Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_5L-PSEIDBPcMxHjH3njgGI3qug.roa
File: _5L-PSEIDBPcMxHjH3njgGI3qug.roa (raw, json)
Hash identifier: YHVJ+ihk5IXL/87/OCwC3VOP8A/OfNo+PfVVHtFFOUQ=
Subject key identifier: FF:92:FE:3D:21:08:0C:13:DC:33:11:E3:1F:79:E3:80:62:37:AA:E8
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE9E41007B96E51051D88BFF28FBE
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_5L-PSEIDBPcMxHjH3njgGI3qug.roa
Signing time: Mon 01 Jan 2024 18:30:47 +0000
ROA not before: Mon 01 Jan 2024 18:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 2a09:e1c1:efd0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 17:38:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e9:e4:10:07:b9:6e:51:05:1d:88:bf:f2:8f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff92fe3d21080c13dc3311e31f79e3806237aae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fa:ac:6f:44:6e:75:40:fd:ac:c4:7b:4d:77:
49:4b:91:68:38:eb:70:6a:04:3f:16:cb:61:49:1e:
c9:1d:25:a3:5b:67:9a:30:7f:5a:20:b1:81:3d:8e:
67:16:73:50:bc:a8:fc:6e:e9:54:b2:5b:9a:60:26:
0d:b6:48:02:f3:97:11:ef:85:5d:6a:a5:f0:12:71:
2e:d2:de:1a:76:96:43:c8:b0:97:f2:df:0c:ea:ac:
4c:58:63:f9:13:8b:b6:7a:ab:87:84:29:9e:ba:ab:
5b:c1:76:ab:14:7c:cd:e6:b7:85:43:00:8d:fc:65:
27:9c:11:7d:aa:43:28:fe:81:e8:29:4b:6f:c5:43:
39:55:53:b1:af:a0:07:f6:2e:c5:80:db:51:71:c4:
d1:e7:b8:d8:ff:df:f1:96:8a:af:8a:e3:f9:3e:ac:
08:d7:f8:21:4a:52:e0:4f:db:8e:32:03:4b:cd:36:
74:04:46:a8:02:4c:e8:0c:05:39:86:70:92:8f:3e:
b5:f4:7e:af:74:fa:75:a3:ac:a1:80:62:00:b3:fb:
ec:46:06:87:6f:91:2e:46:be:76:be:88:14:90:f6:
89:cd:61:58:50:ed:a0:db:70:46:cf:83:df:51:83:
54:d0:51:b5:3f:52:1b:1a:d0:a8:45:8e:01:10:7f:
c8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:92:FE:3D:21:08:0C:13:DC:33:11:E3:1F:79:E3:80:62:37:AA:E8
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_5L-PSEIDBPcMxHjH3njgGI3qug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:efd0::/44
Signature Algorithm: sha256WithRSAEncryption
37:99:88:f4:72:4e:84:fe:4b:4d:04:80:b6:da:6d:fc:55:80:
ee:14:e5:6c:69:fa:e7:85:0c:59:fd:51:84:0c:2a:94:4f:c8:
d3:9f:8f:ff:5b:9a:b2:23:a7:16:dd:05:50:af:74:40:bb:a5:
f7:ee:7a:79:ae:03:3e:66:95:f0:cb:32:54:34:06:9e:9c:58:
e9:e7:08:7d:f0:cc:76:df:7f:08:5d:76:5c:95:79:ab:73:c5:
6a:e2:39:97:25:39:e1:7d:25:5f:ff:47:bb:e6:e6:b2:ca:5a:
d6:f6:ee:07:69:d4:98:24:1e:fe:60:4d:9f:e2:4a:3f:60:76:
b9:4e:72:12:19:aa:2e:a1:53:02:2c:3e:e1:de:1a:27:8d:ab:
47:93:53:c7:a6:c1:e9:ba:74:5d:e2:09:62:b9:7e:70:91:b9:
13:d4:68:79:6e:b5:57:82:30:86:29:b2:a9:f0:89:f5:d1:c2:
94:81:03:d1:1c:f4:f2:12:5f:e3:21:5e:42:24:89:f0:fd:68:
5d:e4:a3:64:47:c4:b7:c1:10:43:f3:0c:ef:f5:54:61:b1:5b:
90:2d:5f:58:00:f4:71:5a:74:a4:90:d9:74:b7:69:ca:9b:e1:
ac:f9:6c:fd:4a:d3:51:92:fa:01:22:3d:5d:a0:f1:77:00:f6:
ef:25:d9:dc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSunkEAe5blEFHYi/8o++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkyZmUzZDIxMDgwYzEzZGMzMzExZTMxZjc5ZTM4MDYyMzdhYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvqsb0RudUD9rMR7TXdJS5FoOOtw
agQ/FsthSR7JHSWjW2eaMH9aILGBPY5nFnNQvKj8bulUsluaYCYNtkgC85cR74Vd
aqXwEnEu0t4adpZDyLCX8t8M6qxMWGP5E4u2equHhCmeuqtbwXarFHzN5reFQwCN
/GUnnBF9qkMo/oHoKUtvxUM5VVOxr6AH9i7FgNtRccTR57jY/9/xloqviuP5PqwI
1/ghSlLgT9uOMgNLzTZ0BEaoAkzoDAU5hnCSjz619H6vdPp1o6yhgGIAs/vsRgaH
b5EuRr52vogUkPaJzWFYUO2g23BGz4PfUYNU0FG1P1IbGtCoRY4BEH/ImwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP+S/j0hCAwT3DMR4x9544BiN6roMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvXzVMLVBTRUlEQlBjTXhIakgzbmpnR0kzcXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwe/Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA3mYj0ck6E/ktNBIC22m38VYDuFOVsafrnhQxZ
/VGEDCqUT8jTn4//W5qyI6cW3QVQr3RAu6X37np5rgM+ZpXwyzJUNAaenFjp5wh9
8Mx2338IXXZclXmrc8Vq4jmXJTnhfSVf/0e75uayylrW9u4HadSYJB7+YE2f4ko/
YHa5TnISGaouoVMCLD7h3honjatHk1PHpsHpunRd4gliuX5wkbkT1Gh5brVXgjCG
KbKp8In10cKUgQPRHPTyEl/jIV5CJInw/Whd5KNkR8S3wRBD8wzv9VRhsVuQLV9Y
APRxWnSkkNl0t2nKm+Gs+Wz9StNRkvoBIj1doPF3APbvJdnc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org