Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/dg8p993_xLiWKYg1hfSWQiPx3KM.roa
File: dg8p993_xLiWKYg1hfSWQiPx3KM.roa (raw, json)
Hash identifier: 46TMOTiUKysMQkz+1qbTNM/xI0gBPd54cKInv0yghyE=
Subject key identifier: 76:0F:29:F7:DD:FF:C4:B8:96:29:88:35:85:F4:96:42:23:F1:DC:A3
Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Certificate serial: 01856DEF79B857694295A2A97D70A054FCD8
Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/dg8p993_xLiWKYg1hfSWQiPx3KM.roa
Signing time: Sun 01 Jan 2023 15:24:48 +0000
ROA not before: Sun 01 Jan 2023 15:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42209
IP address blocks: 2a0f:ca00:8000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:79:b8:57:69:42:95:a2:a9:7d:70:a0:54:fc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Validity
Not Before: Jan 1 15:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=760f29f7ddffc4b89629883585f4964223f1dca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7a:59:ee:b9:07:e3:6d:92:3a:5a:62:55:ce:
60:fa:f9:52:7b:b5:98:d9:50:d8:5c:a2:d8:6c:92:
a8:e1:53:cf:6c:ba:a1:bc:39:6a:7a:77:bb:65:91:
fb:2d:90:8b:12:7f:e8:3a:af:71:a4:80:d7:9f:48:
b4:ed:bc:7d:ea:44:ba:d2:87:12:5f:9b:70:93:6f:
0a:da:01:fa:9d:26:e5:e9:f1:e5:7e:b6:05:0a:46:
43:6c:26:5a:7d:1b:7b:59:ab:85:62:e7:e8:6d:31:
da:a3:74:4b:4d:ee:0b:95:99:6d:ff:88:11:a1:4b:
87:1f:69:97:fa:f3:37:28:87:62:1a:a3:1b:84:5e:
ca:01:70:3c:e7:11:38:bb:fa:b1:7f:98:0c:bd:5b:
68:c6:6c:e1:2e:09:73:bd:74:f2:82:b9:0a:a7:99:
28:b3:95:b5:2c:32:cb:0c:47:f5:bb:99:fd:5c:f9:
57:eb:12:ab:79:17:b3:97:be:68:9c:60:01:e8:6b:
07:e8:32:33:74:43:2b:74:a8:24:dd:19:83:c2:f4:
ed:a8:94:93:c6:4e:14:f7:4b:46:91:df:82:8d:7c:
c9:b8:cf:20:1b:bb:42:cf:17:34:30:79:1a:ba:82:
ea:15:8f:03:a3:b0:ce:90:57:89:b1:b1:34:74:e2:
dd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0F:29:F7:DD:FF:C4:B8:96:29:88:35:85:F4:96:42:23:F1:DC:A3
X509v3 Authority Key Identifier:
keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/dg8p993_xLiWKYg1hfSWQiPx3KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca00:8000::/48
Signature Algorithm: sha256WithRSAEncryption
53:9d:1d:58:03:14:d9:21:88:e2:ce:0d:44:91:2e:d1:e5:47:
6c:af:4e:e1:e2:97:6e:5b:bd:b6:c8:17:e9:f6:89:ac:6d:a6:
13:35:6d:53:d1:7f:20:f6:4f:62:50:97:dc:0c:53:f6:7e:d1:
13:00:d8:52:e3:4d:fc:1c:6a:8c:6e:2c:63:40:84:33:d6:9b:
19:ba:87:be:4e:b7:ca:29:d9:29:3c:bc:15:c7:96:c0:c6:96:
64:2c:42:2c:0a:27:91:a6:a7:23:37:b4:3a:58:2a:af:07:4c:
10:20:b1:b8:a9:d2:e9:05:76:d1:6a:92:2a:62:f1:96:ef:fa:
8c:fd:3b:a5:9c:8f:b4:2b:65:52:2a:c2:eb:22:1c:f6:1b:e9:
42:38:52:8a:1f:ea:00:af:9f:d2:ee:61:09:b7:f7:a5:bc:fd:
1d:fd:ba:b0:00:26:b4:31:b8:dd:af:74:0c:93:69:32:47:77:
e1:0f:b3:f6:10:04:fb:87:5d:ce:59:01:12:d8:ca:9e:8c:3e:
df:c0:c8:2e:b6:75:42:fe:d2:9c:99:1f:47:bb:fc:d9:a3:3e:
f4:3f:cc:c3:c5:6a:cb:d7:b8:df:66:bb:19:64:bb:2f:43:cb:
49:69:dc:9e:7e:b5:59:8c:75:6a:5b:8d:3a:17:11:78:7b:37:
37:5c:2b:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt73m4V2lClaKpfXCgVPzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4
ZmUzY2EwHhcNMjMwMTAxMTUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBmMjlmN2RkZmZjNGI4OTYyOTg4MzU4NWY0OTY0MjIzZjFkY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3pZ7rkH422SOlpiVc5g+vlSe7WY
2VDYXKLYbJKo4VPPbLqhvDlqene7ZZH7LZCLEn/oOq9xpIDXn0i07bx96kS60ocS
X5twk28K2gH6nSbl6fHlfrYFCkZDbCZafRt7WauFYufobTHao3RLTe4LlZlt/4gR
oUuHH2mX+vM3KIdiGqMbhF7KAXA85xE4u/qxf5gMvVtoxmzhLglzvXTygrkKp5ko
s5W1LDLLDEf1u5n9XPlX6xKreRezl75onGAB6GsH6DIzdEMrdKgk3RmDwvTtqJST
xk4U90tGkd+CjXzJuM8gG7tCzxc0MHkauoLqFY8Do7DOkFeJsbE0dOLd3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHYPKffd/8S4limINYX0lkIj8dyjMB8GA1UdIwQY
MBaAFCrdQ4p848s3nyjPoFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUt
MjBhMGQxMzBjNDU2LzEvZGc4cDk5M194TGlXS1lnMWhmU1dRaVB4M0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2
LzEvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/KAIAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTnR1YAxTZIYjizg1EkS7R5Udsr07h4pduW722
yBfp9omsbaYTNW1T0X8g9k9iUJfcDFP2ftETANhS4038HGqMbixjQIQz1psZuoe+
TrfKKdkpPLwVx5bAxpZkLEIsCieRpqcjN7Q6WCqvB0wQILG4qdLpBXbRapIqYvGW
7/qM/TulnI+0K2VSKsLrIhz2G+lCOFKKH+oAr5/S7mEJt/elvP0d/bqwACa0Mbjd
r3QMk2kyR3fhD7P2EAT7h13OWQES2MqejD7fwMgutnVC/tKcmR9Hu/zZoz70P8zD
xWrL17jfZrsZZLsvQ8tJadyefrVZjHVqW406FxF4ezc3XCs9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:24 2024 by rpki-client on console-fra.rpki-client.org