Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PWSdE_c0-RlSucQACG2CEUu8Lr8.roa
File: PWSdE_c0-RlSucQACG2CEUu8Lr8.roa (raw, json)
Hash identifier: Fx1XmOCwg0ymss1Tt5oxYP8NlSI+OTEawb6zcMwSTd0=
Subject key identifier: 3D:64:9D:13:F7:34:F9:19:52:B9:C4:00:08:6D:82:11:4B:BC:2E:BF
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AEACDF7EBE2EEF767E5F065C98478
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PWSdE_c0-RlSucQACG2CEUu8Lr8.roa
Signing time: Mon 01 Jan 2024 18:30:47 +0000
ROA not before: Mon 01 Jan 2024 18:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207781
IP address blocks: 2a09:e1c1:efce::/48 maxlen: 48
2a09:e1c1:efc3::/48 maxlen: 48
2a09:e1c1:efc4::/48 maxlen: 48
2a09:e1c1:efc9::/48 maxlen: 48
2a09:e1c1:efca::/48 maxlen: 48
2a09:e1c1:efcf::/48 maxlen: 48
2a09:e1c1:efc0::/48 maxlen: 48
2a09:e1c1:efc5::/48 maxlen: 48
2a09:e1c1:efc6::/48 maxlen: 48
2a09:e1c1:efcb::/48 maxlen: 48
2a09:e1c1:efcc::/48 maxlen: 48
2a09:e1c1:efc1::/48 maxlen: 48
2a09:e1c1:efc2::/48 maxlen: 48
2a09:e1c1:efc7::/48 maxlen: 48
2a09:e1c1:efc8::/48 maxlen: 48
2a09:e1c1:efcd::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 17:38:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ea:cd:f7:eb:e2:ee:f7:67:e5:f0:65:c9:84:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d649d13f734f91952b9c400086d82114bbc2ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:6d:a1:87:93:75:d4:db:f4:73:40:89:ac:
c2:a3:05:73:92:07:63:bd:eb:aa:83:67:52:1a:f8:
6b:f6:b2:bf:db:41:7a:8b:56:74:04:4e:e9:d0:6d:
d6:68:08:36:07:eb:45:44:3b:e7:18:29:7f:04:74:
f0:73:32:52:50:fb:7b:d4:cd:c1:e8:b6:cd:c8:45:
e1:00:7c:8a:04:5f:dd:41:2b:b9:66:24:f1:45:36:
1a:0e:39:6b:73:7a:1f:9a:77:9b:a7:33:ff:ba:f3:
d8:95:d4:a0:d0:ab:43:8f:c4:ed:db:e4:41:4a:b2:
eb:79:ed:98:24:75:90:5b:cd:e6:83:e3:2b:a4:ed:
1f:ab:51:f6:b1:1f:17:6f:58:0b:00:33:6c:65:07:
29:33:23:41:58:bd:a6:15:3e:af:43:aa:e7:a3:a5:
5f:6b:98:29:a1:29:a4:d5:35:79:55:63:d1:7c:c8:
73:87:9b:cf:8a:03:4d:fc:af:12:d5:10:97:17:8c:
59:9e:30:69:d7:ba:9d:d5:2c:06:08:de:6e:3d:d8:
d0:2c:51:af:f1:fd:ae:63:7d:b4:3a:f0:7a:bd:e2:
da:94:82:49:d3:b8:c5:43:75:2e:9c:67:18:90:de:
38:59:d2:f1:e9:1b:10:a1:49:75:62:9c:89:6a:b5:
5a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:64:9D:13:F7:34:F9:19:52:B9:C4:00:08:6D:82:11:4B:BC:2E:BF
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/PWSdE_c0-RlSucQACG2CEUu8Lr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efc0::/44
Signature Algorithm: sha256WithRSAEncryption
25:5c:ac:6c:7a:7b:6d:ed:e8:6b:7f:06:08:9a:00:db:0b:fc:
e4:ce:b0:19:56:e7:0e:f4:41:8a:ba:74:52:50:4a:74:9c:0f:
06:41:65:8d:26:9f:4f:5e:04:e3:f0:6d:3b:16:53:39:63:de:
2c:9c:4e:dd:9c:5d:d7:4c:87:75:05:58:15:33:04:dc:dd:16:
9c:61:d7:bb:81:61:2a:71:63:fb:06:bc:0f:5d:57:38:2f:5e:
6a:d1:87:36:6d:f1:33:08:89:d3:91:4e:31:69:df:7b:b8:8c:
3f:20:e4:38:9a:34:49:f2:28:dd:d8:43:47:7e:94:4e:17:65:
0b:65:77:2b:0f:18:ab:3a:6b:fa:07:e9:dd:9c:58:98:0f:4b:
4e:bb:85:ba:11:3b:b7:d6:0a:0f:ac:96:05:bf:c4:78:d6:43:
50:0f:67:4b:24:aa:34:66:49:98:64:bc:b9:55:23:6e:3c:7f:
d9:17:b0:37:a7:48:18:2f:ee:43:c6:86:31:85:4a:39:a7:7c:
72:b1:5c:61:41:b6:05:49:95:bc:79:22:dc:ca:bc:55:c8:2c:
16:6f:5d:63:e9:78:84:62:69:bf:3e:af:8c:c3:1c:42:7f:1f:
1f:e0:8e:66:38:dd:75:7a:49:9b:e4:8f:a5:23:8e:65:89:79:
00:42:f4:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSurN9+vi7vdn5fBlyYR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY0OWQxM2Y3MzRmOTE5NTJiOWM0MDAwODZkODIxMTRiYmMyZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL5toYeTddTb9HNAiazCowVzkgdj
veuqg2dSGvhr9rK/20F6i1Z0BE7p0G3WaAg2B+tFRDvnGCl/BHTwczJSUPt71M3B
6LbNyEXhAHyKBF/dQSu5ZiTxRTYaDjlrc3ofmnebpzP/uvPYldSg0KtDj8Tt2+RB
SrLree2YJHWQW83mg+MrpO0fq1H2sR8Xb1gLADNsZQcpMyNBWL2mFT6vQ6rno6Vf
a5gpoSmk1TV5VWPRfMhzh5vPigNN/K8S1RCXF4xZnjBp17qd1SwGCN5uPdjQLFGv
8f2uY320OvB6veLalIJJ07jFQ3UunGcYkN44WdLx6RsQoUl1YpyJarVa6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD1knRP3NPkZUrnEAAhtghFLvC6/MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvUFdTZEVfYzAtUmxTdWNRQUNHMkNFVXU4THI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAlXKxsentt7ehrfwYImgDbC/zkzrAZVucO9EGK
unRSUEp0nA8GQWWNJp9PXgTj8G07FlM5Y94snE7dnF3XTId1BVgVMwTc3RacYde7
gWEqcWP7BrwPXVc4L15q0Yc2bfEzCInTkU4xad97uIw/IOQ4mjRJ8ijd2ENHfpRO
F2ULZXcrDxirOmv6B+ndnFiYD0tOu4W6ETu31goPrJYFv8R41kNQD2dLJKo0ZkmY
ZLy5VSNuPH/ZF7A3p0gYL+5DxoYxhUo5p3xysVxhQbYFSZW8eSLcyrxVyCwWb11j
6XiEYmm/Pq+MwxxCfx8f4I5mON11ekmb5I+lI45liXkAQvSp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org