Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/1QyayapfulyOlbStomBNLdXsoE8.roa
File: 1QyayapfulyOlbStomBNLdXsoE8.roa (raw, json)
Hash identifier: mmwvp/ZReAxtpwyg/KCbPdDcSRIKjM0MV188hMAhSfk=
Subject key identifier: D5:0C:9A:C9:AA:5F:BA:5C:8E:95:B4:AD:A2:60:4D:2D:D5:EC:A0:4F
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 018F8D896C6FDA72D2DF86F361EAC54520E5
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/1QyayapfulyOlbStomBNLdXsoE8.roa
Signing time: Sat 18 May 2024 21:09:04 +0000
ROA not before: Sat 18 May 2024 21:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:a300::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Aug 2024 12:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8d:89:6c:6f:da:72:d2:df:86:f3:61:ea:c5:45:20:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: May 18 21:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d50c9ac9aa5fba5c8e95b4ada2604d2dd5eca04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:db:f4:55:04:d2:53:7b:0f:8c:94:47:f9:1b:
68:72:10:5f:27:65:48:42:2e:f7:66:24:63:71:94:
20:9e:b3:f8:b5:9a:22:23:f6:12:fa:21:20:db:27:
f5:93:92:04:3b:cf:fa:7e:c4:d9:c7:41:42:ed:a8:
41:f2:76:30:56:d7:04:6d:66:7b:6d:26:87:ef:df:
37:b2:21:e5:69:87:14:bf:af:b0:7a:8f:e5:d6:b0:
96:21:47:d8:c7:22:2a:78:73:43:11:61:44:a2:d4:
89:14:08:4b:93:bc:f0:b9:9a:5d:e5:08:01:e6:82:
0e:82:ae:eb:af:ac:8d:bf:58:69:2c:5f:e8:f9:41:
b7:63:fb:fa:44:30:a2:f3:fb:44:5c:3d:50:b3:0d:
70:b7:a4:f0:f2:89:57:68:9b:b8:6e:72:2f:9a:94:
9e:88:5d:73:70:0b:55:f9:c0:6a:b2:4a:66:cb:7f:
0d:b3:9a:a1:25:5c:36:19:6d:d2:9d:0e:06:de:37:
e2:6a:c0:3c:a6:5e:21:08:03:d8:9f:85:2a:6e:44:
74:63:82:c0:e7:e5:af:03:75:4f:0b:25:b7:af:a0:
47:5a:0a:93:10:d2:0e:99:17:20:8e:00:91:6f:50:
42:c8:b8:fb:ad:d2:d5:0f:7b:c2:77:5e:81:ab:c2:
d5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:0C:9A:C9:AA:5F:BA:5C:8E:95:B4:AD:A2:60:4D:2D:D5:EC:A0:4F
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/1QyayapfulyOlbStomBNLdXsoE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a300::/29
Signature Algorithm: sha256WithRSAEncryption
5d:bc:3d:29:cc:e4:04:31:71:17:7f:00:ff:da:21:b0:6f:7a:
7a:46:24:de:e5:da:a8:c3:c3:fa:86:72:3c:3a:d3:81:06:e9:
86:fc:bf:06:23:b0:1b:ea:c5:49:25:3e:cc:60:7a:e5:0b:4a:
67:e9:70:02:0a:b3:7f:55:b7:85:7f:0e:7f:fc:f7:02:6f:81:
7a:99:74:9d:19:7a:4e:3f:be:5c:93:0e:f8:d7:eb:ad:7d:3f:
c0:c9:a2:ce:08:db:f4:2b:6f:4d:40:b7:b6:75:4c:7a:66:98:
77:f7:89:40:93:8e:d0:ad:0f:a1:b7:fa:c0:77:1c:7b:e4:0f:
f5:9b:0c:67:94:fe:e1:78:71:cc:1f:b5:eb:66:15:6f:72:78:
40:5d:35:71:d8:40:e7:10:20:57:0e:85:58:61:a8:36:b1:f5:
43:b1:56:72:6c:72:74:38:d6:4f:00:a7:93:a6:43:08:ac:f0:
b2:c1:31:20:ae:93:ab:47:1a:95:a9:2b:5d:9c:94:60:50:b8:
3f:6d:a1:ba:69:f1:ee:44:5a:89:0b:fe:ed:4d:d8:04:3d:b5:
41:f2:28:ae:10:46:fd:47:42:95:82:fa:92:c3:dd:ec:04:bb:
43:fb:dc:4a:0e:c6:5b:84:75:e0:3b:29:06:1e:f6:3c:c2:ba:
20:64:9c:5c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+NiWxv2nLS34bzYerFRSDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjQwNTE4MjEwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTBjOWFjOWFhNWZiYTVjOGU5NWI0YWRhMjYwNGQyZGQ1ZWNhMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9v0VQTSU3sPjJRH+RtochBfJ2VI
Qi73ZiRjcZQgnrP4tZoiI/YS+iEg2yf1k5IEO8/6fsTZx0FC7ahB8nYwVtcEbWZ7
bSaH7983siHlaYcUv6+weo/l1rCWIUfYxyIqeHNDEWFEotSJFAhLk7zwuZpd5QgB
5oIOgq7rr6yNv1hpLF/o+UG3Y/v6RDCi8/tEXD1Qsw1wt6Tw8olXaJu4bnIvmpSe
iF1zcAtV+cBqskpmy38Ns5qhJVw2GW3SnQ4G3jfiasA8pl4hCAPYn4UqbkR0Y4LA
5+WvA3VPCyW3r6BHWgqTENIOmRcgjgCRb1BCyLj7rdLVD3vCd16Bq8LVYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNUMmsmqX7pcjpW0raJgTS3V7KBPMB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvMVF5YXlhcGZ1bHlPbGJTdG9tQk5MZFhzb0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+jADAN
BgkqhkiG9w0BAQsFAAOCAQEAXbw9KczkBDFxF38A/9ohsG96ekYk3uXaqMPD+oZy
PDrTgQbphvy/BiOwG+rFSSU+zGB65QtKZ+lwAgqzf1W3hX8Of/z3Am+Bepl0nRl6
Tj++XJMO+NfrrX0/wMmizgjb9CtvTUC3tnVMemaYd/eJQJOO0K0Pobf6wHcce+QP
9ZsMZ5T+4XhxzB+162YVb3J4QF01cdhA5xAgVw6FWGGoNrH1Q7FWcmxydDjWTwCn
k6ZDCKzwssExIK6Tq0calakrXZyUYFC4P22humnx7kRaiQv+7U3YBD21QfIorhBG
/UdClYL6ksPd7AS7Q/vcSg7GW4R14DspBh72PMK6IGScXA==
-----END CERTIFICATE-----
Generated at Mon Aug 12 14:38:24 2024 by rpki-client on console-ams.rpki-client.org