Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/25bqvKkjbTXJtlklyDx_9xm8FYU.roa
File: 25bqvKkjbTXJtlklyDx_9xm8FYU.roa (raw, json)
Hash identifier: P8Jk6VEMPCXjuSpDWgTfxsdOzV6vXEg+QCWNjo8Luxw=
Subject key identifier: DB:96:EA:BC:A9:23:6D:35:C9:B6:59:25:C8:3C:7F:F7:19:BC:15:85
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CB3E685550C338D93A39F3F7B416AD27E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/25bqvKkjbTXJtlklyDx_9xm8FYU.roa
Signing time: Fri 29 Dec 2023 04:47:58 +0000
ROA not before: Fri 29 Dec 2023 04:47:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3175
IP address blocks: 2a13:3c80::/29 maxlen: 29
2a11:4b42::/32 maxlen: 32
2a11:4b41::/32 maxlen: 32
2a0e:c380::/29 maxlen: 29
2a11:4b43::/32 maxlen: 32
2a0e:d00::/29 maxlen: 29
2a04:a5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b3:e6:85:55:0c:33:8d:93:a3:9f:3f:7b:41:6a:d2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 29 04:47:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db96eabca9236d35c9b65925c83c7ff719bc1585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:36:af:13:f1:e5:1d:e9:54:6b:9f:26:ec:81:
66:27:87:b4:53:1a:d3:fb:16:2b:33:a6:52:4f:56:
77:84:13:78:14:6a:0b:d9:19:54:0f:7c:49:d1:eb:
87:38:35:e7:2e:a7:af:03:ee:e7:75:8e:5f:fc:c8:
55:c5:b4:98:fa:02:0b:59:01:2f:57:e3:37:f7:fb:
a3:19:2e:cb:ef:46:d1:2f:b0:4a:0c:71:a3:26:93:
84:3b:b0:15:2c:d1:ec:82:8e:71:b9:df:ac:36:b2:
c3:cd:47:85:9d:8e:1b:a5:20:72:51:e0:0c:ac:87:
54:75:d8:78:f6:76:a3:a1:7a:6b:98:49:8b:7b:5f:
29:e3:a1:88:53:3a:98:32:83:16:c3:13:a8:98:5e:
18:ec:5b:f4:ea:3b:88:8d:55:31:89:e2:43:d7:57:
e4:cc:a1:6f:49:df:07:2c:d2:6e:b7:3b:47:d9:ab:
df:a7:66:bc:88:cd:d4:e2:e9:66:75:02:8c:c1:0e:
c3:f1:f0:41:08:ae:2e:45:45:59:ab:b2:d5:08:8f:
67:c8:5f:13:52:eb:ad:bd:20:a5:b4:9b:f6:40:35:
3c:43:49:c9:8e:18:ee:38:00:5a:8f:40:8c:fd:a4:
f5:c9:56:36:fd:13:64:f6:57:17:52:5b:bc:16:66:
79:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:96:EA:BC:A9:23:6D:35:C9:B6:59:25:C8:3C:7F:F7:19:BC:15:85
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/25bqvKkjbTXJtlklyDx_9xm8FYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:c380::/29
2a11:4b41::-2a11:4b43:ffff:ffff:ffff:ffff:ffff:ffff
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
6e:a6:89:6f:f5:13:64:d8:09:6f:1e:a3:ff:60:bd:b1:5f:ba:
bb:15:d8:fd:67:20:26:37:8c:8c:6c:a8:ac:31:25:b0:5e:ea:
48:29:ea:3c:a1:4b:16:14:45:aa:55:4b:71:f0:8e:fd:bc:07:
ad:82:a4:47:d1:b5:0c:f5:6e:67:3c:bb:77:7a:a6:2b:7a:f4:
8b:12:02:93:a3:8c:75:6b:d1:62:b1:af:29:3d:f6:b4:a2:2f:
27:d8:94:0d:b4:88:d3:0a:a4:b4:63:33:52:23:e5:02:b2:13:
86:8a:5c:02:5c:00:7b:1c:c7:2a:86:d7:0e:62:98:12:3e:c7:
73:e7:ee:4e:42:e7:65:26:88:b8:82:3e:cf:f1:80:f4:c7:13:
fc:0c:2a:d4:2f:89:6a:1c:6d:0a:a9:57:80:ef:74:01:8f:f9:
d5:a7:37:e7:1b:6d:b8:0d:c1:c3:21:c2:8a:f8:70:d3:69:6a:
9c:ea:c1:03:2c:d7:a0:1a:07:8e:99:c1:36:23:7a:4a:21:37:
47:3d:c1:1b:b3:81:c9:61:5b:65:7b:b7:92:d6:cc:94:0d:4c:
aa:cb:80:8d:24:93:ac:8d:ec:59:aa:bd:03:d1:11:b5:86:50:
2f:d6:6f:eb:6a:d1:2c:b2:38:7e:9a:86:0b:e1:5d:a4:a8:62:
e2:73:0f:4c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYyz5oVVDDONk6OfP3tBatJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMjI5MDQ0NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk2ZWFiY2E5MjM2ZDM1YzliNjU5MjVjODNjN2ZmNzE5YmMxNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjavE/HlHelUa58m7IFmJ4e0UxrT
+xYrM6ZST1Z3hBN4FGoL2RlUD3xJ0euHODXnLqevA+7ndY5f/MhVxbSY+gILWQEv
V+M39/ujGS7L70bRL7BKDHGjJpOEO7AVLNHsgo5xud+sNrLDzUeFnY4bpSByUeAM
rIdUddh49najoXprmEmLe18p46GIUzqYMoMWwxOomF4Y7Fv06juIjVUxieJD11fk
zKFvSd8HLNJutztH2avfp2a8iM3U4ulmdQKMwQ7D8fBBCK4uRUVZq7LVCI9nyF8T
UuutvSCltJv2QDU8Q0nJjhjuOABaj0CM/aT1yVY2/RNk9lcXUlu8FmZ5jwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNuW6rypI201ybZZJcg8f/cZvBWFMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMjVicXZLa2piVFhKdGxrbHlEeF85eG04RllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUDKgSlwAMF
AyoODQADBQMqDsOAMA4DBQAqEUtBAwUCKhFLQAMFAyoTPIAwDQYJKoZIhvcNAQEL
BQADggEBAG6miW/1E2TYCW8eo/9gvbFfursV2P1nICY3jIxsqKwxJbBe6kgp6jyh
SxYURapVS3Hwjv28B62CpEfRtQz1bmc8u3d6pit69IsSApOjjHVr0WKxryk99rSi
LyfYlA20iNMKpLRjM1Ij5QKyE4aKXAJcAHscxyqG1w5imBI+x3Pn7k5C52UmiLiC
Ps/xgPTHE/wMKtQviWocbQqpV4DvdAGP+dWnN+cbbbgNwcMhwor4cNNpapzqwQMs
16AaB46ZwTYjekohN0c9wRuzgclhW2V7t5LWzJQNTKrLgI0kk6yN7FmqvQPREbWG
UC/Wb+tq0SyyOH6ahgvhXaSoYuJzD0w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org