Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/PA7zxD57DrZMsaiCXzbQ3-dqwhA.roa
File: PA7zxD57DrZMsaiCXzbQ3-dqwhA.roa (raw, json)
Hash identifier: PdwnqLFiFFl2A/pH75oR1oUrWudZPvQyN0yIZF0KiW4=
Subject key identifier: 3C:0E:F3:C4:3E:7B:0E:B6:4C:B1:A8:82:5F:36:D0:DF:E7:6A:C2:10
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 0186A9AEA53F0E3551C94155557BEB1D8ACB
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/PA7zxD57DrZMsaiCXzbQ3-dqwhA.roa
Signing time: Fri 03 Mar 2023 22:54:00 +0000
ROA not before: Fri 03 Mar 2023 22:54:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199553
IP address blocks: 2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jul 2023 10:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a9:ae:a5:3f:0e:35:51:c9:41:55:55:7b:eb:1d:8a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Mar 3 22:54:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c0ef3c43e7b0eb64cb1a8825f36d0dfe76ac210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:93:1b:f6:cd:6b:57:8a:e2:1d:f4:5a:09:7d:
3d:e8:ba:c5:32:e1:ee:ec:5b:ca:bb:64:82:67:81:
69:c9:73:bc:04:97:aa:b8:da:f6:a0:b5:44:f6:74:
cd:a9:d4:28:9f:a9:bb:8d:76:70:9e:93:08:30:85:
aa:e8:5c:19:04:a1:cf:85:4a:75:fe:84:a3:c7:b9:
77:96:d4:26:bc:1f:b2:a7:0f:2c:61:9d:71:b3:ac:
24:77:1b:5b:e2:13:44:ef:7d:9c:c7:ad:0c:41:4e:
11:d4:2d:8f:c3:54:1e:bc:99:9b:1d:d8:f1:df:e4:
74:56:fc:11:a9:c3:9e:c7:bf:12:78:14:72:99:0e:
60:54:02:10:92:0d:f6:89:68:6e:f7:61:10:35:53:
62:b7:27:20:cd:ad:3b:a1:6f:50:a4:ae:82:8e:bc:
26:6e:0c:e5:f8:8f:a3:7b:b5:3d:d3:46:7a:45:ab:
80:cf:5f:91:cc:7f:38:27:0d:33:e5:ff:8a:b9:47:
4d:a3:a3:5d:67:b1:8e:36:ef:fd:37:c5:ef:bb:ee:
aa:1c:de:90:8f:8a:9c:79:a5:61:4c:fd:e2:e3:76:
8a:21:b2:79:a9:97:c7:6e:4e:82:ce:18:d0:4d:b6:
20:7c:a4:f7:6e:21:01:89:46:a7:b7:12:11:06:3c:
19:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0E:F3:C4:3E:7B:0E:B6:4C:B1:A8:82:5F:36:D0:DF:E7:6A:C2:10
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/PA7zxD57DrZMsaiCXzbQ3-dqwhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:8e:ed:ef:91:17:7f:06:b3:05:28:af:05:69:ca:8a:3e:0b:
37:ea:71:6e:c7:af:3f:16:06:47:53:3e:c1:7c:0e:66:32:0d:
5f:5c:92:c9:30:29:4b:20:9c:07:bf:9f:a2:5a:dd:2b:32:31:
da:f5:ad:35:45:9a:10:b7:63:f3:54:d7:88:01:86:ee:2e:50:
2f:46:ec:34:56:69:7d:4b:cc:e4:5e:d8:f6:8d:86:a0:e6:12:
dc:e7:97:ac:4d:41:b5:a1:1b:bc:90:66:86:8f:d4:65:e3:54:
fa:04:8b:f9:8d:2c:8b:8d:71:6c:1e:60:c2:1d:73:72:d9:99:
7c:60:d3:32:f3:c6:04:d8:ab:f4:fe:ce:bb:c0:f2:4f:6b:1d:
74:95:fc:d4:5a:72:68:cd:dc:50:8a:36:16:7b:5c:66:97:42:
7e:a8:4d:b4:ec:10:a7:96:43:2f:70:fc:03:64:f7:81:02:6e:
c2:e8:38:03:52:d7:b8:83:5c:83:8b:58:0e:38:ee:ef:22:c4:
39:b4:21:36:c6:25:c9:b6:92:80:f8:72:7d:bb:4a:be:dd:0d:
93:eb:7a:a4:17:c7:d3:33:ce:22:3b:27:7b:ce:9d:53:b2:d5:
e1:12:31:b2:50:dc:d8:0f:1d:2a:73:4a:21:f9:94:65:0f:18:
93:b3:32:e5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYaprqU/DjVRyUFVVXvrHYrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjMwMzAzMjI1NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzBlZjNjNDNlN2IwZWI2NGNiMWE4ODI1ZjM2ZDBkZmU3NmFjMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pMb9s1rV4riHfRaCX096LrFMuHu
7FvKu2SCZ4FpyXO8BJequNr2oLVE9nTNqdQon6m7jXZwnpMIMIWq6FwZBKHPhUp1
/oSjx7l3ltQmvB+ypw8sYZ1xs6wkdxtb4hNE732cx60MQU4R1C2Pw1QevJmbHdjx
3+R0VvwRqcOex78SeBRymQ5gVAIQkg32iWhu92EQNVNitycgza07oW9QpK6Cjrwm
bgzl+I+je7U900Z6RauAz1+RzH84Jw0z5f+KuUdNo6NdZ7GONu/9N8Xvu+6qHN6Q
j4qceaVhTP3i43aKIbJ5qZfHbk6CzhjQTbYgfKT3biEBiUantxIRBjwZUQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDwO88Q+ew62TLGogl820N/nasIQMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvUEE3enhENTdEclpNc2FpQ1h6YlEzLWRxd2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgkpQAMF
AyoK5cAwDQYJKoZIhvcNAQELBQADggEBAF+O7e+RF38GswUorwVpyoo+CzfqcW7H
rz8WBkdTPsF8DmYyDV9ckskwKUsgnAe/n6Ja3SsyMdr1rTVFmhC3Y/NU14gBhu4u
UC9G7DRWaX1LzORe2PaNhqDmEtznl6xNQbWhG7yQZoaP1GXjVPoEi/mNLIuNcWwe
YMIdc3LZmXxg0zLzxgTYq/T+zrvA8k9rHXSV/NRacmjN3FCKNhZ7XGaXQn6oTbTs
EKeWQy9w/ANk94ECbsLoOANS17iDXIOLWA447u8ixDm0ITbGJcm2koD4cn27Sr7d
DZPreqQXx9MzziI7J3vOnVOy1eESMbJQ3NgPHSpzSiH5lGUPGJOzMuU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:07 2024 by rpki-client on console-fra.rpki-client.org