Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/9sI5LmOoF4yWmrgaeAUbHera3FU.roa
File: 9sI5LmOoF4yWmrgaeAUbHera3FU.roa (raw, json)
Hash identifier: wXC4EeWyaoya+hzAVa6JPOFeDf66fQiOMqwaR+0Nmcs=
Subject key identifier: F6:C2:39:2E:63:A8:17:8C:96:9A:B8:1A:78:05:1B:1D:EA:DA:DC:55
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018CC3B6A93A9AF4F52DE4B79CA37BE96A3F
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/9sI5LmOoF4yWmrgaeAUbHera3FU.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49542
IP address blocks: 2a11:644::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:24:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a9:3a:9a:f4:f5:2d:e4:b7:9c:a3:7b:e9:6a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6c2392e63a8178c969ab81a78051b1deadadc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ed:b7:c7:f5:3a:05:a8:24:de:0d:bb:0e:12:
73:b8:70:3b:61:53:98:88:6a:33:48:d5:91:87:24:
f7:49:f7:95:ac:ea:4e:43:82:aa:be:e4:29:34:34:
1d:06:51:3e:d1:f1:99:6d:fa:95:46:b0:b7:e8:c3:
61:d2:01:bb:24:f0:7f:60:b3:ef:30:dc:93:d4:87:
b9:c8:fd:ff:87:ca:4e:85:97:08:34:73:f6:d5:47:
2d:33:29:6e:2b:c3:57:1b:7c:22:b9:6b:34:45:15:
ff:fe:67:bd:bc:63:8e:4c:19:49:2d:67:29:7d:d4:
91:5b:c0:14:30:4c:cf:50:b5:43:c9:a7:38:c8:63:
d3:09:8e:a9:52:25:2c:d4:86:1b:62:ef:6a:54:2a:
05:b3:0e:79:a7:4d:87:35:fd:51:28:4c:34:67:75:
b2:14:03:50:e1:4a:6d:c9:ef:b1:4d:1a:c0:50:6f:
fc:d2:73:60:0e:57:9a:8a:3e:28:06:25:8a:22:52:
04:44:5c:2b:ec:d0:20:3b:ad:a2:bb:e8:b3:70:81:
33:6c:a1:0c:54:c4:3e:73:85:23:2f:00:28:b5:a6:
d9:81:8c:e6:37:d5:db:49:ad:b5:ee:f9:01:05:44:
63:d9:3d:ca:b0:50:1d:54:4f:8a:90:6d:b5:45:37:
8d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C2:39:2E:63:A8:17:8C:96:9A:B8:1A:78:05:1B:1D:EA:DA:DC:55
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/9sI5LmOoF4yWmrgaeAUbHera3FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:644::/32
Signature Algorithm: sha256WithRSAEncryption
73:f8:da:ca:18:00:81:28:91:01:05:87:6f:92:36:db:de:e1:
ef:8e:ab:09:c4:58:42:e8:c7:c7:3b:4e:7a:2a:06:1f:7c:a6:
64:31:6c:ff:9f:6c:3b:e2:7e:85:48:ae:58:bd:51:47:f3:9e:
1a:71:01:83:5a:95:43:6b:b6:dd:91:a1:8e:66:68:a6:9b:a6:
f2:25:08:12:59:cf:06:24:7d:48:4d:a4:08:1e:2c:54:69:ee:
98:e8:ee:80:11:5b:7d:90:0f:d5:54:f5:4f:ba:ed:e7:c8:de:
a5:ae:55:2b:10:84:b7:f5:de:e8:6c:e2:5c:61:98:8b:d3:51:
8e:c7:64:b1:27:f8:81:2e:8d:8c:fc:73:69:f3:4e:75:d2:09:
99:4a:92:f6:2e:f2:37:48:96:da:71:d8:e6:44:48:8f:7d:70:
ea:da:d4:b4:2e:77:58:28:c9:5c:2e:90:a7:6a:a8:4d:03:30:
e5:14:e5:fa:9a:dc:c1:30:8b:19:f8:01:3f:0d:25:11:c7:df:
ab:be:94:f5:85:54:5e:12:f4:ef:a7:06:66:8c:ba:59:99:da:
59:3f:d8:0c:a4:fe:bb:ec:9c:ab:33:a3:ec:ef:2d:44:44:5c:
57:89:7f:4b:2a:5d:31:39:2c:89:95:10:fc:2e:89:9f:04:0e:
26:60:84:ba
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtqk6mvT1LeS3nKN76Wo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMyMzkyZTYzYTgxNzhjOTY5YWI4MWE3ODA1MWIxZGVhZGFkYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe23x/U6Bagk3g27DhJzuHA7YVOY
iGozSNWRhyT3SfeVrOpOQ4KqvuQpNDQdBlE+0fGZbfqVRrC36MNh0gG7JPB/YLPv
MNyT1Ie5yP3/h8pOhZcINHP21UctMyluK8NXG3wiuWs0RRX//me9vGOOTBlJLWcp
fdSRW8AUMEzPULVDyac4yGPTCY6pUiUs1IYbYu9qVCoFsw55p02HNf1RKEw0Z3Wy
FANQ4Uptye+xTRrAUG/80nNgDleaij4oBiWKIlIERFwr7NAgO62iu+izcIEzbKEM
VMQ+c4UjLwAotabZgYzmN9XbSa217vkBBURj2T3KsFAdVE+KkG21RTeNUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPbCOS5jqBeMlpq4GngFGx3q2txVMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvOXNJNUxtT29GNHlXbXJnYWVBVWJIZXJhM0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhEGRDAN
BgkqhkiG9w0BAQsFAAOCAQEAc/jayhgAgSiRAQWHb5I2297h746rCcRYQujHxztO
eioGH3ymZDFs/59sO+J+hUiuWL1RR/OeGnEBg1qVQ2u23ZGhjmZoppum8iUIElnP
BiR9SE2kCB4sVGnumOjugBFbfZAP1VT1T7rt58jepa5VKxCEt/Xe6GziXGGYi9NR
jsdksSf4gS6NjPxzafNOddIJmUqS9i7yN0iW2nHY5kRIj31w6trUtC53WCjJXC6Q
p2qoTQMw5RTl+prcwTCLGfgBPw0lEcffq76U9YVUXhL076cGZoy6WZnaWT/YDKT+
u+ycqzOj7O8tRERcV4l/SypdMTksiZUQ/C6JnwQOJmCEug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org