Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/vPVw6UBuOxux1rkyPnaBEecBeZw.roa
File: vPVw6UBuOxux1rkyPnaBEecBeZw.roa (raw, json)
Hash identifier: xGbhLiGog3PtnOqvMzxlJaw6KmBoLM8844iJ45JlVYQ=
Subject key identifier: BC:F5:70:E9:40:6E:3B:1B:B1:D6:B9:32:3E:76:81:11:E7:01:79:9C
Certificate issuer: /CN=3753dbc5829ec500b33426a188d0399395b806aa
Certificate serial: 01904E6EACDE3AFE93FB6365F552B318DF52
Authority key identifier: 37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/vPVw6UBuOxux1rkyPnaBEecBeZw.roa
Signing time: Tue 25 Jun 2024 08:06:34 +0000
ROA not before: Tue 25 Jun 2024 08:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21277
IP address blocks: 2a03:47c0::/29 maxlen: 29
2a03:47c0::/32 maxlen: 32
2a03:47c0:1080::/48 maxlen: 48
2a03:47c0:20c0::/48 maxlen: 48
2a03:47c0:2180::/48 maxlen: 48
2a03:47c0:2280::/48 maxlen: 48
2a03:47c0:2480::/48 maxlen: 48
2a03:47c1::/32 maxlen: 32
2a03:47c2::/32 maxlen: 32
2a03:47c3::/32 maxlen: 32
2a03:47c4::/32 maxlen: 32
2a03:47c5::/32 maxlen: 32
2a03:47c6::/32 maxlen: 32
2a03:47c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jun 2024 06:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:6e:ac:de:3a:fe:93:fb:63:65:f5:52:b3:18:df:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3753dbc5829ec500b33426a188d0399395b806aa
Validity
Not Before: Jun 25 08:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bcf570e9406e3b1bb1d6b9323e768111e701799c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9c:26:a0:3e:a4:07:d7:2d:81:2f:fc:7c:b4:
23:e9:35:ac:ab:67:53:44:bd:24:0e:9d:0d:2b:2a:
c4:9d:a0:76:7f:f8:60:b2:6b:9c:58:7b:de:ca:cd:
db:df:b7:92:2e:fd:24:ca:5a:39:4a:ac:0f:26:1c:
25:58:e5:88:6e:af:8d:b8:e8:40:df:29:ce:db:e1:
c6:28:d6:66:8c:1b:b3:94:f0:c4:8f:4a:8d:92:ba:
fe:12:c0:8a:08:f9:03:a7:aa:d7:e7:05:72:6b:86:
ea:b8:5a:f9:1b:d9:e3:a4:b1:12:e7:a0:03:1c:53:
ed:f2:0f:6d:40:65:93:be:f1:45:67:88:2a:01:5a:
0a:c5:5e:fc:a7:09:a3:28:9e:03:5b:d8:aa:15:77:
e5:1b:c0:00:73:f9:cb:5d:e4:22:cd:4c:19:c4:f4:
b4:64:5f:49:43:63:62:b7:cc:23:08:1f:53:3f:16:
15:ed:39:2a:21:7b:2e:8c:be:15:94:2f:80:2f:62:
f9:c3:c9:d3:8a:b8:38:1b:3a:2c:98:a7:d2:d2:2f:
e7:66:76:30:34:f7:e2:9c:87:0d:41:f8:d4:e7:00:
09:d6:e4:7c:4f:a0:75:9b:ce:b9:a6:4c:8f:43:4b:
0e:e7:bb:8b:a4:a7:fb:55:b9:cc:71:8e:c1:84:31:
57:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F5:70:E9:40:6E:3B:1B:B1:D6:B9:32:3E:76:81:11:E7:01:79:9C
X509v3 Authority Key Identifier:
keyid:37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/vPVw6UBuOxux1rkyPnaBEecBeZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:e9:98:02:09:4e:1e:1f:77:90:bc:36:8c:ca:92:7b:fe:45:
17:21:ca:77:0f:eb:de:3e:08:9b:b5:23:69:c4:e3:8a:03:1a:
47:48:ce:79:03:89:cb:bd:fa:08:fc:40:ea:76:67:0b:f0:76:
b2:32:bb:79:04:ac:00:ae:aa:63:4b:02:3b:21:41:b0:cd:e3:
d1:7f:44:ca:f5:c1:be:f1:7b:5c:1f:d6:ce:c2:31:11:41:07:
af:ff:21:5c:a4:a6:f9:1c:9c:de:00:92:37:4f:57:e4:53:10:
3f:4d:46:3a:16:59:07:8e:ff:f2:a6:a1:27:7b:69:01:1f:c6:
a2:85:71:de:27:dc:24:34:35:d9:cf:9d:3f:fe:ad:bd:1b:c2:
40:0e:65:d3:0a:13:41:7a:8e:c9:79:e4:3b:35:0c:bf:10:9a:
b4:26:ed:98:8a:de:bf:79:88:1c:54:b7:3b:18:d5:78:dd:5c:
b9:11:28:f5:76:b2:e0:59:c8:f1:e5:85:b9:0a:fe:8e:bd:6f:
d6:0f:46:58:7b:0b:aa:4d:cb:23:ad:bb:eb:81:a0:51:42:bd:
98:15:79:a2:fc:1e:ba:c6:da:e5:38:3c:9f:42:78:f4:fe:bf:
18:d0:da:63:6b:31:c8:53:fa:6d:fd:5b:24:08:1f:13:a1:b9:
e1:45:4a:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBObqzeOv6T+2Nl9VKzGN9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTNkYmM1ODI5ZWM1MDBiMzM0MjZhMTg4ZDAzOTkzOTVi
ODA2YWEwHhcNMjQwNjI1MDgwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y1NzBlOTQwNmUzYjFiYjFkNmI5MzIzZTc2ODExMWU3MDE3OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5wmoD6kB9ctgS/8fLQj6TWsq2dT
RL0kDp0NKyrEnaB2f/hgsmucWHveys3b37eSLv0kylo5SqwPJhwlWOWIbq+NuOhA
3ynO2+HGKNZmjBuzlPDEj0qNkrr+EsCKCPkDp6rX5wVya4bquFr5G9njpLES56AD
HFPt8g9tQGWTvvFFZ4gqAVoKxV78pwmjKJ4DW9iqFXflG8AAc/nLXeQizUwZxPS0
ZF9JQ2Nit8wjCB9TPxYV7TkqIXsujL4VlC+AL2L5w8nTirg4GzosmKfS0i/nZnYw
NPfinIcNQfjU5wAJ1uR8T6B1m865pkyPQ0sO57uLpKf7VbnMcY7BhDFXYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLz1cOlAbjsbsda5Mj52gRHnAXmcMB8GA1UdIwQY
MBaAFDdT28WCnsUAszQmoYjQOZOVuAaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMt
MDM3OTkzMGY4Mjg2LzEvdlBWdzZVQnVPeHV4MXJreVBuYUJFZWNCZVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMtMDM3OTkzMGY4Mjg2
LzEvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgNHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAo+mYAglOHh93kLw2jMqSe/5FFyHKdw/r3j4Im7Uj
acTjigMaR0jOeQOJy736CPxA6nZnC/B2sjK7eQSsAK6qY0sCOyFBsM3j0X9EyvXB
vvF7XB/WzsIxEUEHr/8hXKSm+Ryc3gCSN09X5FMQP01GOhZZB47/8qahJ3tpAR/G
ooVx3ifcJDQ12c+dP/6tvRvCQA5l0woTQXqOyXnkOzUMvxCatCbtmIrev3mIHFS3
OxjVeN1cuREo9Xay4FnI8eWFuQr+jr1v1g9GWHsLqk3LI62764GgUUK9mBV5ovwe
usba5Tg8n0J49P6/GNDaY2sxyFP6bf1bJAgfE6G54UVKpg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:21:01 2024 by rpki-client on console-ams.rpki-client.org