Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/dXTomZUNQpGGdzNfAIRGArJXzro.roa
File: dXTomZUNQpGGdzNfAIRGArJXzro.roa (raw, json)
Hash identifier: J7dFdDMENzPkKWQ1S66BodGMTo0CdORgbnS0KbFF5y8=
Subject key identifier: 75:74:E8:99:95:0D:42:91:86:77:33:5F:00:84:46:02:B2:57:CE:BA
Certificate issuer: /CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Certificate serial: 0186742F88519EEF9F7CBA877C6BD45138AA
Authority key identifier: E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/dXTomZUNQpGGdzNfAIRGArJXzro.roa
Signing time: Tue 21 Feb 2023 13:35:17 +0000
ROA not before: Tue 21 Feb 2023 13:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201612
IP address blocks: 2a05:7f00:188::/48 maxlen: 48
2a05:7f00:190::/48 maxlen: 48
2a05:7f00:189::/48 maxlen: 48
2a05:7f00:191::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Mar 2023 09:44:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:2f:88:51:9e:ef:9f:7c:ba:87:7c:6b:d4:51:38:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Validity
Not Before: Feb 21 13:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7574e899950d42918677335f00844602b257ceba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:ac:9d:6f:32:15:fe:65:91:62:df:a9:cc:
ad:a3:1c:7c:10:91:d9:fe:bd:06:45:44:43:de:a8:
3d:75:11:45:b9:05:b7:dd:90:d5:16:b4:55:4c:b9:
e8:80:41:79:49:b3:e6:32:52:be:f9:00:d9:c2:51:
8d:2d:bb:71:d2:31:0c:d7:82:9e:71:af:ab:24:78:
5d:a3:b9:31:df:d1:55:48:15:1e:18:c4:91:b7:f1:
80:48:e0:5c:d4:50:ea:19:0a:27:b4:df:e4:6e:8c:
21:03:df:2d:a4:7f:ec:21:cf:c5:f4:85:97:f7:a7:
18:48:34:f8:e7:ea:f6:fa:64:65:70:56:ac:d4:f7:
f9:7e:e7:ab:7b:55:d4:9e:8a:d3:3b:df:3d:dd:0f:
7b:68:a1:a3:7b:5e:9d:bf:8c:51:b2:80:4c:5f:50:
86:1e:64:da:dd:b9:ff:ba:cb:6c:ae:93:73:6d:2f:
f4:3d:76:8e:29:99:ac:40:d3:9c:46:35:2f:1a:49:
57:23:f7:96:46:ac:9c:7a:b0:93:22:94:47:59:5f:
a3:b4:54:93:d2:c5:a0:58:bf:82:03:c7:70:8a:39:
42:e3:cc:ec:2a:dc:36:43:48:72:91:6a:24:a0:67:
63:37:df:90:00:50:6c:92:a1:17:54:3b:11:69:65:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:74:E8:99:95:0D:42:91:86:77:33:5F:00:84:46:02:B2:57:CE:BA
X509v3 Authority Key Identifier:
keyid:E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/dXTomZUNQpGGdzNfAIRGArJXzro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/5c949fM57nd9p0khCpbs7Za38uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:7f00:188::/47
2a05:7f00:190::/47
Signature Algorithm: sha256WithRSAEncryption
3b:a1:64:2d:5c:48:40:58:c7:07:16:51:38:07:3f:aa:b9:1c:
59:7a:b4:ad:76:e6:23:aa:3d:6e:c0:89:e2:c6:d0:26:b4:fd:
be:87:e4:bf:1d:ed:13:6a:b7:34:ec:0f:b6:88:fa:28:93:58:
bb:9f:49:24:6e:6b:98:48:44:1b:98:dc:a9:30:d6:eb:f2:69:
6f:bc:e5:0f:73:c9:a2:f6:36:7b:d8:00:69:3b:c5:3d:2b:82:
9c:da:d6:20:18:a8:25:9d:0c:34:18:98:4c:ee:d2:55:f8:37:
a0:64:6c:fc:32:13:b8:eb:4b:cb:a3:c5:b5:ed:ac:ca:4b:ec:
5d:55:3a:e3:58:a4:9a:93:87:b7:23:d6:c8:7f:10:95:62:b5:
0b:4b:ce:86:5d:87:f8:30:20:2a:68:c0:f1:93:ff:a5:f2:5c:
a5:25:42:4a:58:14:2c:65:cd:4d:63:d9:6a:36:22:08:b0:ee:
6d:53:7c:72:8b:1c:8c:67:be:c5:c6:a0:0a:9a:3c:b1:d3:35:
43:3b:91:14:0f:e2:cd:b0:c5:a3:8d:53:e4:aa:75:80:87:7e:
e4:e3:f2:4f:1c:a4:83:21:80:ca:e9:ac:bc:c2:44:c7:43:06:
7f:f4:2f:20:18:50:c6:bc:89:3d:c4:ea:13:7f:a0:0d:9a:22:
f8:f0:1c:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ0L4hRnu+ffLqHfGvUUTiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2Y3OGY1ZjMzOWVlNzc3ZGE3NDkyMTBhOTZlY2VkOTZi
N2YyZTcwHhcNMjMwMjIxMTMzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc0ZTg5OTk1MGQ0MjkxODY3NzMzNWYwMDg0NDYwMmIyNTdjZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6snW8yFf5lkWLfqcytoxx8EJHZ
/r0GRURD3qg9dRFFuQW33ZDVFrRVTLnogEF5SbPmMlK++QDZwlGNLbtx0jEM14Ke
ca+rJHhdo7kx39FVSBUeGMSRt/GASOBc1FDqGQontN/kbowhA98tpH/sIc/F9IWX
96cYSDT45+r2+mRlcFas1Pf5fuere1XUnorTO9893Q97aKGje16dv4xRsoBMX1CG
HmTa3bn/ustsrpNzbS/0PXaOKZmsQNOcRjUvGklXI/eWRqycerCTIpRHWV+jtFST
0sWgWL+CA8dwijlC48zsKtw2Q0hykWokoGdjN9+QAFBskqEXVDsRaWW8GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHV06JmVDUKRhnczXwCERgKyV866MB8GA1UdIwQY
MBaAFOXPePXzOe53fadJIQqW7O2Wt/LnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAt
YjdkYzgzNzA2YTJhLzEvZFhUb21aVU5RcEdHZHpOZkFJUkdBckpYenJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAtYjdkYzgzNzA2YTJh
LzEvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgV/AAGI
AwcBKgV/AAGQMA0GCSqGSIb3DQEBCwUAA4IBAQA7oWQtXEhAWMcHFlE4Bz+quRxZ
erStduYjqj1uwInixtAmtP2+h+S/He0Tarc07A+2iPook1i7n0kkbmuYSEQbmNyp
MNbr8mlvvOUPc8mi9jZ72ABpO8U9K4Kc2tYgGKglnQw0GJhM7tJV+DegZGz8MhO4
60vLo8W17azKS+xdVTrjWKSak4e3I9bIfxCVYrULS86GXYf4MCAqaMDxk/+l8lyl
JUJKWBQsZc1NY9lqNiIIsO5tU3xyixyMZ77FxqAKmjyx0zVDO5EUD+LNsMWjjVPk
qnWAh37k4/JPHKSDIYDK6ay8wkTHQwZ/9C8gGFDGvIk9xOoTf6ANmiL48BzP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org