Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/gDBmDfnbJjo0KEXm-XwyPlkEriI.roa
File: gDBmDfnbJjo0KEXm-XwyPlkEriI.roa (raw, json)
Hash identifier: 1ND0YfpWwUsZnWG9cky56NoXqRFk5AW3Ov8uX/h47G4=
Subject key identifier: 80:30:66:0D:F9:DB:26:3A:34:28:45:E6:F9:7C:32:3E:59:04:AE:22
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018C433C9CA7D2943D91C8DA46D5DEBE28DD
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/gDBmDfnbJjo0KEXm-XwyPlkEriI.roa
Signing time: Thu 07 Dec 2023 07:44:54 +0000
ROA not before: Thu 07 Dec 2023 07:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206005
IP address blocks: 2a09:1d80::/29 maxlen: 29
2a0e:6c00::/29 maxlen: 29
2a0e:8400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:3c:9c:a7:d2:94:3d:91:c8:da:46:d5:de:be:28:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Dec 7 07:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8030660df9db263a342845e6f97c323e5904ae22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:9d:9f:7e:bb:d8:bb:5f:17:b1:04:bd:6a:
61:2a:ab:55:e0:2d:0a:42:ee:a1:15:b7:cf:d4:cc:
b1:a4:e0:f4:02:6c:85:5f:e3:9e:b2:c5:3c:1b:b9:
a4:55:12:c9:81:a7:b6:ab:42:66:8f:98:0c:8d:ef:
5e:0b:1f:80:9a:18:94:83:e2:8c:94:67:02:46:e0:
f5:63:fa:f3:b8:ff:09:56:75:6d:98:97:c5:52:5a:
b2:ed:f1:2f:da:20:fd:35:7a:74:f9:e7:fb:e2:77:
70:88:b4:ba:98:4d:ec:f2:6e:d7:bd:22:38:af:f9:
d8:9c:77:d7:01:62:d5:a1:8f:a1:6b:20:ee:6d:1c:
17:4a:f1:87:3c:be:78:cd:68:fb:05:68:74:10:c1:
05:95:1d:ba:4b:0e:03:4e:42:c6:67:a4:ae:13:21:
f8:73:d3:62:fb:f0:77:c5:f9:ab:c8:a6:2f:1d:0b:
53:35:7c:0e:f4:ee:47:32:69:40:8e:1c:63:8f:7b:
5d:cc:95:2c:e2:3a:c6:93:23:c3:c1:7d:97:1e:65:
37:2c:83:af:bb:2f:5e:87:1b:3f:ba:27:fc:72:75:
f7:bc:72:ef:45:72:bf:26:6f:36:09:aa:dc:e8:e3:
9f:38:04:02:f5:be:29:28:9e:d4:30:ad:8f:1b:33:
2c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:30:66:0D:F9:DB:26:3A:34:28:45:E6:F9:7C:32:3E:59:04:AE:22
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/gDBmDfnbJjo0KEXm-XwyPlkEriI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:1d80::/29
2a0e:6c00::/29
2a0e:8400::/29
Signature Algorithm: sha256WithRSAEncryption
4a:b2:93:17:8e:5a:3e:f8:9c:b2:cc:2e:fd:4e:23:f5:52:5b:
08:6e:30:6e:15:36:25:3b:13:41:22:62:61:d9:46:0e:72:c1:
72:e8:05:be:24:4a:74:9c:e0:c6:e9:f7:52:8d:76:0b:95:61:
7c:d0:3a:34:26:90:88:a3:19:9b:30:5d:f7:85:e7:e1:81:9d:
31:ab:8c:84:f9:10:3e:e2:70:1d:21:2a:ca:5a:7d:2c:c7:42:
07:78:6e:ba:16:d1:8e:6e:76:9e:69:fc:4f:64:23:c8:a3:87:
33:dc:7f:50:97:b7:34:2d:5e:86:25:e4:d6:3d:51:4e:b0:ae:
dc:90:5e:b5:0b:a2:44:c7:b2:06:e4:85:46:60:14:a8:30:9b:
ec:e0:db:68:21:5e:a8:42:23:42:9f:7e:5e:86:fb:c3:06:45:
89:4a:7e:5b:a1:d0:91:3d:ce:6d:bb:79:da:f2:35:e9:f4:1d:
a6:bf:49:fd:da:fa:e8:88:b7:36:76:b1:a4:a7:da:48:cb:b7:
9b:ea:81:2c:24:98:11:cd:35:8a:cf:f8:ad:2e:89:fc:1b:d8:
4f:06:6a:f0:f7:ca:8f:9f:8f:78:f1:1e:5b:90:17:96:fc:75:
06:69:6f:30:26:0a:a1:e1:f6:74:d0:ba:eb:ae:40:b1:68:8a:
98:6d:4c:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxDPJyn0pQ9kcjaRtXevijdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMjA3MDc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMwNjYwZGY5ZGIyNjNhMzQyODQ1ZTZmOTdjMzIzZTU5MDRhZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdWdn3672LtfF7EEvWphKqtV4C0K
Qu6hFbfP1MyxpOD0AmyFX+OessU8G7mkVRLJgae2q0Jmj5gMje9eCx+AmhiUg+KM
lGcCRuD1Y/rzuP8JVnVtmJfFUlqy7fEv2iD9NXp0+ef74ndwiLS6mE3s8m7XvSI4
r/nYnHfXAWLVoY+hayDubRwXSvGHPL54zWj7BWh0EMEFlR26Sw4DTkLGZ6SuEyH4
c9Ni+/B3xfmryKYvHQtTNXwO9O5HMmlAjhxjj3tdzJUs4jrGkyPDwX2XHmU3LIOv
uy9ehxs/uif8cnX3vHLvRXK/Jm82Carc6OOfOAQC9b4pKJ7UMK2PGzMsswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAwZg352yY6NChF5vl8Mj5ZBK4iMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvZ0RCbURmbmJKam8wS0VYbS1Yd3lQbGtFcmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgkdgAMF
AyoObAADBQMqDoQAMA0GCSqGSIb3DQEBCwUAA4IBAQBKspMXjlo++JyyzC79TiP1
UlsIbjBuFTYlOxNBImJh2UYOcsFy6AW+JEp0nODG6fdSjXYLlWF80Do0JpCIoxmb
MF33hefhgZ0xq4yE+RA+4nAdISrKWn0sx0IHeG66FtGObnaeafxPZCPIo4cz3H9Q
l7c0LV6GJeTWPVFOsK7ckF61C6JEx7IG5IVGYBSoMJvs4NtoIV6oQiNCn35ehvvD
BkWJSn5bodCRPc5tu3na8jXp9B2mv0n92vroiLc2drGkp9pIy7eb6oEsJJgRzTWK
z/itLon8G9hPBmrw98qPn4948R5bkBeW/HUGaW8wJgqh4fZ00LrrrkCxaIqYbUzy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org