Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/DWQ6LBu8zdFV_wLmqPx87shvads.roa
File: DWQ6LBu8zdFV_wLmqPx87shvads.roa (raw, json)
Hash identifier: p+Pp7+SEMmfElt8VHoY7r2JppU1+FNkb0BxxpuFTqqQ=
Subject key identifier: 0D:64:3A:2C:1B:BC:CD:D1:55:FF:02:E6:A8:FC:7C:EE:C8:6F:69:DB
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018899088397992372E5C2703793436739E3
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/DWQ6LBu8zdFV_wLmqPx87shvads.roa
Signing time: Thu 08 Jun 2023 03:24:12 +0000
ROA not before: Thu 08 Jun 2023 03:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 2a13:3884::/30 maxlen: 30
2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a13:3880::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:08:83:97:99:23:72:e5:c2:70:37:93:43:67:39:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 8 03:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d643a2c1bbccdd155ff02e6a8fc7ceec86f69db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:33:45:7d:d4:00:55:7e:6c:5f:32:ff:d9:
00:da:e9:54:40:f6:60:07:79:20:04:94:37:1a:dd:
3a:61:c6:6e:7c:de:31:5d:d0:52:ba:ef:34:c5:cf:
0e:59:06:24:db:a3:61:55:f5:04:9e:19:97:96:46:
61:ea:a0:51:29:9d:3a:78:a1:92:ee:f6:8a:59:35:
67:88:e1:47:d2:1c:46:2b:f6:9c:50:0a:77:40:9f:
37:3a:9c:ab:99:a6:2e:35:0c:44:26:4e:b7:b9:17:
c2:4c:42:c0:60:14:88:46:55:c6:29:2b:1f:cd:1e:
3b:a1:c1:9d:53:3d:54:9d:0e:7f:6f:73:9f:0a:28:
ec:78:c5:29:6b:23:c4:94:4d:5d:80:f0:04:3e:70:
1f:39:8c:1e:1a:dc:1a:3e:2f:32:2a:45:7d:e4:da:
7b:c4:54:1d:59:4d:ca:0d:e8:e7:e4:e7:a7:6c:7f:
42:9e:5b:59:79:1b:3a:e7:8f:9a:74:cb:7d:83:74:
d2:dd:dc:fc:a3:30:d2:8c:a0:d3:66:8e:f2:8d:b1:
84:48:cc:ea:a7:53:b9:c7:e0:cf:18:11:f9:14:24:
4b:1a:b0:d7:ff:99:ca:0a:03:48:1c:db:f7:e1:4c:
47:27:e8:89:77:39:f9:57:cc:d1:62:5f:b7:91:b1:
0d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:64:3A:2C:1B:BC:CD:D1:55:FF:02:E6:A8:FC:7C:EE:C8:6F:69:DB
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/DWQ6LBu8zdFV_wLmqPx87shvads.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a13:3880::/29
Signature Algorithm: sha256WithRSAEncryption
80:cb:19:da:4a:f1:2e:4a:52:2f:b5:3b:84:09:5d:79:22:b8:
e3:c2:23:2b:ed:ae:86:40:9d:dc:84:61:91:82:38:1c:07:ad:
f7:7c:ed:f0:07:0b:b8:a2:b7:4f:67:89:23:e8:95:29:84:09:
fe:5f:5e:94:c2:05:67:ce:66:87:c7:77:dd:70:68:60:1a:e6:
5c:6c:aa:3d:87:a6:de:79:e4:c2:e2:4e:30:8c:c3:80:6e:9a:
ce:11:0c:01:04:d1:1b:b7:7d:28:3e:93:55:bd:cb:35:cf:0a:
e6:07:5b:ff:51:a5:b5:66:02:9f:02:df:84:db:3b:e2:f9:4a:
9f:d9:07:18:be:2d:e2:c9:b7:75:5d:b8:24:b3:34:24:c8:5f:
75:9a:e7:d3:ec:10:3f:1a:bb:71:e0:7e:33:98:9f:73:5b:d8:
c3:44:50:d3:80:59:9a:aa:e0:83:b7:c8:83:1c:14:b0:31:fb:
e1:6e:63:be:40:f0:85:40:55:d3:e1:e7:2d:99:49:dc:38:79:
f6:6c:9d:c3:84:03:d8:d5:8e:1c:24:60:23:bc:0e:f8:7f:e8:
7c:d6:22:26:b3:b9:c8:fe:dd:a4:56:ff:e5:ca:7d:9d:c9:40:
ad:19:f0:f3:38:41:dc:29:ee:b3:d5:e4:cb:81:0d:a8:7d:78:
73:a5:60:de
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYiZCIOXmSNy5cJwN5NDZznjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwNjA4MDMyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY0M2EyYzFiYmNjZGQxNTVmZjAyZTZhOGZjN2NlZWM4NmY2OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/UzRX3UAFV+bF8y/9kA2ulUQPZg
B3kgBJQ3Gt06YcZufN4xXdBSuu80xc8OWQYk26NhVfUEnhmXlkZh6qBRKZ06eKGS
7vaKWTVniOFH0hxGK/acUAp3QJ83OpyrmaYuNQxEJk63uRfCTELAYBSIRlXGKSsf
zR47ocGdUz1UnQ5/b3OfCijseMUpayPElE1dgPAEPnAfOYweGtwaPi8yKkV95Np7
xFQdWU3KDejn5OenbH9CnltZeRs654+adMt9g3TS3dz8ozDSjKDTZo7yjbGESMzq
p1O5x+DPGBH5FCRLGrDX/5nKCgNIHNv34UxHJ+iJdzn5V8zRYl+3kbENZQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA1kOiwbvM3RVf8C5qj8fO7Ib2nbMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRFdRNkxCdTh6ZEZWX3dMbXFQeDg3c2h2YWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhFXgAMF
AyoTOIAwDQYJKoZIhvcNAQELBQADggEBAIDLGdpK8S5KUi+1O4QJXXkiuOPCIyvt
roZAndyEYZGCOBwHrfd87fAHC7iit09niSPolSmECf5fXpTCBWfOZofHd91waGAa
5lxsqj2Hpt555MLiTjCMw4Bums4RDAEE0Ru3fSg+k1W9yzXPCuYHW/9RpbVmAp8C
34TbO+L5Sp/ZBxi+LeLJt3VduCSzNCTIX3Wa59PsED8au3HgfjOYn3Nb2MNEUNOA
WZqq4IO3yIMcFLAx++FuY75A8IVAVdPh5y2ZSdw4efZsncOEA9jVjhwkYCO8Dvh/
6HzWIiazucj+3aRW/+XKfZ3JQK0Z8PM4Qdwp7rPV5MuBDah9eHOlYN4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org