Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/rlYaidKrdlGp0o7JCEkZnUAUNaQ.roa
File: rlYaidKrdlGp0o7JCEkZnUAUNaQ.roa (raw, json)
Hash identifier: 4vncmniOUPkAfJECHXGwpydL7KWII6mGgKocLbLq7IA=
Subject key identifier: AE:56:1A:89:D2:AB:76:51:A9:D2:8E:C9:08:49:19:9D:40:14:35:A4
Certificate issuer: /CN=4c39055a6990b82408cf1abf29313780e249a4c9
Certificate serial: 01856F42E2E8C07C39D44A5AD9EF7500C6F2
Authority key identifier: 4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/rlYaidKrdlGp0o7JCEkZnUAUNaQ.roa
Signing time: Sun 01 Jan 2023 21:35:32 +0000
ROA not before: Sun 01 Jan 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26911
IP address blocks: 2a0e:c1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:e2:e8:c0:7c:39:d4:4a:5a:d9:ef:75:00:c6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c39055a6990b82408cf1abf29313780e249a4c9
Validity
Not Before: Jan 1 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae561a89d2ab7651a9d28ec90849199d401435a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:b1:43:b2:f2:1f:51:7c:48:5a:dd:51:a8:
bf:4b:8f:8a:14:01:87:a2:aa:23:2e:3f:af:23:53:
2b:0e:23:84:fb:c0:d9:6f:29:f3:f0:b8:41:7c:0e:
e6:5f:26:6a:01:40:f9:cf:50:87:15:24:16:f2:bf:
dd:05:4f:20:fe:9f:2f:ac:2b:84:23:00:66:48:70:
5a:91:bf:d1:59:6c:cc:32:14:01:a0:ad:00:66:3d:
0b:4b:9d:0c:da:6b:e3:45:af:20:b5:7e:86:cf:a4:
f3:30:ca:28:7a:31:c8:6c:31:7e:9d:33:98:8d:f6:
e7:21:e5:b9:0d:63:40:c3:18:d4:86:0f:31:eb:2c:
36:11:09:1d:61:a7:83:56:77:84:bf:45:8b:e7:80:
cd:c9:eb:37:d0:b7:29:a1:a1:59:aa:2d:71:fb:0c:
9d:7e:1a:b8:3c:14:f3:70:06:23:9a:bd:0c:a5:cb:
61:89:82:0b:b0:11:16:ee:7a:a2:c6:b2:7c:13:a3:
f7:46:67:44:8c:ef:86:78:f8:ae:16:6a:ef:af:25:
db:48:c4:b4:aa:48:df:3a:a1:b7:b2:14:5d:22:c1:
ae:4e:dc:a6:0a:ad:d6:a8:d3:b4:de:40:4c:24:e7:
ae:61:4e:54:71:ad:7e:25:cb:bb:c9:df:77:89:54:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:56:1A:89:D2:AB:76:51:A9:D2:8E:C9:08:49:19:9D:40:14:35:A4
X509v3 Authority Key Identifier:
keyid:4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/rlYaidKrdlGp0o7JCEkZnUAUNaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
65:98:ef:48:07:1e:02:43:50:24:87:65:aa:cf:fa:97:85:e9:
3b:21:61:e1:40:2a:cc:cc:28:fc:23:2a:de:22:9f:d6:0b:0d:
61:31:8d:83:5b:b1:3e:02:b8:79:d7:53:a4:0d:91:a0:6d:3e:
9e:b3:20:5a:97:dc:a7:6c:e1:c4:da:0e:f7:39:53:51:b2:08:
bc:b9:e4:44:3b:d6:fa:3f:3e:60:23:54:37:f6:ef:97:2d:26:
cb:75:c6:8e:80:b3:9c:88:08:b0:f6:ce:ac:23:06:92:0a:be:
f1:1a:45:0c:38:0e:d5:75:40:05:a2:45:0b:ec:19:e5:ce:a2:
e6:36:74:92:11:04:83:65:e6:db:80:78:0b:b8:18:00:1f:51:
9d:67:89:69:6c:07:9c:b1:5c:00:04:04:e1:44:22:42:1d:c8:
3a:7d:2a:95:6c:1f:4c:d6:17:27:47:48:67:0c:d6:b4:0e:96:
c0:cf:56:ec:81:65:30:ce:15:27:18:ac:80:d2:a8:a6:d7:e9:
98:ed:25:fd:1a:0a:f9:12:47:c5:9e:a8:70:98:5c:fb:28:a0:
41:2b:07:2e:74:4f:f0:10:6f:f9:1c:ca:d9:3d:18:4e:61:89:
d8:0e:79:40:ee:90:66:87:b4:01:9e:e7:3d:b5:4f:d1:9c:a4:
87:88:c3:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvQuLowHw51Epa2e91AMbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzkwNTVhNjk5MGI4MjQwOGNmMWFiZjI5MzEzNzgwZTI0
OWE0YzkwHhcNMjMwMTAxMjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU2MWE4OWQyYWI3NjUxYTlkMjhlYzkwODQ5MTk5ZDQwMTQzNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhmxQ7LyH1F8SFrdUai/S4+KFAGH
oqojLj+vI1MrDiOE+8DZbynz8LhBfA7mXyZqAUD5z1CHFSQW8r/dBU8g/p8vrCuE
IwBmSHBakb/RWWzMMhQBoK0AZj0LS50M2mvjRa8gtX6Gz6TzMMooejHIbDF+nTOY
jfbnIeW5DWNAwxjUhg8x6yw2EQkdYaeDVneEv0WL54DNyes30LcpoaFZqi1x+wyd
fhq4PBTzcAYjmr0MpcthiYILsBEW7nqixrJ8E6P3RmdEjO+GePiuFmrvryXbSMS0
qkjfOqG3shRdIsGuTtymCq3WqNO03kBMJOeuYU5Uca1+Jcu7yd93iVTLcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK5WGonSq3ZRqdKOyQhJGZ1AFDWkMB8GA1UdIwQY
MBaAFEw5BVppkLgkCM8avykxN4DiSaTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYt
ZDRiMzdlNDRhYjdjLzEvcmxZYWlkS3JkbEdwMG83SkNFa1puVUFVTmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYtZDRiMzdlNDRhYjdj
LzEvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7BwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZZjvSAceAkNQJIdlqs/6l4XpOyFh4UAqzMwo/CMq
3iKf1gsNYTGNg1uxPgK4eddTpA2RoG0+nrMgWpfcp2zhxNoO9zlTUbIIvLnkRDvW
+j8+YCNUN/bvly0my3XGjoCznIgIsPbOrCMGkgq+8RpFDDgO1XVABaJFC+wZ5c6i
5jZ0khEEg2Xm24B4C7gYAB9RnWeJaWwHnLFcAAQE4UQiQh3IOn0qlWwfTNYXJ0dI
ZwzWtA6WwM9W7IFlMM4VJxisgNKoptfpmO0l/RoK+RJHxZ6ocJhc+yigQSsHLnRP
8BBv+RzK2T0YTmGJ2A55QO6QZoe0AZ7nPbVP0Zykh4jDSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org