Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/20GKvweUHLKzdhBkVcGpoAPX-HI.roa
File: 20GKvweUHLKzdhBkVcGpoAPX-HI.roa (raw, json)
Hash identifier: Vb5x8ZLhIHzQFeFmchIMmtRG7WQh303BnOh4LZJLVW8=
Subject key identifier: DB:41:8A:BF:07:94:1C:B2:B3:76:10:64:55:C1:A9:A0:03:D7:F8:72
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018DAF3D39FB25091A8A59FD958A7501474B
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/20GKvweUHLKzdhBkVcGpoAPX-HI.roa
Signing time: Fri 16 Feb 2024 00:07:21 +0000
ROA not before: Fri 16 Feb 2024 00:07:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a0a:da40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 21:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:3d:39:fb:25:09:1a:8a:59:fd:95:8a:75:01:47:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Feb 16 00:07:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db418abf07941cb2b376106455c1a9a003d7f872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:61:0b:ae:1c:74:60:bd:32:c4:61:fe:2c:72:
94:2c:a6:df:10:ae:70:c3:b8:48:cd:d7:83:36:af:
a2:51:cb:33:2f:38:6f:3a:55:72:07:25:13:25:67:
ed:bb:e5:50:10:e8:59:86:55:6f:be:d5:a7:49:c7:
bb:99:98:ae:04:2e:f3:44:3b:93:84:9b:5b:b2:7a:
b6:70:ed:20:5f:35:a6:fc:bb:44:f6:96:eb:23:2e:
61:14:34:07:f3:86:45:a7:bc:d9:f9:5e:16:eb:6b:
31:0a:6e:5b:f2:b1:4f:ec:3f:8f:e0:d7:19:6f:50:
d3:7c:c5:49:fe:39:82:97:11:be:4c:62:cc:07:e1:
3a:9f:8c:6b:f0:f4:ad:0d:6c:6c:a3:14:da:3c:7c:
27:8c:2a:aa:24:70:0a:cc:71:9c:07:85:69:26:b3:
38:88:34:d9:cb:70:d1:e9:c6:1e:f5:26:2c:df:ce:
be:5d:dc:c8:2d:9a:00:84:9b:69:b6:db:d8:1b:4f:
12:5a:78:b4:80:92:03:68:3b:cb:54:16:e7:ef:0d:
1f:2e:de:18:e0:05:17:2d:2f:8a:e6:6f:97:85:d6:
7f:43:38:27:67:b8:52:9f:bc:0e:52:b3:d1:0e:b9:
17:2c:c2:17:26:47:69:d6:cd:ab:d8:d7:83:be:a8:
59:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:41:8A:BF:07:94:1C:B2:B3:76:10:64:55:C1:A9:A0:03:D7:F8:72
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/20GKvweUHLKzdhBkVcGpoAPX-HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:da40::/29
Signature Algorithm: sha256WithRSAEncryption
19:c3:2a:a1:33:f1:40:4f:82:a4:00:b1:ca:d8:1f:78:6c:3a:
ff:95:fd:51:96:17:bb:11:93:82:b2:7d:66:86:74:55:81:5c:
9d:da:3f:6d:d5:bb:2e:36:dc:64:a2:14:73:3c:d3:96:56:11:
ff:f0:79:08:82:e1:61:fe:f3:e7:2e:70:1e:a2:91:7b:c3:6b:
71:df:b9:08:55:b4:cc:6a:23:1d:85:83:a5:d0:85:5d:52:78:
e9:2c:34:25:57:77:99:1e:c8:69:5a:f1:c7:ea:f9:97:4f:7b:
8f:bc:50:c5:58:d7:7c:4f:a8:09:d4:b1:5c:97:c0:a5:8a:8c:
48:98:b9:99:5d:c0:81:c0:c3:ba:8e:2f:30:91:96:cb:bb:2d:
45:b9:48:23:80:a2:73:87:2b:a6:e8:97:90:e9:52:a5:03:82:
11:ad:3d:17:18:5c:c7:8e:30:21:f0:cd:40:7e:75:bd:4c:d8:
03:b4:60:e2:68:c8:45:e2:44:88:f7:9c:05:ad:05:54:91:42:
4f:40:74:f6:d4:1a:f8:b0:78:2a:b5:93:af:83:c2:35:24:a6:
52:fa:5b:79:a1:99:b1:bb:2d:82:eb:65:ac:b7:a9:62:6e:cb:
b4:c4:7c:e7:da:5e:0f:a7:83:3d:47:6a:b1:1c:cd:45:43:1b:
19:97:79:7c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2vPTn7JQkailn9lYp1AUdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwMjE2MDAwNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQxOGFiZjA3OTQxY2IyYjM3NjEwNjQ1NWMxYTlhMDAzZDdmODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWELrhx0YL0yxGH+LHKULKbfEK5w
w7hIzdeDNq+iUcszLzhvOlVyByUTJWftu+VQEOhZhlVvvtWnSce7mZiuBC7zRDuT
hJtbsnq2cO0gXzWm/LtE9pbrIy5hFDQH84ZFp7zZ+V4W62sxCm5b8rFP7D+P4NcZ
b1DTfMVJ/jmClxG+TGLMB+E6n4xr8PStDWxsoxTaPHwnjCqqJHAKzHGcB4VpJrM4
iDTZy3DR6cYe9SYs386+XdzILZoAhJtpttvYG08SWni0gJIDaDvLVBbn7w0fLt4Y
4AUXLS+K5m+XhdZ/QzgnZ7hSn7wOUrPRDrkXLMIXJkdp1s2r2NeDvqhZEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNtBir8HlByys3YQZFXBqaAD1/hyMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvMjBHS3Z3ZVVITEt6ZGhCa1ZjR3BvQVBYLUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgraQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGcMqoTPxQE+CpACxytgfeGw6/5X9UZYXuxGTgrJ9
ZoZ0VYFcndo/bdW7LjbcZKIUczzTllYR//B5CILhYf7z5y5wHqKRe8Nrcd+5CFW0
zGojHYWDpdCFXVJ46Sw0JVd3mR7IaVrxx+r5l097j7xQxVjXfE+oCdSxXJfApYqM
SJi5mV3AgcDDuo4vMJGWy7stRblII4Cic4crpuiXkOlSpQOCEa09Fxhcx44wIfDN
QH51vUzYA7Rg4mjIReJEiPecBa0FVJFCT0B09tQa+LB4KrWTr4PCNSSmUvpbeaGZ
sbstgutlrLepYm7LtMR859peD6eDPUdqsRzNRUMbGZd5fA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org