Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/909H6zdPkO8IwyM_9IXG0q5dZGA.roa
File: 909H6zdPkO8IwyM_9IXG0q5dZGA.roa (raw, json)
Hash identifier: 3ZXsr6mPReG3fXpJ0oXASy+StRivQILz5aCaSQZdXNw=
Subject key identifier: F7:4F:47:EB:37:4F:90:EF:08:C3:23:3F:F4:85:C6:D2:AE:5D:64:60
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 01857246C730BDC7C210DD9B38BED1731DD7
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/909H6zdPkO8IwyM_9IXG0q5dZGA.roa
Signing time: Mon 02 Jan 2023 11:38:39 +0000
ROA not before: Mon 02 Jan 2023 11:38:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209419
IP address blocks: 2a0d:2d41::/32 maxlen: 48
2a0e:c6c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:c7:30:bd:c7:c2:10:dd:9b:38:be:d1:73:1d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 2 11:38:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f74f47eb374f90ef08c3233ff485c6d2ae5d6460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:5c:70:1d:d0:f2:a6:3a:4b:a6:a0:0f:41:
a1:20:c3:f9:2c:49:12:60:86:66:ce:3c:5f:47:af:
20:49:fc:9b:bd:c0:61:b6:63:e3:7a:8c:39:64:f2:
a5:45:ff:b6:e6:1f:ac:8a:0d:00:ef:46:46:e3:81:
01:c1:28:ce:47:95:21:fd:9c:86:f7:92:76:01:c8:
56:d0:53:c7:21:11:ed:c3:f3:eb:d6:86:e4:d9:ff:
12:5a:d3:cb:49:7e:2e:6a:a6:6a:5d:3c:5e:a8:6d:
b0:da:73:be:be:31:15:75:2f:79:f9:c2:a1:50:55:
e9:43:53:2c:99:64:b2:47:e5:ca:d1:65:97:c0:21:
3d:21:80:46:9b:dc:f0:f7:ad:78:e4:1e:fd:8d:68:
18:5a:f8:57:c3:dc:13:a4:db:42:c5:45:dd:2c:ae:
10:d5:f8:e7:d5:b2:a5:c3:ae:f5:d1:07:9e:bc:bb:
92:72:0e:47:3c:64:f4:e6:db:6a:e6:06:74:45:69:
ed:80:0d:2e:4b:3d:e1:00:41:4c:c2:0a:54:0c:05:
3b:76:59:1a:b9:bd:cc:f5:25:ed:a6:01:4f:9f:ad:
74:31:37:7c:2e:b4:2f:89:f7:bd:ca:78:db:a6:a0:
25:21:09:d0:84:2f:6c:ff:d4:fa:04:da:69:b6:9f:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4F:47:EB:37:4F:90:EF:08:C3:23:3F:F4:85:C6:D2:AE:5D:64:60
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/909H6zdPkO8IwyM_9IXG0q5dZGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2d41::/32
2a0e:c6c1::/32
Signature Algorithm: sha256WithRSAEncryption
3d:04:72:25:37:3d:b0:a1:b7:db:f7:5d:24:3c:c6:75:fb:28:
29:58:82:41:94:74:1b:2b:a1:c1:6c:d3:8d:d9:20:57:f1:6a:
c1:3a:c1:4c:4f:64:4d:c6:a4:eb:34:e7:a6:9d:cb:49:84:ed:
a3:b9:46:e2:42:c4:a5:3a:9f:93:81:02:55:28:99:05:ba:61:
1e:44:0d:61:8f:bf:8e:e2:d0:cd:64:84:0f:97:1b:1b:a3:4e:
81:67:b6:60:d4:2d:ab:c6:54:c6:65:a2:40:11:0d:e4:f5:ee:
92:d0:c4:e0:af:07:4f:f2:63:bd:ae:4b:d2:70:f9:cf:56:7d:
15:b3:18:74:70:5c:b7:97:21:b7:a2:b5:64:cc:1d:dc:9b:dc:
e0:eb:3e:b2:5b:1a:02:79:5e:ac:61:fc:59:fa:5f:f1:bd:d7:
60:99:00:5d:88:30:7d:fe:94:48:3f:36:5b:d5:fb:e8:c0:12:
33:c6:39:05:15:e8:70:d5:19:6f:cd:ef:67:06:f4:8b:32:3f:
ec:a2:fb:8d:c1:f9:84:fa:f8:82:f7:70:5d:9f:f7:1c:b7:c4:
2b:ce:97:f1:c3:de:30:de:64:ac:bb:ef:d3:ff:a0:40:b1:bd:
1f:ee:23:e6:31:cb:9e:92:af:bc:74:13:fb:9d:f5:76:d4:db:
0a:75:41:cc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyRscwvcfCEN2bOL7Rcx3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjMwMTAyMTEzODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRmNDdlYjM3NGY5MGVmMDhjMzIzM2ZmNDg1YzZkMmFlNWQ2NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvdccB3Q8qY6S6agD0GhIMP5LEkS
YIZmzjxfR68gSfybvcBhtmPjeow5ZPKlRf+25h+sig0A70ZG44EBwSjOR5Uh/ZyG
95J2AchW0FPHIRHtw/Pr1obk2f8SWtPLSX4uaqZqXTxeqG2w2nO+vjEVdS95+cKh
UFXpQ1MsmWSyR+XK0WWXwCE9IYBGm9zw96145B79jWgYWvhXw9wTpNtCxUXdLK4Q
1fjn1bKlw6710QeevLuScg5HPGT05ttq5gZ0RWntgA0uSz3hAEFMwgpUDAU7dlka
ub3M9SXtpgFPn610MTd8LrQvife9ynjbpqAlIQnQhC9s/9T6BNpptp8pvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPdPR+s3T5DvCMMjP/SFxtKuXWRgMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvOTA5SDZ6ZFBrTzhJd3lNXzlJWEcwcTVkWkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg0tQQMF
ACoOxsEwDQYJKoZIhvcNAQELBQADggEBAD0EciU3PbCht9v3XSQ8xnX7KClYgkGU
dBsrocFs043ZIFfxasE6wUxPZE3GpOs056ady0mE7aO5RuJCxKU6n5OBAlUomQW6
YR5EDWGPv47i0M1khA+XGxujToFntmDULavGVMZlokARDeT17pLQxOCvB0/yY72u
S9Jw+c9WfRWzGHRwXLeXIbeitWTMHdyb3ODrPrJbGgJ5Xqxh/Fn6X/G912CZAF2I
MH3+lEg/NlvV++jAEjPGOQUV6HDVGW/N72cG9IsyP+yi+43B+YT6+IL3cF2f9xy3
xCvOl/HD3jDeZKy779P/oECxvR/uI+Yxy56Sr7x0E/ud9XbU2wp1Qcw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:00 2024 by rpki-client on console-fra.rpki-client.org