Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/I6w_hGLmdGP30FRiFIYJYgUc2HA.roa
File: I6w_hGLmdGP30FRiFIYJYgUc2HA.roa (raw, json)
Hash identifier: yiQ6xQX1CudECtcgtgq51/b33a4xNRnDxf3OEvsQ2og=
Subject key identifier: 23:AC:3F:84:62:E6:74:63:F7:D0:54:62:14:86:09:62:05:1C:D8:70
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018E334330ABA89A5B14AF03AAB212210055
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/I6w_hGLmdGP30FRiFIYJYgUc2HA.roa
Signing time: Tue 12 Mar 2024 15:23:45 +0000
ROA not before: Tue 12 Mar 2024 15:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Apr 2024 11:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:43:30:ab:a8:9a:5b:14:af:03:aa:b2:12:21:00:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 12 15:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23ac3f8462e67463f7d0546214860962051cd870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:41:dd:0f:a9:41:b9:72:f7:ff:bc:95:d8:
66:45:2a:32:a4:c3:dd:d1:7b:80:e6:b5:49:0e:e4:
74:19:06:88:2b:2c:82:1d:54:91:87:78:a0:14:64:
a2:d8:a8:0d:08:28:22:25:70:66:49:b5:3e:01:fd:
ad:26:eb:ff:30:79:6a:ce:b0:1b:7c:b9:c2:bb:b2:
00:29:1b:4f:d2:72:88:9d:d9:ec:b4:cd:87:ac:48:
bb:de:4f:c2:83:76:93:97:f6:69:20:c5:b6:3d:5c:
b4:08:b4:39:34:d9:cb:e7:c2:92:d0:94:80:a7:60:
03:7a:ab:e4:2d:60:cb:42:a0:35:7d:49:1d:89:45:
4d:5b:4e:a3:68:38:d6:ed:42:cc:f2:b8:a6:90:3b:
3e:cc:32:52:9c:3d:10:b5:a5:d4:2c:de:57:91:54:
3c:92:b5:5e:ff:23:83:84:ac:73:5a:e5:2e:a4:19:
ae:91:ae:c7:e5:db:dd:0a:d2:34:37:b1:be:1c:8a:
67:24:ef:87:02:24:b2:4d:16:c0:2b:bb:24:63:da:
35:a5:0f:75:a9:5c:49:1d:b7:60:70:91:bf:53:cd:
d2:b6:a3:28:89:b1:95:14:e7:aa:9b:9d:36:71:8e:
57:1a:71:c9:2c:97:08:c7:45:b6:bf:fd:7f:13:fe:
51:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AC:3F:84:62:E6:74:63:F7:D0:54:62:14:86:09:62:05:1C:D8:70
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/I6w_hGLmdGP30FRiFIYJYgUc2HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
33:b2:7c:1c:8f:e8:be:1e:8a:a0:0a:fa:76:61:64:8a:e9:d9:
4f:4c:73:54:a8:d0:25:d2:27:cc:17:26:1e:34:9f:15:6e:bf:
21:29:69:8c:0e:fe:3e:ca:f2:a5:87:a3:4a:e9:b0:68:5a:88:
04:12:f3:b8:64:53:ce:b2:bf:de:52:a6:30:aa:e2:31:3a:fc:
20:1d:9f:a8:d4:07:77:7c:16:9e:73:2e:91:76:95:46:2f:5c:
04:1b:2e:69:10:68:73:b4:0f:69:f4:5f:5e:eb:c8:b3:12:f2:
01:9e:3d:f5:13:e2:a1:4f:0e:d0:68:af:1a:ed:32:51:0e:60:
d8:08:ae:d1:71:3e:81:ff:36:32:5c:93:71:c9:1a:f5:24:c6:
4d:b7:83:92:d4:4f:41:63:06:d9:6f:c9:63:41:14:8e:6d:97:
d2:eb:58:c0:36:57:a0:23:bd:e7:f7:4c:0c:17:d4:8c:9f:a7:
7d:a6:57:47:a8:70:06:0c:ef:6d:39:2d:cb:ab:c6:84:a9:2d:
14:1c:cc:67:40:b1:d4:93:87:a1:30:1d:27:08:d1:e1:bf:67:
9a:c3:fb:08:e8:d1:2f:d5:ff:29:4b:f0:7a:97:01:72:32:6a:
9c:f3:d5:14:77:ee:79:63:57:5c:a2:fc:88:f7:9c:d7:ab:cd:
64:49:52:bf
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY4zQzCrqJpbFK8DqrISIQBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMzEyMTUyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FjM2Y4NDYyZTY3NDYzZjdkMDU0NjIxNDg2MDk2MjA1MWNkODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBB3Q+pQbly9/+8ldhmRSoypMPd
0XuA5rVJDuR0GQaIKyyCHVSRh3igFGSi2KgNCCgiJXBmSbU+Af2tJuv/MHlqzrAb
fLnCu7IAKRtP0nKIndnstM2HrEi73k/Cg3aTl/ZpIMW2PVy0CLQ5NNnL58KS0JSA
p2ADeqvkLWDLQqA1fUkdiUVNW06jaDjW7ULM8rimkDs+zDJSnD0QtaXULN5XkVQ8
krVe/yODhKxzWuUupBmuka7H5dvdCtI0N7G+HIpnJO+HAiSyTRbAK7skY9o1pQ91
qVxJHbdgcJG/U83StqMoibGVFOeqm502cY5XGnHJLJcIx0W2v/1/E/5RJQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCOsP4Ri5nRj99BUYhSGCWIFHNhwMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvSTZ3X2hHTG1kR1AzMEZSaUZJWUpZZ1VjMkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgbdwAMF
AyoLgEADBQMqDGmAAwUAKgz2QjANBgkqhkiG9w0BAQsFAAOCAQEAM7J8HI/ovh6K
oAr6dmFkiunZT0xzVKjQJdInzBcmHjSfFW6/ISlpjA7+PsrypYejSumwaFqIBBLz
uGRTzrK/3lKmMKriMTr8IB2fqNQHd3wWnnMukXaVRi9cBBsuaRBoc7QPafRfXuvI
sxLyAZ499RPioU8O0GivGu0yUQ5g2Aiu0XE+gf82MlyTccka9STGTbeDktRPQWMG
2W/JY0EUjm2X0utYwDZXoCO95/dMDBfUjJ+nfaZXR6hwBgzvbTkty6vGhKktFBzM
Z0Cx1JOHoTAdJwjR4b9nmsP7COjRL9X/KUvwepcBcjJqnPPVFHfueWNXXKL8iPec
16vNZElSvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org