Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/0s3W_5xpgUQqFnafbAwaaJ3f7l4.roa
File: 0s3W_5xpgUQqFnafbAwaaJ3f7l4.roa (raw, json)
Hash identifier: GlXRHMAz5x99QrGCrUGqFp7B6Paim2TIjcA6AumO/SQ=
Subject key identifier: D2:CD:D6:FF:9C:69:81:44:2A:16:76:9F:6C:0C:1A:68:9D:DF:EE:5E
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 018572DA390534766C1F974C64BADA4A6DF1
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/0s3W_5xpgUQqFnafbAwaaJ3f7l4.roa
Signing time: Mon 02 Jan 2023 14:19:42 +0000
ROA not before: Mon 02 Jan 2023 14:19:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209432
IP address blocks: 2a0e:cc0::/48 maxlen: 48
2a0e:cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:da:39:05:34:76:6c:1f:97:4c:64:ba:da:4a:6d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Jan 2 14:19:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2cdd6ff9c6981442a16769f6c0c1a689ddfee5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dd:1e:16:57:89:47:6f:a2:67:8a:0c:cf:2a:
ea:e4:25:ca:cb:c5:7c:37:f2:f7:1e:ad:4f:6a:6f:
67:98:36:3f:6e:1a:2b:32:e0:38:73:f4:2a:64:d1:
fd:04:a3:cb:17:24:f9:dc:1b:d3:43:a1:43:57:b7:
78:08:7d:31:a2:7c:cc:95:2e:77:b5:1f:5f:02:ac:
43:08:e0:68:80:bc:0d:cb:77:16:eb:68:41:e1:af:
70:99:1a:d6:e9:2d:4a:a1:88:e6:dd:ce:36:d2:cb:
7b:3a:aa:ff:8b:d0:ec:54:6c:83:27:68:e3:18:90:
aa:7f:65:4d:41:bc:e8:c8:9c:32:15:a6:c2:a6:63:
f3:68:70:46:2d:19:40:f5:37:78:1f:5c:65:3d:14:
d2:ba:9f:1e:55:fb:4f:43:48:e8:33:c6:6c:fa:7b:
bf:0f:af:45:3d:d3:c5:21:42:74:a3:5b:40:e0:11:
a0:60:28:02:58:14:78:22:6c:87:c5:b2:ab:29:76:
76:12:17:fe:2a:f9:73:f8:8b:84:7c:99:20:e8:be:
dc:fe:f1:4c:64:2a:a7:9f:a1:87:d2:82:3e:4b:ce:
3e:c1:c0:f7:a2:e7:3f:5d:05:76:df:a6:d3:93:0f:
53:29:6b:07:be:f7:23:fe:7c:59:0f:b8:9e:f6:11:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CD:D6:FF:9C:69:81:44:2A:16:76:9F:6C:0C:1A:68:9D:DF:EE:5E
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/0s3W_5xpgUQqFnafbAwaaJ3f7l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
23:89:6c:11:91:ce:82:08:0e:17:27:90:4d:d5:72:0a:ed:fe:
ae:18:75:48:3e:c9:7d:ee:78:6b:8b:ab:66:61:64:ae:57:a1:
b9:6e:2c:c1:9d:87:82:8d:cd:26:14:40:08:5f:ad:72:f8:41:
86:ee:a9:83:24:57:aa:91:87:b6:4f:16:b8:46:b8:7e:7f:9e:
75:d3:1c:76:23:16:98:a7:f0:b4:57:04:44:02:a9:8e:79:c9:
79:04:64:79:c8:8f:8b:e5:cc:51:fb:a0:98:ef:2a:d8:51:b5:
97:ed:47:17:c5:f2:b5:6f:9e:71:71:47:e1:4b:be:23:5a:80:
f8:0a:1d:a3:06:0d:1e:cc:20:db:41:77:4e:ff:e5:ed:17:49:
38:70:36:33:7c:29:f7:e5:2c:82:ee:ea:5b:24:11:61:75:08:
3c:c3:4d:eb:7b:85:5c:7e:5d:ec:a0:c5:3c:ed:7e:84:63:be:
2e:14:ca:33:01:c8:2f:c3:08:88:13:7b:dc:93:2a:9f:42:4a:
ff:ef:23:c5:c6:cd:f2:12:bd:2f:07:7c:f3:b2:ba:e7:1d:e6:
7c:6b:24:55:9d:a4:1b:ea:52:56:43:d8:b2:89:52:ff:8f:57:
c9:8e:0b:6b:3d:b5:cd:33:79:b2:66:d7:59:10:4a:20:d3:59:
f2:2b:b5:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVy2jkFNHZsH5dMZLraSm3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjMwMTAyMTQxOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNkZDZmZjljNjk4MTQ0MmExNjc2OWY2YzBjMWE2ODlkZGZlZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit0eFleJR2+iZ4oMzyrq5CXKy8V8
N/L3Hq1Pam9nmDY/bhorMuA4c/QqZNH9BKPLFyT53BvTQ6FDV7d4CH0xonzMlS53
tR9fAqxDCOBogLwNy3cW62hB4a9wmRrW6S1KoYjm3c420st7Oqr/i9DsVGyDJ2jj
GJCqf2VNQbzoyJwyFabCpmPzaHBGLRlA9Td4H1xlPRTSup8eVftPQ0joM8Zs+nu/
D69FPdPFIUJ0o1tA4BGgYCgCWBR4ImyHxbKrKXZ2Ehf+Kvlz+IuEfJkg6L7c/vFM
ZCqnn6GH0oI+S84+wcD3ouc/XQV236bTkw9TKWsHvvcj/nxZD7ie9hGQuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNLN1v+caYFEKhZ2n2wMGmid3+5eMB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvMHMzV181eHBnVVFxRm5hZmJBd2FhSjNmN2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4MwDAN
BgkqhkiG9w0BAQsFAAOCAQEAI4lsEZHOgggOFyeQTdVyCu3+rhh1SD7Jfe54a4ur
ZmFkrlehuW4swZ2Hgo3NJhRACF+tcvhBhu6pgyRXqpGHtk8WuEa4fn+eddMcdiMW
mKfwtFcERAKpjnnJeQRkeciPi+XMUfugmO8q2FG1l+1HF8XytW+ecXFH4Uu+I1qA
+AodowYNHswg20F3Tv/l7RdJOHA2M3wp9+Usgu7qWyQRYXUIPMNN63uFXH5d7KDF
PO1+hGO+LhTKMwHIL8MIiBN73JMqn0JK/+8jxcbN8hK9Lwd887K65x3mfGskVZ2k
G+pSVkPYsolS/49XyY4Laz21zTN5smbXWRBKINNZ8iu1cA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:43 2024 by rpki-client on console-fra.rpki-client.org