Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/2IDgPN6Qy_G26tmn1qxuGUWMKsU.roa
File: 2IDgPN6Qy_G26tmn1qxuGUWMKsU.roa (raw, json)
Hash identifier: /s2zgTa1RFuLNQtMCGVEhg/6eumDTGYfypMSB9iuIKw=
Subject key identifier: D8:80:E0:3C:DE:90:CB:F1:B6:EA:D9:A7:D6:AC:6E:19:45:8C:2A:C5
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01902E08EA02EC246C0B69820CAB91BA9C08
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/2IDgPN6Qy_G26tmn1qxuGUWMKsU.roa
Signing time: Wed 19 Jun 2024 01:07:34 +0000
ROA not before: Wed 19 Jun 2024 01:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215355
IP address blocks: 2a14:67c0:100::/40 maxlen: 40
2a14:67c0:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 03 Jul 2024 05:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2e:08:ea:02:ec:24:6c:0b:69:82:0c:ab:91:ba:9c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jun 19 01:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d880e03cde90cbf1b6ead9a7d6ac6e19458c2ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a3:99:07:f9:a5:88:2c:3c:58:d1:cd:11:19:
77:20:76:96:19:4a:1e:bf:e0:1d:ce:3d:91:56:8c:
bd:2f:da:a6:0a:34:a5:7b:97:27:cc:a7:78:fb:01:
56:bc:34:3b:84:9e:94:5c:46:6e:a4:8d:c6:bf:40:
6e:38:35:84:a2:02:f9:df:ab:e1:e3:7a:db:5e:75:
be:b2:35:15:19:6b:b8:a5:7b:90:36:c2:75:29:82:
7a:74:44:77:64:08:b6:d5:6b:83:b4:a2:7c:1a:1f:
68:da:18:ae:ff:78:5f:97:b4:31:e6:3a:c4:98:48:
dd:c9:8b:76:57:a2:df:a9:76:4b:4f:cf:ff:91:16:
08:0d:6e:f2:4b:48:84:f6:71:9a:98:6d:88:24:18:
a9:cd:9c:54:7c:e9:bc:4c:64:d2:87:c4:df:b3:5b:
e6:4c:e7:dc:b1:5a:a2:37:34:46:8b:c0:6b:0e:f4:
24:63:7b:e8:6d:bf:98:6b:20:23:08:6a:75:c3:ee:
80:74:c8:19:a8:8c:cc:63:d0:f8:a0:ea:a4:02:50:
72:ba:43:58:28:58:46:89:1b:12:f3:42:82:28:cd:
82:b0:64:ff:3c:ec:3c:dc:fa:91:a5:8f:43:ee:95:
a4:1c:54:21:1e:08:55:0f:ac:9f:a6:d3:07:d1:23:
1b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:80:E0:3C:DE:90:CB:F1:B6:EA:D9:A7:D6:AC:6E:19:45:8C:2A:C5
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/2IDgPN6Qy_G26tmn1qxuGUWMKsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c0:100::-2a14:67c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:9f:4e:0a:ff:9a:47:42:42:a7:90:a0:55:11:1d:a7:60:a0:
2a:fe:a5:cf:65:b4:3a:00:8b:cb:45:19:4a:a3:6f:7a:90:e7:
09:80:af:e4:2c:81:e0:50:39:51:2f:f2:39:3d:0a:30:8f:59:
27:b2:31:ac:2f:f8:68:6a:0c:8c:cb:d4:81:f0:6a:71:ba:32:
a6:c4:a7:6f:00:b6:ee:a6:77:0b:01:c6:bc:0a:e0:0f:b3:c3:
df:98:7c:00:3d:29:61:28:6c:72:96:ea:85:9d:7a:8e:c6:da:
90:ec:8f:a7:4d:c0:ba:bd:39:be:02:16:a7:f9:22:e4:72:aa:
12:72:fd:40:ee:50:26:b8:cf:d4:4a:13:85:51:c1:04:27:b1:
52:b1:06:6c:a3:2f:43:f6:35:fc:95:c0:6f:1d:1f:8e:8d:da:
4c:08:e3:24:ad:ae:c1:7d:42:51:02:1e:44:0a:d9:f0:86:d2:
1c:e7:65:8a:10:ca:85:93:90:85:3e:a4:60:a2:3b:f2:8c:4c:
0a:1e:2f:59:c9:50:01:fb:5c:ac:ba:59:47:95:25:45:da:23:
11:f1:d7:e5:4d:a4:5c:f8:0d:30:f9:d4:00:d3:ea:c9:f0:74:
ea:01:ae:b1:e5:d2:24:f5:a7:e6:14:7d:ed:8b:7a:47:e3:8f:
1f:1e:74:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAuCOoC7CRsC2mCDKuRupwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNjE5MDEwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgwZTAzY2RlOTBjYmYxYjZlYWQ5YTdkNmFjNmUxOTQ1OGMyYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqOZB/mliCw8WNHNERl3IHaWGUoe
v+Adzj2RVoy9L9qmCjSle5cnzKd4+wFWvDQ7hJ6UXEZupI3Gv0BuODWEogL536vh
43rbXnW+sjUVGWu4pXuQNsJ1KYJ6dER3ZAi21WuDtKJ8Gh9o2hiu/3hfl7Qx5jrE
mEjdyYt2V6LfqXZLT8//kRYIDW7yS0iE9nGamG2IJBipzZxUfOm8TGTSh8Tfs1vm
TOfcsVqiNzRGi8BrDvQkY3vobb+YayAjCGp1w+6AdMgZqIzMY9D4oOqkAlByukNY
KFhGiRsS80KCKM2CsGT/POw83PqRpY9D7pWkHFQhHghVD6yfptMH0SMbuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNiA4DzekMvxturZp9asbhlFjCrFMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvMklEZ1BONlF5X0cyNnRtbjFxeHVHVVdNS3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqFGfA
AQMGACoUZ8ACMA0GCSqGSIb3DQEBCwUAA4IBAQCJn04K/5pHQkKnkKBVER2nYKAq
/qXPZbQ6AIvLRRlKo296kOcJgK/kLIHgUDlRL/I5PQowj1knsjGsL/hoagyMy9SB
8GpxujKmxKdvALbupncLAca8CuAPs8PfmHwAPSlhKGxyluqFnXqOxtqQ7I+nTcC6
vTm+Ahan+SLkcqoScv1A7lAmuM/UShOFUcEEJ7FSsQZsoy9D9jX8lcBvHR+OjdpM
COMkra7BfUJRAh5ECtnwhtIc52WKEMqFk5CFPqRgojvyjEwKHi9ZyVAB+1ysullH
lSVF2iMR8dflTaRc+A0w+dQA0+rJ8HTqAa6x5dIk9afmFH3ti3pH448fHnQ8
-----END CERTIFICATE-----
Generated at Wed Jul 3 06:38:49 2024 by rpki-client on console-ams.rpki-client.org