Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/E0oqz2Q5gY19doPAaFap04iCKM0.roa
File: E0oqz2Q5gY19doPAaFap04iCKM0.roa (raw, json)
Hash identifier: IRt0LQZo78XVwzdxtmq8InzIieaiVw8387cdeiPuekg=
Subject key identifier: 13:4A:2A:CF:64:39:81:8D:7D:76:83:C0:68:56:A9:D3:88:82:28:CD
Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Certificate serial: 01856E2FBF0F015FA800087F2A8A919B2CD4
Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/E0oqz2Q5gY19doPAaFap04iCKM0.roa
Signing time: Sun 01 Jan 2023 16:35:00 +0000
ROA not before: Sun 01 Jan 2023 16:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200544
IP address blocks: 2a07:ad00::/30 maxlen: 30
2a07:ad00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:bf:0f:01:5f:a8:00:08:7f:2a:8a:91:9b:2c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Validity
Not Before: Jan 1 16:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=134a2acf6439818d7d7683c06856a9d3888228cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c5:3e:a2:70:60:ac:38:13:12:87:5a:ac:e8:
69:9b:f8:78:28:01:4c:d1:c7:2f:8b:36:82:2d:14:
a5:ee:b0:f2:44:5f:ec:35:d3:33:a6:09:7a:77:c5:
c6:df:b6:b0:2e:38:55:96:79:48:a7:5e:c6:c8:d3:
51:ee:88:5b:8f:39:08:5b:01:a2:51:02:48:a9:39:
b5:03:c8:a8:d4:11:97:9f:10:53:a4:69:60:4e:14:
93:12:e1:64:99:6f:2d:9d:44:6c:d8:82:79:28:48:
78:da:f7:29:2a:51:f5:76:38:3c:80:9a:cf:0e:23:
e8:0a:6b:74:b3:69:95:c4:89:59:fe:f3:e1:f2:49:
c6:7f:a0:5f:d3:a6:5d:05:e1:75:2a:4d:60:15:dc:
2c:21:93:ab:af:31:b6:68:6c:c4:f7:81:3b:e3:b1:
20:d8:3f:a6:d8:e8:77:2e:3e:4f:bc:b6:e2:01:e6:
d7:9a:1e:76:46:fd:48:1e:95:1a:20:f5:85:c5:29:
d5:e1:78:fd:11:1e:be:58:49:b4:85:42:bc:58:1a:
1f:90:19:04:22:4a:ca:88:f2:bd:81:1b:cc:cf:f9:
b2:85:02:a2:1a:47:44:2b:ff:75:09:f2:41:1f:da:
8c:f1:d2:81:9d:73:c0:43:f6:87:ca:53:05:fa:7c:
23:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4A:2A:CF:64:39:81:8D:7D:76:83:C0:68:56:A9:D3:88:82:28:CD
X509v3 Authority Key Identifier:
keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/E0oqz2Q5gY19doPAaFap04iCKM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
a3:cc:7c:d4:be:44:b6:d5:9b:0b:ad:f0:27:62:3c:38:e3:a2:
fb:60:2c:ec:8d:4a:dc:d6:c3:ce:4e:55:8d:63:96:8d:31:8b:
c3:88:b7:68:13:6f:e0:33:92:92:9a:67:f2:46:b1:13:17:6b:
c2:3e:a8:5e:63:cf:98:2d:db:68:08:8b:c9:77:12:3a:ae:74:
ed:5e:6a:d8:94:aa:27:00:54:60:1c:20:b0:2f:72:f9:7d:25:
8e:2b:0e:da:7d:d5:08:9f:0d:f2:0e:1b:47:54:77:21:ec:f3:
44:c2:ec:89:a0:50:7d:fc:7a:74:6a:07:31:db:c3:3c:44:0e:
b1:7a:25:29:c1:91:bc:4c:0f:1c:8a:97:42:22:46:67:15:17:
78:e4:82:6c:de:91:df:59:fa:fe:15:46:d8:c8:4a:78:53:bf:
d2:77:fa:2b:9b:9b:4e:94:3e:42:4d:43:33:6b:3e:d3:b1:2d:
0c:df:1d:5f:c4:36:5e:95:66:17:04:b9:21:0b:e9:b9:d9:f6:
ee:77:5a:e6:45:ed:bc:22:fa:b5:98:a2:b3:e5:f7:bc:99:03:
ca:ee:b7:1c:76:27:73:32:d7:62:66:69:25:93:95:7d:19:f1:
e0:ef:5c:74:ab:a6:55:0c:93:b2:44:18:87:ee:8e:6f:7d:c1:
b4:d1:bd:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuL78PAV+oAAh/KoqRmyzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0
ZGRlMmMwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzRhMmFjZjY0Mzk4MThkN2Q3NjgzYzA2ODU2YTlkMzg4ODIyOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsU+onBgrDgTEodarOhpm/h4KAFM
0ccvizaCLRSl7rDyRF/sNdMzpgl6d8XG37awLjhVlnlIp17GyNNR7ohbjzkIWwGi
UQJIqTm1A8io1BGXnxBTpGlgThSTEuFkmW8tnURs2IJ5KEh42vcpKlH1djg8gJrP
DiPoCmt0s2mVxIlZ/vPh8knGf6Bf06ZdBeF1Kk1gFdwsIZOrrzG2aGzE94E747Eg
2D+m2Oh3Lj5PvLbiAebXmh52Rv1IHpUaIPWFxSnV4Xj9ER6+WEm0hUK8WBofkBkE
IkrKiPK9gRvMz/myhQKiGkdEK/91CfJBH9qM8dKBnXPAQ/aHylMF+nwjXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBNKKs9kOYGNfXaDwGhWqdOIgijNMB8GA1UdIwQY
MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct
OTg0NzdhODY1M2M3LzEvRTBvcXoyUTVnWTE5ZG9QQWFGYXAwNGlDS00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3
LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgetADAN
BgkqhkiG9w0BAQsFAAOCAQEAo8x81L5EttWbC63wJ2I8OOOi+2As7I1K3NbDzk5V
jWOWjTGLw4i3aBNv4DOSkppn8kaxExdrwj6oXmPPmC3baAiLyXcSOq507V5q2JSq
JwBUYBwgsC9y+X0ljisO2n3VCJ8N8g4bR1R3IezzRMLsiaBQffx6dGoHMdvDPEQO
sXolKcGRvEwPHIqXQiJGZxUXeOSCbN6R31n6/hVG2MhKeFO/0nf6K5ubTpQ+Qk1D
M2s+07EtDN8dX8Q2XpVmFwS5IQvpudn27nda5kXtvCL6tZiis+X3vJkDyu63HHYn
czLXYmZpJZOVfRnx4O9cdKumVQyTskQYh+6Ob33BtNG9Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:03 2024 by rpki-client on console-ams.rpki-client.org