Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/gAfP_uEqQR4-ecMAn8-HGssE5Uw.roa
File: gAfP_uEqQR4-ecMAn8-HGssE5Uw.roa (raw, json)
Hash identifier: KN63eVCRXs1nHgyLhIjN4x4vW+dPHp1P3aAuG6LbeHQ=
Subject key identifier: 80:07:CF:FE:E1:2A:41:1E:3E:79:C3:00:9F:CF:87:1A:CB:04:E5:4C
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 018F118792E6958542D681C6AC27A5A02016
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/gAfP_uEqQR4-ecMAn8-HGssE5Uw.roa
Signing time: Wed 24 Apr 2024 19:14:08 +0000
ROA not before: Wed 24 Apr 2024 19:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a12:25c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 27 Apr 2024 17:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:87:92:e6:95:85:42:d6:81:c6:ac:27:a5:a0:20:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 24 19:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8007cffee12a411e3e79c3009fcf871acb04e54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:eb:cf:53:23:37:71:58:e3:6d:94:af:44:27:
aa:cf:45:2e:0c:be:84:aa:09:af:68:4c:5d:c1:26:
bf:3e:2e:84:0c:b9:93:dc:14:63:e6:d3:d9:e3:32:
83:6f:3a:79:0d:2a:3e:d5:74:c8:fb:97:a2:6e:f1:
50:a1:c3:22:b5:34:54:cb:ba:e8:69:4d:de:e9:89:
ad:64:a5:41:dc:0b:3b:28:c2:ba:78:ef:18:61:fc:
04:81:0c:01:0e:21:18:f0:aa:7a:26:f4:50:36:25:
6d:74:cc:ad:51:98:38:e0:f8:d3:60:e7:eb:a3:85:
2c:a6:11:9a:f4:8a:c9:d3:8c:06:5e:d0:8f:52:a2:
3e:67:e9:e8:a2:56:d1:40:e5:62:6c:86:8c:04:5e:
e6:11:1b:b7:8f:cd:e9:71:18:d0:27:2d:a5:15:c9:
18:6b:aa:b7:04:49:68:7f:b9:7a:1d:c2:9a:bb:42:
34:50:b2:b2:05:9f:f9:f1:cf:6c:ec:83:de:08:1c:
79:f4:23:37:65:5f:00:fe:43:d8:11:23:7f:3b:71:
aa:c3:4d:5a:4b:07:d5:16:67:75:07:fc:87:77:96:
4d:e3:b1:92:73:f2:fd:22:11:29:2a:1c:01:25:99:
e1:6b:a9:18:ab:b6:df:19:7b:90:7d:81:ad:12:e0:
e0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:07:CF:FE:E1:2A:41:1E:3E:79:C3:00:9F:CF:87:1A:CB:04:E5:4C
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/gAfP_uEqQR4-ecMAn8-HGssE5Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:0d:5a:6b:86:39:76:c6:b0:e9:d7:da:4b:d7:20:dc:ef:41:
53:56:75:df:25:ff:3e:9b:b8:fd:11:6f:10:a8:25:07:c7:56:
fa:18:24:c7:3f:7a:d4:09:f0:f1:8b:13:19:3b:70:d8:d4:6f:
d9:ba:81:f3:33:c9:63:75:c2:16:9f:c9:3f:88:20:54:f6:ab:
32:09:91:24:b1:03:a0:05:76:a1:dc:c8:fa:9e:59:29:b2:dd:
28:60:83:22:bc:3d:dc:69:24:fb:d6:3a:3d:d2:52:c9:66:87:
4a:1c:ef:e0:d8:98:5b:45:e8:76:5a:b9:0f:0c:17:1a:37:92:
a7:0a:21:2a:10:d2:e2:2a:11:ad:39:91:be:aa:8e:fb:b6:9b:
e4:f8:3d:69:8b:24:3d:c2:e3:f5:72:12:41:09:23:55:41:05:
3c:84:70:7a:ae:e8:d9:3c:f1:e2:79:94:41:0c:e1:e9:0f:1e:
71:85:7c:54:50:2e:11:96:19:83:c4:77:45:00:97:c8:48:de:
f5:ed:00:3e:b1:e1:20:de:fb:a8:d0:dd:ac:38:eb:6e:5a:f1:
cd:6d:fa:6a:d2:46:83:f8:d3:6a:ad:bc:c8:d9:6c:3f:64:d8:
f4:e3:af:e0:43:b8:35:ab:dc:b3:2b:20:0e:3d:5e:c8:8d:ea:
48:00:a2:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8Rh5LmlYVC1oHGrCeloCAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwNDI0MTkxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDA3Y2ZmZWUxMmE0MTFlM2U3OWMzMDA5ZmNmODcxYWNiMDRlNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkevPUyM3cVjjbZSvRCeqz0UuDL6E
qgmvaExdwSa/Pi6EDLmT3BRj5tPZ4zKDbzp5DSo+1XTI+5eibvFQocMitTRUy7ro
aU3e6YmtZKVB3As7KMK6eO8YYfwEgQwBDiEY8Kp6JvRQNiVtdMytUZg44PjTYOfr
o4UsphGa9IrJ04wGXtCPUqI+Z+noolbRQOVibIaMBF7mERu3j83pcRjQJy2lFckY
a6q3BElof7l6HcKau0I0ULKyBZ/58c9s7IPeCBx59CM3ZV8A/kPYESN/O3Gqw01a
SwfVFmd1B/yHd5ZN47GSc/L9IhEpKhwBJZnha6kYq7bfGXuQfYGtEuDgHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIAHz/7hKkEePnnDAJ/PhxrLBOVMMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvZ0FmUF91RXFRUjQtZWNNQW44LUhHc3NFNVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIlwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZw1aa4Y5dsaw6dfaS9cg3O9BU1Z13yX/Ppu4/RFv
EKglB8dW+hgkxz961Anw8YsTGTtw2NRv2bqB8zPJY3XCFp/JP4ggVParMgmRJLED
oAV2odzI+p5ZKbLdKGCDIrw93Gkk+9Y6PdJSyWaHShzv4NiYW0Xodlq5DwwXGjeS
pwohKhDS4ioRrTmRvqqO+7ab5Pg9aYskPcLj9XISQQkjVUEFPIRweq7o2Tzx4nmU
QQzh6Q8ecYV8VFAuEZYZg8R3RQCXyEje9e0APrHhIN77qNDdrDjrblrxzW36atJG
g/jTaq28yNlsP2TY9OOv4EO4NavcsysgDj1eyI3qSACiYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org