Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/rD96Bm4ZK-2bXE7k0JIOh9ZW4GA.roa
File: rD96Bm4ZK-2bXE7k0JIOh9ZW4GA.roa (raw, json)
Hash identifier: 02guv5Cb3YBMuZYtpW8BV7DwnpWyM4r+eT/s1/S52P8=
Subject key identifier: AC:3F:7A:06:6E:19:2B:ED:9B:5C:4E:E4:D0:92:0E:87:D6:56:E0:60
Certificate issuer: /CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Certificate serial: 018EEFF133EE38FF1B3784B7FDA55515C3C8
Authority key identifier: 99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/rD96Bm4ZK-2bXE7k0JIOh9ZW4GA.roa
Signing time: Thu 18 Apr 2024 06:42:25 +0000
ROA not before: Thu 18 Apr 2024 06:42:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215137
IP address blocks: 2a07:5900::/29 maxlen: 29
2a07:5900::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 18 Apr 2024 13:20:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:f1:33:ee:38:ff:1b:37:84:b7:fd:a5:55:15:c3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Validity
Not Before: Apr 18 06:42:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac3f7a066e192bed9b5c4ee4d0920e87d656e060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:62:64:63:d9:a4:4f:85:9d:fd:56:33:af:
2e:46:f3:89:77:c2:6e:37:09:e6:fb:60:cc:2b:2d:
e8:d9:dd:2a:23:8e:b7:02:e8:67:5d:67:4d:bc:bf:
69:ad:ea:51:65:66:41:f9:8f:1b:3a:ae:9f:87:ec:
e5:64:20:18:6f:50:00:38:a2:0d:81:f7:01:aa:25:
75:42:55:15:28:f5:a3:ea:95:bb:9f:43:40:04:62:
24:59:62:05:4d:7f:c6:97:49:3a:f4:51:ad:c9:5c:
08:c3:3a:1e:12:9e:3f:bc:29:49:e1:fe:c8:16:f3:
02:a5:a0:02:c7:ae:7f:b9:cb:03:e0:de:38:f2:af:
1a:b3:73:07:04:d4:4d:dc:36:95:44:05:4a:b1:94:
7b:b1:32:c9:95:36:da:77:c4:f3:82:ac:1b:e7:10:
e6:a7:ee:e8:ef:1b:09:02:9b:d1:34:b6:37:8e:7c:
9a:63:97:48:08:5e:fe:f0:e5:7c:0c:8b:64:f9:94:
5f:48:0a:34:c5:7f:2c:53:ac:92:44:4e:72:f5:85:
ce:44:94:b2:ec:a6:58:ca:20:cc:8d:27:15:65:b9:
2a:40:6b:db:de:dd:5b:d8:ec:41:c9:f2:f5:52:89:
91:53:63:e2:db:96:e8:30:9b:13:ec:05:55:22:ac:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3F:7A:06:6E:19:2B:ED:9B:5C:4E:E4:D0:92:0E:87:D6:56:E0:60
X509v3 Authority Key Identifier:
keyid:99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/rD96Bm4ZK-2bXE7k0JIOh9ZW4GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5900::/29
Signature Algorithm: sha256WithRSAEncryption
23:b0:c3:e9:bd:b9:59:81:85:a7:47:e0:cd:46:a4:33:87:e3:
c3:c8:a8:50:13:d2:a9:5f:db:d9:28:61:c0:a8:0a:50:c5:1d:
9f:5f:fe:bb:ab:73:63:2f:7a:b3:af:24:cb:7d:9a:7a:88:1a:
78:a6:a2:72:74:a8:87:fb:f9:7b:13:b2:de:e7:b9:8e:3b:94:
c2:8b:f7:eb:a8:9a:f4:a8:67:49:eb:58:82:e5:70:6d:9d:ac:
f9:28:d9:e7:84:df:36:d1:4a:47:0c:34:8f:02:e5:e4:79:94:
42:d2:09:df:dc:0f:a2:98:4e:4e:45:29:59:e3:cc:d6:b0:ee:
c5:5e:65:88:a9:77:4b:e6:1d:f8:9c:c2:b3:f3:44:5e:98:34:
dc:7a:d0:3f:83:ee:b6:ea:c6:7f:34:46:ec:9a:13:16:55:2f:
2c:80:cf:9e:e2:9f:d1:51:28:64:48:d4:9e:4b:00:ec:b4:e9:
68:21:1f:1d:c4:14:da:f2:50:f8:4c:33:91:43:73:98:99:b8:
7e:e6:d6:c6:3b:9e:09:d3:d3:40:32:c3:db:10:fc:6b:58:60:
97:d5:1d:6c:af:db:c8:02:64:ac:7c:67:11:09:6a:e0:08:42:
ec:60:15:3d:1c:46:95:c5:b0:04:e8:ce:fd:31:b1:b3:23:ee:
bb:27:f4:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7v8TPuOP8bN4S3/aVVFcPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjhmZDI5MmM4YTFiODk2Yjg3NTIzNDRhM2RhOTIzNzhm
MmFlNWEwHhcNMjQwNDE4MDY0MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNmN2EwNjZlMTkyYmVkOWI1YzRlZTRkMDkyMGU4N2Q2NTZlMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjytiZGPZpE+Fnf1WM68uRvOJd8Ju
Nwnm+2DMKy3o2d0qI463AuhnXWdNvL9prepRZWZB+Y8bOq6fh+zlZCAYb1AAOKIN
gfcBqiV1QlUVKPWj6pW7n0NABGIkWWIFTX/Gl0k69FGtyVwIwzoeEp4/vClJ4f7I
FvMCpaACx65/ucsD4N448q8as3MHBNRN3DaVRAVKsZR7sTLJlTbad8Tzgqwb5xDm
p+7o7xsJApvRNLY3jnyaY5dICF7+8OV8DItk+ZRfSAo0xX8sU6ySRE5y9YXORJSy
7KZYyiDMjScVZbkqQGvb3t1b2OxByfL1UomRU2Pi25boMJsT7AVVIqxuRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKw/egZuGSvtm1xO5NCSDofWVuBgMB8GA1UdIwQY
MBaAFJm4/SksihuJa4dSNEo9qSN48q5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDkt
N2VlYWQxNDYxYTU0LzEvckQ5NkJtNFpLLTJiWEU3azBKSU9oOVpXNEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDktN2VlYWQxNDYxYTU0
LzEvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdZADAN
BgkqhkiG9w0BAQsFAAOCAQEAI7DD6b25WYGFp0fgzUakM4fjw8ioUBPSqV/b2Shh
wKgKUMUdn1/+u6tzYy96s68ky32aeogaeKaicnSoh/v5exOy3ue5jjuUwov366ia
9KhnSetYguVwbZ2s+SjZ54TfNtFKRww0jwLl5HmUQtIJ39wPophOTkUpWePM1rDu
xV5liKl3S+Yd+JzCs/NEXpg03HrQP4PuturGfzRG7JoTFlUvLIDPnuKf0VEoZEjU
nksA7LTpaCEfHcQU2vJQ+EwzkUNzmJm4fubWxjueCdPTQDLD2xD8a1hgl9UdbK/b
yAJkrHxnEQlq4AhC7GAVPRxGlcWwBOjO/TGxsyPuuyf0QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:42 2024 by rpki-client on console-fra.rpki-client.org