Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/xGQNO0Adtsu5vsEMvjpN2ECzapw.roa
File: xGQNO0Adtsu5vsEMvjpN2ECzapw.roa (raw, json)
Hash identifier: BrGaA0YbI6/zb/DXgNwnc8keZqcgBYVLRQ6CcAP3Hfk=
Subject key identifier: C4:64:0D:3B:40:1D:B6:CB:B9:BE:C1:0C:BE:3A:4D:D8:40:B3:6A:9C
Certificate issuer: /CN=805db5678139e2eeace89b5ee9982c35449c0b3b
Certificate serial: 018572DEE2A7DF291B15B5EDBD174112B535
Authority key identifier: 80:5D:B5:67:81:39:E2:EE:AC:E8:9B:5E:E9:98:2C:35:44:9C:0B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gF21Z4E54u6s6Jte6ZgsNUScCzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/xGQNO0Adtsu5vsEMvjpN2ECzapw.roa
Signing time: Mon 02 Jan 2023 14:24:47 +0000
ROA not before: Mon 02 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209638
IP address blocks: 2a07:900::/29 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:e2:a7:df:29:1b:15:b5:ed:bd:17:41:12:b5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=805db5678139e2eeace89b5ee9982c35449c0b3b
Validity
Not Before: Jan 2 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4640d3b401db6cbb9bec10cbe3a4dd840b36a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:a7:64:36:28:2c:9c:a4:ef:91:e1:17:c9:
0c:e2:9c:ae:69:2f:bf:0e:9a:fc:6b:18:c8:36:15:
6d:8d:1e:92:86:60:87:6b:d2:c3:c9:f7:32:71:b1:
ce:2d:5e:74:f1:16:aa:fd:c0:5e:f9:f8:9a:d9:22:
23:a1:b9:6c:55:02:4a:c3:e0:aa:cc:6a:31:0f:ae:
7a:14:6b:ee:c5:77:06:a1:5c:5d:f1:2a:b3:fa:da:
f6:32:f8:1f:1a:35:ec:4f:af:2d:88:1c:d2:fd:3f:
24:3e:6f:a1:9b:87:ec:32:c9:cf:f9:9b:2f:75:be:
3d:58:a7:7c:0a:86:6e:40:68:47:1e:02:3e:1c:b2:
44:05:da:51:5f:a7:c2:44:be:79:3c:20:24:f6:b0:
02:c1:ae:9b:3b:88:1f:8f:ab:a9:9f:cb:d0:89:c0:
3e:fa:86:bc:02:e1:b3:d6:80:a0:0e:90:8b:0d:3e:
75:c0:5d:e8:95:8e:45:8c:d5:b1:07:31:f6:9c:4a:
29:62:31:c3:33:8f:8e:4a:69:8a:9f:60:27:ef:da:
9c:71:b4:18:51:36:dc:bf:89:ba:2a:3a:9f:d8:d5:
c3:fd:2f:11:70:4a:0b:b7:2b:51:e1:61:73:ad:1a:
9f:d5:1f:4a:b1:65:11:78:55:76:5e:82:f7:23:dc:
3b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:64:0D:3B:40:1D:B6:CB:B9:BE:C1:0C:BE:3A:4D:D8:40:B3:6A:9C
X509v3 Authority Key Identifier:
keyid:80:5D:B5:67:81:39:E2:EE:AC:E8:9B:5E:E9:98:2C:35:44:9C:0B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gF21Z4E54u6s6Jte6ZgsNUScCzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/xGQNO0Adtsu5vsEMvjpN2ECzapw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/3dd082-c503-45b8-9b07-922923e898e6/1/gF21Z4E54u6s6Jte6ZgsNUScCzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:900::/29
Signature Algorithm: sha256WithRSAEncryption
52:93:ad:0b:e3:bc:dc:43:29:3a:5b:e2:79:02:fc:c1:97:9d:
47:5c:f3:5f:ab:8f:ec:3b:50:7e:a5:42:b1:9a:2a:a5:2c:ba:
1b:35:19:7a:36:3e:5c:69:b6:0e:3d:01:10:70:e4:63:7a:97:
41:dd:5f:f8:42:89:72:fc:22:aa:83:ce:41:e2:d0:47:fa:c8:
d4:04:32:e7:78:0a:43:6c:97:99:fb:aa:9b:38:34:5c:09:f5:
9e:f9:20:5a:e4:5f:4f:5b:26:8a:87:62:a6:50:39:58:c6:b7:
70:7a:49:cc:7f:fc:87:56:ee:02:ae:f9:c8:d0:62:10:82:1d:
1d:8c:96:e9:ce:5c:c4:82:b1:29:43:b9:b7:73:3e:c4:cb:31:
29:ec:25:e2:4e:ef:6c:28:36:bc:61:b8:a1:b2:9e:c8:53:f2:
b2:97:58:e0:d4:ff:df:f4:48:c3:7c:88:89:be:34:55:6a:55:
7d:eb:93:11:92:fa:c9:e3:43:e4:58:b9:14:5d:b2:bf:48:ba:
16:24:28:19:16:ec:ae:fe:3f:67:9b:a2:e9:4d:d2:d3:64:07:
80:7c:4c:4b:c0:a5:8a:38:95:ee:2a:1f:b5:ae:8b:92:08:0c:
7d:d4:18:8a:23:52:4c:cb:30:16:4f:cf:bc:2f:0e:ff:62:1b:
3e:c6:e4:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy3uKn3ykbFbXtvRdBErU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNWRiNTY3ODEzOWUyZWVhY2U4OWI1ZWU5OTgyYzM1NDQ5
YzBiM2IwHhcNMjMwMTAyMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY0MGQzYjQwMWRiNmNiYjliZWMxMGNiZTNhNGRkODQwYjM2YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0anZDYoLJyk75HhF8kM4pyuaS+/
Dpr8axjINhVtjR6ShmCHa9LDyfcycbHOLV508Raq/cBe+fia2SIjoblsVQJKw+Cq
zGoxD656FGvuxXcGoVxd8Sqz+tr2MvgfGjXsT68tiBzS/T8kPm+hm4fsMsnP+Zsv
db49WKd8CoZuQGhHHgI+HLJEBdpRX6fCRL55PCAk9rACwa6bO4gfj6upn8vQicA+
+oa8AuGz1oCgDpCLDT51wF3olY5FjNWxBzH2nEopYjHDM4+OSmmKn2An79qccbQY
UTbcv4m6Kjqf2NXD/S8RcEoLtytR4WFzrRqf1R9KsWUReFV2XoL3I9w7uQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMRkDTtAHbbLub7BDL46TdhAs2qcMB8GA1UdIwQY
MBaAFIBdtWeBOeLurOibXumYLDVEnAs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0YyMVo0RTU0dTZzNkp0ZTZaZ3NOVVNjQ3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8zZGQwODItYzUwMy00NWI4LTliMDct
OTIyOTIzZTg5OGU2LzEveEdRTk8wQWR0c3U1dnNFTXZqcE4yRUN6YXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8zZGQwODItYzUwMy00NWI4LTliMDctOTIyOTIzZTg5OGU2
LzEvZ0YyMVo0RTU0dTZzNkp0ZTZaZ3NOVVNjQ3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgcJADAN
BgkqhkiG9w0BAQsFAAOCAQEAUpOtC+O83EMpOlvieQL8wZedR1zzX6uP7DtQfqVC
sZoqpSy6GzUZejY+XGm2Dj0BEHDkY3qXQd1f+EKJcvwiqoPOQeLQR/rI1AQy53gK
Q2yXmfuqmzg0XAn1nvkgWuRfT1smiodiplA5WMa3cHpJzH/8h1buAq75yNBiEIId
HYyW6c5cxIKxKUO5t3M+xMsxKewl4k7vbCg2vGG4obKeyFPyspdY4NT/3/RIw3yI
ib40VWpVfeuTEZL6yeND5Fi5FF2yv0i6FiQoGRbsrv4/Z5ui6U3S02QHgHxMS8Cl
ijiV7iofta6LkggMfdQYiiNSTMswFk/PvC8O/2IbPsbk0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:44 2024 by rpki-client on console-ams.rpki-client.org