Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ahnmZFGei6LFgpz9xxiT2mvbYOw.roa
File: ahnmZFGei6LFgpz9xxiT2mvbYOw.roa (raw, json)
Hash identifier: VpNipjK5vWj9H0cIByNEsI+BOfUc5uByjC1UbwBziWg=
Subject key identifier: 6A:19:E6:64:51:9E:8B:A2:C5:82:9C:FD:C7:18:93:DA:6B:DB:60:EC
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0190C70AD5C412C083AE201796C3C9B7AC51
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ahnmZFGei6LFgpz9xxiT2mvbYOw.roa
Signing time: Thu 18 Jul 2024 18:11:34 +0000
ROA not before: Thu 18 Jul 2024 18:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215355
IP address blocks: 2a14:67c0:100::/40 maxlen: 48
2a14:67c0:110::/44 maxlen: 48
2a14:67c0:200::/40 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Nov 2024 16:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c7:0a:d5:c4:12:c0:83:ae:20:17:96:c3:c9:b7:ac:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jul 18 18:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a19e664519e8ba2c5829cfdc71893da6bdb60ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b9:de:1d:6c:8e:0f:41:d6:dc:49:5d:91:ec:
4e:0c:12:18:d7:44:b3:f8:ef:65:2b:f9:00:2d:71:
b2:31:17:7b:27:ef:d4:83:79:b5:62:22:c6:77:b5:
e4:30:6c:bd:20:6d:29:19:fc:7c:cf:b0:d0:80:09:
92:31:7e:b7:b6:60:a1:d5:1f:dc:a3:eb:5a:61:4f:
a7:5d:e0:6c:e2:5a:db:60:69:ef:13:ea:36:f3:ef:
a4:05:1a:bf:5d:21:4e:7a:14:2e:38:ff:51:24:dc:
4f:e2:b8:ed:9c:cb:c6:e0:8b:c1:f4:9a:8a:c7:2e:
ed:27:57:8e:84:98:88:41:ed:ad:1b:87:9f:33:a4:
40:15:7f:19:0b:33:b2:4b:b9:d6:8c:20:e5:f0:4f:
f9:d3:17:9b:d0:ca:88:36:cd:98:c9:78:2e:37:87:
2d:7e:9a:5d:7c:08:1f:c7:aa:d6:2e:f8:af:5c:23:
41:5a:ae:b9:87:60:b4:38:e5:32:7c:ba:84:7e:98:
d5:19:f8:d6:7f:38:39:1d:64:d5:8b:25:76:59:fb:
19:de:82:c8:ec:60:b8:59:1a:c1:47:1e:a3:7d:8c:
48:fd:d3:13:a3:ea:1e:9b:41:62:82:22:f3:4c:3f:
cc:70:ef:78:d2:c2:f1:9d:aa:70:8e:72:8a:52:22:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:19:E6:64:51:9E:8B:A2:C5:82:9C:FD:C7:18:93:DA:6B:DB:60:EC
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ahnmZFGei6LFgpz9xxiT2mvbYOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c0:100::-2a14:67c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:28:40:0a:3c:89:ed:e7:dc:fd:46:e8:08:ce:2c:af:7b:2f:
2c:3c:75:eb:4d:0d:c7:0d:c5:9f:ef:ce:9e:86:bf:6f:fe:0c:
f1:3d:7b:33:65:e1:9c:f8:8b:03:c3:5a:7e:8e:f4:82:0f:0f:
73:42:e9:3b:55:e1:61:15:94:b3:df:f0:29:49:46:10:80:51:
f6:8b:2f:38:0f:b6:0c:84:4f:61:e7:23:3e:66:de:48:af:de:
38:9d:8f:95:61:83:04:b6:98:39:33:9c:c4:e5:7c:43:a2:58:
32:31:d3:02:30:dc:e3:70:17:3c:bd:6f:36:5b:b7:6a:27:4c:
5e:4b:22:a4:ab:2f:90:ea:6a:76:de:14:c6:6f:95:43:27:30:
cb:60:64:29:88:4d:93:6d:ab:41:ae:61:1b:e1:23:a6:4c:6d:
d6:bc:de:0a:d6:9d:a4:82:cb:0f:84:bf:df:e9:ed:bd:39:c2:
03:8e:ef:f8:dc:8a:af:05:b2:78:c8:ee:d1:cf:d3:65:fc:4e:
5f:71:8a:f4:bb:f9:75:5f:c3:6f:79:47:69:f4:53:26:de:0c:
13:71:19:af:92:49:38:e9:8d:4e:1a:2e:9a:d8:b3:32:5e:2e:
4e:42:66:de:51:24:78:90:a3:33:41:0b:e0:43:64:cd:a2:34:
26:52:da:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDHCtXEEsCDriAXlsPJt6xRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjQwNzE4MTgxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTE5ZTY2NDUxOWU4YmEyYzU4MjljZmRjNzE4OTNkYTZiZGI2MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLneHWyOD0HW3EldkexODBIY10Sz
+O9lK/kALXGyMRd7J+/Ug3m1YiLGd7XkMGy9IG0pGfx8z7DQgAmSMX63tmCh1R/c
o+taYU+nXeBs4lrbYGnvE+o28++kBRq/XSFOehQuOP9RJNxP4rjtnMvG4IvB9JqK
xy7tJ1eOhJiIQe2tG4efM6RAFX8ZCzOyS7nWjCDl8E/50xeb0MqINs2YyXguN4ct
fppdfAgfx6rWLvivXCNBWq65h2C0OOUyfLqEfpjVGfjWfzg5HWTViyV2WfsZ3oLI
7GC4WRrBRx6jfYxI/dMTo+oem0FigiLzTD/McO940sLxnapwjnKKUiIKiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGoZ5mRRnouixYKc/ccYk9pr22DsMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvYWhubVpGR2VpNkxGZ3B6OXh4aVQybXZiWU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqFGfA
AQMGACoUZ8ACMA0GCSqGSIb3DQEBCwUAA4IBAQAqKEAKPInt59z9RugIziyvey8s
PHXrTQ3HDcWf786ehr9v/gzxPXszZeGc+IsDw1p+jvSCDw9zQuk7VeFhFZSz3/Ap
SUYQgFH2iy84D7YMhE9h5yM+Zt5Ir944nY+VYYMEtpg5M5zE5XxDolgyMdMCMNzj
cBc8vW82W7dqJ0xeSyKkqy+Q6mp23hTGb5VDJzDLYGQpiE2TbatBrmEb4SOmTG3W
vN4K1p2kgssPhL/f6e29OcIDju/43IqvBbJ4yO7Rz9Nl/E5fcYr0u/l1X8NveUdp
9FMm3gwTcRmvkkk46Y1OGi6a2LMyXi5OQmbeUSR4kKMzQQvgQ2TNojQmUtq1
-----END CERTIFICATE-----
Generated at Sat Nov 9 18:21:11 2024 by rpki-client on console-fra.rpki-client.org