Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/hCW2q6_JkpAoVn0RW84GSODdoQ8.roa
File: hCW2q6_JkpAoVn0RW84GSODdoQ8.roa (raw, json)
Hash identifier: S2knBKUioN+GqX7w1lsW+IXZNEWA3MFffEoUiuT42wo=
Subject key identifier: 84:25:B6:AB:AF:C9:92:90:28:56:7D:11:5B:CE:06:48:E0:DD:A1:0F
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 0189FDA91A2A2C4FF24E60C7150FE8EA0143
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/hCW2q6_JkpAoVn0RW84GSODdoQ8.roa
Signing time: Wed 16 Aug 2023 09:24:25 +0000
ROA not before: Wed 16 Aug 2023 09:24:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 2a0d:4941::/32 maxlen: 32
2a0d:4943::/32 maxlen: 32
2a0d:4947::/32 maxlen: 32
2a0d:4940::/29 maxlen: 29
2a0d:4944::/32 maxlen: 32
2a0d:1dc0::/29 maxlen: 29
2a0f:4780::/29 maxlen: 29
2a0d:4946::/32 maxlen: 32
2a0d:4945::/32 maxlen: 32
2a0d:4942::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:a9:1a:2a:2c:4f:f2:4e:60:c7:15:0f:e8:ea:01:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Aug 16 09:24:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8425b6abafc9929028567d115bce0648e0dda10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d7:b6:6e:a0:6b:9b:9e:a0:53:50:eb:df:45:
a4:f8:67:67:c0:2a:90:65:57:a9:52:10:e4:c5:d3:
f0:be:78:db:5d:f3:30:c8:84:d6:a5:98:9d:46:6f:
58:7d:df:40:d0:5a:a6:5f:58:8c:5d:53:5e:bc:26:
ae:f3:a0:08:d3:21:f3:ce:85:4e:47:e0:0c:2c:49:
c0:77:d9:0b:08:15:a7:ef:d8:9d:f2:74:53:28:97:
59:c5:2b:7c:52:03:49:f2:3f:d1:33:86:c0:d6:84:
61:33:98:d5:62:ab:33:3e:28:12:86:86:0b:43:ee:
01:92:3b:4c:0a:97:71:e5:34:23:a2:fd:41:b7:c6:
24:b5:49:65:25:31:d1:74:5e:a9:f0:05:2f:f6:7a:
08:d7:aa:5f:ee:f4:8c:4c:71:ad:f8:ac:b8:57:c7:
be:78:1f:0a:4e:0b:86:2d:31:e4:3b:f9:4e:b6:f7:
67:11:c2:2c:8c:f3:1b:43:30:a3:ee:81:1d:23:07:
4b:d2:82:6e:6c:b1:ec:fa:25:7b:12:39:5b:21:0c:
1f:84:3a:08:35:41:b0:22:e4:08:68:62:41:b3:93:
b4:e4:e3:17:c8:6b:6c:43:a8:f3:36:ec:f3:35:88:
92:ec:26:1b:b7:df:d0:ad:1c:3b:65:85:9d:39:7b:
de:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:25:B6:AB:AF:C9:92:90:28:56:7D:11:5B:CE:06:48:E0:DD:A1:0F
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/hCW2q6_JkpAoVn0RW84GSODdoQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1dc0::/29
2a0d:4940::/29
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
5a:5e:76:54:9a:57:ba:8d:a9:e8:ae:db:00:50:5a:74:cb:15:
e7:fb:d5:4f:a6:82:0a:c2:1e:7c:4c:de:7b:32:b8:6f:b9:7e:
6a:29:82:f1:29:a6:77:e6:2f:7d:23:0d:5c:c3:41:04:56:3a:
e3:41:6d:a2:c0:a9:8f:68:51:01:85:54:57:26:37:31:a7:78:
1e:81:35:6e:35:82:6b:c2:1c:e0:01:be:a0:42:f5:39:1f:26:
c6:02:e2:4a:63:fe:a7:51:ca:89:52:f2:49:05:41:24:93:5f:
e0:ed:aa:f2:80:3f:bf:ea:7d:28:90:c7:33:86:9b:6f:fb:cb:
a0:76:00:e8:f4:bc:95:94:a4:82:f3:6d:c3:ae:ad:8c:f4:2c:
89:aa:81:94:3b:56:b7:18:a4:16:7b:0f:73:6b:da:dc:37:9f:
d5:dd:07:e0:84:5d:51:19:54:89:5e:79:c8:96:b2:45:55:b3:
92:5e:dd:ce:c7:f1:d9:fb:ee:a0:44:0b:c4:c7:03:31:db:a8:
7f:89:e8:1c:05:a4:a6:21:5c:6a:91:54:ea:07:0f:df:9b:fa:
74:36:e8:f0:79:e1:16:93:64:bb:a9:d2:c3:60:2b:52:a4:2d:
55:46:9a:91:fa:3d:c2:2a:f5:f9:44:cd:9b:23:e8:8c:d1:5c:
cd:bf:04:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYn9qRoqLE/yTmDHFQ/o6gFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjMwODE2MDkyNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDI1YjZhYmFmYzk5MjkwMjg1NjdkMTE1YmNlMDY0OGUwZGRhMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNe2bqBrm56gU1Dr30Wk+GdnwCqQ
ZVepUhDkxdPwvnjbXfMwyITWpZidRm9Yfd9A0FqmX1iMXVNevCau86AI0yHzzoVO
R+AMLEnAd9kLCBWn79id8nRTKJdZxSt8UgNJ8j/RM4bA1oRhM5jVYqszPigShoYL
Q+4BkjtMCpdx5TQjov1Bt8YktUllJTHRdF6p8AUv9noI16pf7vSMTHGt+Ky4V8e+
eB8KTguGLTHkO/lOtvdnEcIsjPMbQzCj7oEdIwdL0oJubLHs+iV7EjlbIQwfhDoI
NUGwIuQIaGJBs5O05OMXyGtsQ6jzNuzzNYiS7CYbt9/QrRw7ZYWdOXve6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIQltquvyZKQKFZ9EVvOBkjg3aEPMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvaENXMnE2X0prcEFvVm4wUlc4NEdTT0Rkb1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg0dwAMF
AyoNSUADBQMqD0eAMA0GCSqGSIb3DQEBCwUAA4IBAQBaXnZUmle6janortsAUFp0
yxXn+9VPpoIKwh58TN57MrhvuX5qKYLxKaZ35i99Iw1cw0EEVjrjQW2iwKmPaFEB
hVRXJjcxp3gegTVuNYJrwhzgAb6gQvU5HybGAuJKY/6nUcqJUvJJBUEkk1/g7ary
gD+/6n0okMczhptv+8ugdgDo9LyVlKSC823Drq2M9CyJqoGUO1a3GKQWew9za9rc
N5/V3QfghF1RGVSJXnnIlrJFVbOSXt3Ox/HZ++6gRAvExwMx26h/iegcBaSmIVxq
kVTqBw/fm/p0NujweeEWk2S7qdLDYCtSpC1VRpqR+j3CKvX5RM2bI+iM0VzNvwSz
Generated at Mon Nov 6 20:12:10 2023 by rpki-client on console-ams.rpki-client.org