:9d:2b:20:81:ea:5e:4e:15:e4:a2:
a5:94:d4:8d:67:d6:2a:0e:5a:c2:47:c6:7f:c4:d4:
e2:05:50:7e:a0:9e:17:32:45:da:63:61:ae:9c:e4:
19:9e:c2:4c:5a:88:bd:dd:80:1b:4e:22:42:53:51:
c9:7f:8c:e7:fb:79:2b:8d:ec:a9:89:14:9f:c2:a9:
81:20:17:5d:d5:89:64:98:b5:13:c1:e0:c7:15:fe:
8f:29:57:ba:da:8d:5a:14:ec:d8:b9:53:ab:b9:32:
f8:bf:3e:73:41:39:09:dc:39:0f:a9:48:e1:4e:d4:
00:e2:1f:14:85:4c:9c:c0:ef:8a:90:c6:f2:2f:32:
6a:a0:98:34:5f:1f:8e:2b:82:fc:fb:48:e4:77:7a:
36:e1:cc:5f:2e:40:58:90:ca:a4:38:df:19:12:83:
60:d6:1e:e6:23:df:22:75:c5:53:82:0c:63:e7:33:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:84:94:A8:DA:59:C0:EE:78:B1:BF:4E:0A:BF:A5:B6:2D:CF:5D:B7
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/1YSUqNpZwO54sb9OCr-lti3PXbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2e0:3ec::/48
Signature Algorithm: sha256WithRSAEncryption
33:fb:ad:ec:2e:4f:c7:c1:e5:23:99:1a:76:b3:c8:7f:24:64:
0c:7d:26:49:40:55:95:b6:a7:d5:78:b8:2c:12:03:f7:21:5c:
cf:fa:ce:e3:49:39:f8:51:5c:8e:d8:58:09:bc:4b:6b:f7:65:
cf:2b:5a:ed:cc:04:c2:df:8d:4a:0d:5f:dc:48:49:5d:7d:87:
2e:4a:bc:42:b9:8a:4e:24:56:38:68:ad:85:dc:8c:9e:ee:b2:
65:99:61:cd:4e:fe:71:1f:44:cc:99:2f:be:ba:00:a8:0d:93:
e4:fb:f4:ca:fe:71:4e:80:a3:78:45:9e:eb:66:41:1e:90:d9:
ef:f0:98:f4:33:3e:6b:7a:bf:b2:88:9d:33:66:25:62:85:9a:
f0:c7:2e:ed:2c:b6:56:a1:7f:29:ae:6a:01:81:b7:34:70:53:
ba:0d:aa:05:66:ed:6d:a4:3e:0b:02:e1:88:b4:55:f6:b9:0e:
f6:c1:2e:02:92:2b:64:1e:11:da:a2:55:8f:f9:ef:e9:37:0f:
f9:a7:e8:ee:bb:f2:0a:99:57:e3:04:65:7e:96:31:40:72:5b:
d1:86:dd:91:5a:15:f6:d2:93:d8:0b:13:d7:75:d4:44:50:c4:
9b:2c:48:31:13:08:4a:72:32:cd:a6:02:d8:bf:09:e2:5e:56:
61:c6:dc:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY5cbOkeYSr41igH4vIR8FdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMzIwMTUxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg0OTRhOGRhNTljMGVlNzhiMWJmNGUwYWJmYTViNjJkY2Y1ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c0mWCEVAHfscjAYFamk2hgxvzFR
Zu0JZ2dIHHtBswoP+2rH1q3XGGLiRyAnCvIB4aFAWYpcmx1WFZxHedG8BCCOoxnA
ymef/2KMPSQ9U50rIIHqXk4V5KKllNSNZ9YqDlrCR8Z/xNTiBVB+oJ4XMkXaY2Gu
nOQZnsJMWoi93YAbTiJCU1HJf4zn+3krjeypiRSfwqmBIBdd1YlkmLUTweDHFf6P
KVe62o1aFOzYuVOruTL4vz5zQTkJ3DkPqUjhTtQA4h8UhUycwO+KkMbyLzJqoJg0
Xx+OK4L8+0jkd3o24cxfLkBYkMqkON8ZEoNg1h7mI98idcVTggxj5zO7EQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNWElKjaWcDueLG/Tgq/pbYtz123MB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvMVlTVXFOcFp3TzU0c2I5T0NyLWx0aTNQWGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIC4APs
MA0GCSqGSIb3DQEBCwUAA4IBAQAz+63sLk/HweUjmRp2s8h/JGQMfSZJQFWVtqfV
eLgsEgP3IVzP+s7jSTn4UVyO2FgJvEtr92XPK1rtzATC341KDV/cSEldfYcuSrxC
uYpOJFY4aK2F3Iye7rJlmWHNTv5xH0TMmS++ugCoDZPk+/TK/nFOgKN4RZ7rZkEe
kNnv8Jj0Mz5rer+yiJ0zZiVihZrwxy7tLLZWoX8prmoBgbc0cFO6DaoFZu1tpD4L
AuGItFX2uQ72wS4CkitkHhHaolWP+e/pNw/5p+juu/IKmVfjBGV+ljFAclvRht2R
WhX20pPYCxPXddREUMSbLEgxEwhKcjLNpgLYvwniXlZhxtwf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:37 2024 by rpki-client on console-fra.rpki-client.org