Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/dxszbWo2W-LLdRDgNk0pjA1H7ak.roa
File: dxszbWo2W-LLdRDgNk0pjA1H7ak.roa (raw, json)
Hash identifier: Nn8WdGzsgEshlUk4W+RZCJcmNkFxqTKsRSJekv7MSEQ=
Subject key identifier: 77:1B:33:6D:6A:36:5B:E2:CB:75:10:E0:36:4D:29:8C:0D:47:ED:A9
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0187252FADBD3A0F3CF3204EB8518FF712A9
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/dxszbWo2W-LLdRDgNk0pjA1H7ak.roa
Signing time: Mon 27 Mar 2023 22:28:14 +0000
ROA not before: Mon 27 Mar 2023 22:28:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51582
IP address blocks: 2a06:9686:e00::/39 maxlen: 39
2a06:9686:c00::/39 maxlen: 39
2a06:9686:a00::/39 maxlen: 39
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:25:2f:ad:bd:3a:0f:3c:f3:20:4e:b8:51:8f:f7:12:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Mar 27 22:28:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=771b336d6a365be2cb7510e0364d298c0d47eda9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2f:48:cd:9d:60:c6:3a:41:77:a3:15:c4:b0:
49:11:cf:f9:16:17:f7:a9:5a:07:59:18:8b:72:8a:
59:cf:c8:8f:18:90:8f:98:c9:75:e9:81:f9:cd:09:
a8:80:27:f3:86:5d:c0:77:dd:41:58:28:4b:36:bd:
07:c2:74:49:1d:39:f8:74:b3:af:2d:30:a3:09:98:
8a:6f:1a:c5:d5:a0:79:3a:42:ba:ff:9e:14:b0:f5:
f7:58:ca:5b:9d:01:e3:1d:9f:aa:7e:83:d9:fb:2f:
8f:4d:f7:d4:39:47:56:c5:9c:50:01:bd:e0:88:68:
29:e8:81:3f:98:c8:b0:ff:d4:5d:ab:dd:ca:8f:34:
ca:d6:19:57:a6:f1:b4:19:62:71:84:7f:f6:aa:54:
e1:b2:bd:81:ae:a0:d3:6b:29:ea:c6:b5:29:e9:7b:
89:10:c8:2a:da:67:42:3a:76:54:19:db:01:25:d7:
80:74:b1:89:e0:b5:58:b6:0c:e7:b3:11:fd:5d:01:
ee:96:ae:13:4d:5c:c3:20:b1:22:84:51:68:a0:96:
bb:f5:e9:3b:a3:13:d9:b5:ac:fe:1e:f4:e4:3d:38:
a9:ca:68:23:00:ee:55:60:9c:cd:1f:b5:3d:64:75:
c5:be:1e:5f:1b:b6:53:9b:b0:ea:4a:2b:cf:05:95:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1B:33:6D:6A:36:5B:E2:CB:75:10:E0:36:4D:29:8C:0D:47:ED:A9
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/dxszbWo2W-LLdRDgNk0pjA1H7ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686:a00::-2a06:9686:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:53:f3:7c:6b:1e:6b:cd:66:83:ce:76:4f:ce:51:ce:ef:89:
0a:4a:fa:24:0b:b9:c7:f5:76:18:07:82:1d:72:10:b6:43:7e:
7e:60:c4:26:c2:26:75:60:73:bd:e6:42:0f:24:e5:58:af:e1:
80:93:08:8a:42:de:9f:e2:ce:15:23:98:9b:7f:26:ca:fa:8f:
7e:bc:37:ee:85:01:4f:bc:e2:6b:05:e8:20:17:a8:31:c5:2c:
a3:c2:0a:54:23:fd:ba:56:2a:a2:ed:80:9c:ca:73:f7:6b:00:
95:33:96:b4:92:d6:79:fc:6b:8a:1e:83:79:77:5a:46:a0:f9:
16:b1:c3:e3:25:0f:80:3f:b5:f3:96:47:24:a9:1f:6a:1a:62:
c2:77:97:4d:31:8a:b5:c9:41:7e:85:84:7d:d5:77:c9:15:39:
ce:c6:fa:95:20:4c:ba:65:f9:ee:d7:0e:b8:d9:52:4d:ef:24:
d9:96:1d:41:74:7a:ff:40:3a:1e:6d:a8:52:66:21:41:ef:36:
be:4b:8a:f3:d4:d8:c2:17:91:9e:78:d0:0d:10:6f:e2:bf:e8:
4e:ba:91:31:85:9e:bd:cb:45:21:a7:d7:04:f0:0d:a4:06:a1:
2e:76:38:82:e3:f8:e6:56:b1:f1:c4:78:6d:b7:fe:9a:29:4e:
7c:a4:fc:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYclL629Og888yBOuFGP9xKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjMwMzI3MjIyODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFiMzM2ZDZhMzY1YmUyY2I3NTEwZTAzNjRkMjk4YzBkNDdlZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC9IzZ1gxjpBd6MVxLBJEc/5Fhf3
qVoHWRiLcopZz8iPGJCPmMl16YH5zQmogCfzhl3Ad91BWChLNr0HwnRJHTn4dLOv
LTCjCZiKbxrF1aB5OkK6/54UsPX3WMpbnQHjHZ+qfoPZ+y+PTffUOUdWxZxQAb3g
iGgp6IE/mMiw/9Rdq93KjzTK1hlXpvG0GWJxhH/2qlThsr2BrqDTaynqxrUp6XuJ
EMgq2mdCOnZUGdsBJdeAdLGJ4LVYtgznsxH9XQHulq4TTVzDILEihFFooJa79ek7
oxPZtaz+HvTkPTipymgjAO5VYJzNH7U9ZHXFvh5fG7ZTm7DqSivPBZXGzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHcbM21qNlviy3UQ4DZNKYwNR+2pMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvZHhzemJXbzJXLUxMZFJEZ05rMHBqQTFIN2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgEqBpaG
CgMGBCoGloYAMA0GCSqGSIb3DQEBCwUAA4IBAQBcU/N8ax5rzWaDznZPzlHO74kK
SvokC7nH9XYYB4IdchC2Q35+YMQmwiZ1YHO95kIPJOVYr+GAkwiKQt6f4s4VI5ib
fybK+o9+vDfuhQFPvOJrBeggF6gxxSyjwgpUI/26Viqi7YCcynP3awCVM5a0ktZ5
/GuKHoN5d1pGoPkWscPjJQ+AP7XzlkckqR9qGmLCd5dNMYq1yUF+hYR91XfJFTnO
xvqVIEy6Zfnu1w642VJN7yTZlh1BdHr/QDoebahSZiFB7za+S4rz1NjCF5GeeNAN
EG/iv+hOupExhZ69y0Uhp9cE8A2kBqEudjiC4/jmVrHxxHhtt/6aKU58pPws
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:39 2024 by rpki-client on console-fra.rpki-client.org