Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P2l1TY9l8OYg8OI0Pd15v1S4qb8.roa
File: P2l1TY9l8OYg8OI0Pd15v1S4qb8.roa (raw, json)
Hash identifier: vIY/kTHRQ0zxk75KejpeWDTJRiMVceJk9S1TAKOwUSE=
Subject key identifier: 3F:69:75:4D:8F:65:F0:E6:20:F0:E2:34:3D:DD:79:BF:54:B8:A9:BF
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CC3B6AAB3E7E2B7009EC9DB3F76C1AC0C
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P2l1TY9l8OYg8OI0Pd15v1S4qb8.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13127
IP address blocks: 2a07:3501:1081::/48 maxlen: 48
2a07:3501:1080::/48 maxlen: 48
2a04:9a00:1118::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:aa:b3:e7:e2:b7:00:9e:c9:db:3f:76:c1:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f69754d8f65f0e620f0e2343ddd79bf54b8a9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3c:4f:d8:5b:1c:96:ee:0e:05:60:1b:dc:90:
04:cd:dc:91:ab:c0:48:c1:ea:20:b3:e9:85:5d:2f:
c5:1a:c6:1a:f1:0c:48:3b:4c:d9:85:ad:66:94:9f:
ea:b1:12:9f:70:fb:c5:f4:6d:6b:36:8d:f5:47:a0:
56:5b:4d:81:dc:95:b2:ea:9e:2a:b0:82:dd:c6:77:
4a:01:0a:4c:c5:43:3b:26:7a:d5:c9:f5:f2:f5:34:
9e:f9:35:22:f0:dd:e2:46:be:66:b0:b2:19:6a:e2:
64:40:d9:6f:4d:c4:4a:ce:0b:5d:6f:6e:0e:37:db:
6e:9a:88:54:85:e5:7f:82:ca:f0:f0:a2:f9:38:69:
36:20:56:22:12:4d:5f:b7:0d:a0:7a:45:f5:69:05:
f0:33:1c:9e:12:46:09:41:1b:45:e2:46:a6:fe:44:
0d:98:62:28:09:f7:ef:c0:a1:48:0a:6f:9b:0e:ba:
61:92:76:f7:86:db:0d:34:dd:be:4e:45:f2:f4:7d:
84:0b:90:14:23:a6:6f:1b:6b:a8:b8:4f:98:8b:4a:
b2:a5:df:72:18:1b:d9:5e:bf:b1:fb:51:34:a0:2b:
cf:05:aa:6a:5b:d9:e0:f8:95:b9:d4:37:7d:76:bb:
89:1e:ed:47:4f:03:2e:94:02:a4:6a:c0:bf:e1:bc:
c6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:69:75:4D:8F:65:F0:E6:20:F0:E2:34:3D:DD:79:BF:54:B8:A9:BF
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P2l1TY9l8OYg8OI0Pd15v1S4qb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1118::/48
2a07:3501:1080::/47
Signature Algorithm: sha256WithRSAEncryption
1e:c4:9a:ab:35:8e:2e:ad:98:de:48:77:ca:d8:e7:33:c2:7d:
77:ac:99:31:3d:85:86:89:82:73:19:74:10:14:ef:64:c9:00:
ed:4f:8c:c3:a7:46:4a:16:8e:70:b2:b7:3d:ff:27:82:d5:69:
7f:01:0d:e3:9c:3e:8e:44:5f:5e:07:b4:10:d5:5a:1f:3e:81:
a3:5a:22:02:66:f1:e1:4e:45:44:24:fd:a3:04:cb:ca:f0:9e:
72:bf:38:48:32:90:b9:f1:19:55:6a:d6:d7:f2:ea:5c:67:b9:
3a:4e:99:40:aa:1b:6b:00:cd:4b:b5:aa:02:c7:12:24:b2:ed:
46:d5:1d:df:0d:e6:7f:54:84:18:d5:39:6d:9e:cc:01:96:22:
1c:44:e6:77:a3:02:d1:36:6f:bc:94:67:04:09:40:3f:e6:c2:
22:55:03:e5:2b:3a:6c:55:64:06:ab:23:3b:0c:e4:38:4a:e4:
bb:f3:b9:c1:f1:8a:b1:57:6a:43:a6:c0:0b:41:5f:e6:96:ce:
37:4a:2c:2c:a5:5a:dc:6a:b8:ca:b0:e5:a4:33:c9:fb:e4:cc:
dc:50:19:ec:c7:31:59:d5:e5:58:01:57:3d:f9:97:ba:ec:1c:
67:33:3b:83:22:90:53:1d:e3:f7:2a:40:7f:09:eb:8f:e6:60:
12:35:b7:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtqqz5+K3AJ7J2z92wawMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjY5NzU0ZDhmNjVmMGU2MjBmMGUyMzQzZGRkNzliZjU0YjhhOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjxP2Fsclu4OBWAb3JAEzdyRq8BI
weogs+mFXS/FGsYa8QxIO0zZha1mlJ/qsRKfcPvF9G1rNo31R6BWW02B3JWy6p4q
sILdxndKAQpMxUM7JnrVyfXy9TSe+TUi8N3iRr5msLIZauJkQNlvTcRKzgtdb24O
N9tumohUheV/gsrw8KL5OGk2IFYiEk1ftw2gekX1aQXwMxyeEkYJQRtF4kam/kQN
mGIoCffvwKFICm+bDrphknb3htsNNN2+TkXy9H2EC5AUI6ZvG2uouE+Yi0qypd9y
GBvZXr+x+1E0oCvPBapqW9ng+JW51Dd9druJHu1HTwMulAKkasC/4bzGrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD9pdU2PZfDmIPDiND3deb9UuKm/MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvUDJsMVRZOWw4T1lnOE9JMFBkMTV2MVM0cWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgSaABEY
AwcBKgc1ARCAMA0GCSqGSIb3DQEBCwUAA4IBAQAexJqrNY4urZjeSHfK2Oczwn13
rJkxPYWGiYJzGXQQFO9kyQDtT4zDp0ZKFo5wsrc9/yeC1Wl/AQ3jnD6ORF9eB7QQ
1VofPoGjWiICZvHhTkVEJP2jBMvK8J5yvzhIMpC58RlVatbX8upcZ7k6TplAqhtr
AM1LtaoCxxIksu1G1R3fDeZ/VIQY1TltnswBliIcROZ3owLRNm+8lGcECUA/5sIi
VQPlKzpsVWQGqyM7DOQ4SuS787nB8YqxV2pDpsALQV/mls43SiwspVrcarjKsOWk
M8n75MzcUBnsxzFZ1eVYAVc9+Ze67BxnMzuDIpBTHeP3KkB/CeuP5mASNbeU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org