Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1-3aUbt9bwhpQQh1-nktQba4n3aQ.roa
File: 1-3aUbt9bwhpQQh1-nktQba4n3aQ.roa (raw, json)
Hash identifier: 4889lCROxpQ24Af3LycDzgUvg3hPlQco9bHDAI0FN8Y=
Subject key identifier: FB:76:94:6E:DF:5B:C2:1A:50:42:1D:7E:9E:4B:50:6D:AE:27:DD:A4
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8E7CAA7CB3B4360BB455760FE747F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1-3aUbt9bwhpQQh1-nktQba4n3aQ.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205920
IP address blocks: 2a10:a500:1a::/48 maxlen: 48
2001:67c:8dc::/48 maxlen: 48
2a10:a500::/32 maxlen: 32
2a10:a500::/48 maxlen: 48
2a10:a500:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 May 2024 10:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e7:ca:a7:cb:3b:43:60:bb:45:57:60:fe:74:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb76946edf5bc21a50421d7e9e4b506dae27dda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cf:b7:00:1c:04:7b:a2:8d:a7:a1:38:a7:d6:
89:2b:5e:cb:55:de:45:d7:8a:bf:4f:46:c8:ce:85:
7e:6c:3a:33:6a:d8:9a:00:47:03:f2:60:ce:f9:4e:
c6:6d:d4:cb:11:46:38:e2:98:8c:ae:e3:88:b9:29:
12:08:35:0d:04:b5:4c:e5:e9:a7:3d:40:22:6f:1a:
b4:f3:16:37:91:1d:57:ae:2b:9e:5a:f1:06:52:7c:
54:cf:7b:39:d7:80:e1:7e:c4:7e:97:9b:95:bd:9f:
78:09:a7:6b:f0:02:23:9f:ac:fe:6c:61:0b:23:fc:
be:01:92:ce:2d:2a:5e:c9:b7:5e:0f:35:b5:d5:af:
bd:aa:34:b9:be:b6:ef:d6:cc:88:bb:9c:16:55:89:
9e:fb:c9:fa:95:c1:86:df:59:1c:84:4f:39:9d:2a:
cc:dd:c9:c1:9b:c5:af:f4:86:ba:a9:94:24:c9:92:
56:6e:08:a1:f7:1c:f6:93:ac:51:7a:d1:96:5e:e0:
2c:0a:4f:4b:4b:db:27:e8:52:55:a9:75:4e:c1:c8:
60:cc:37:31:c3:f8:cc:47:cd:c5:58:11:47:30:6d:
e6:87:e2:cd:00:39:52:91:0d:e4:42:93:c5:40:1b:
a5:9a:73:f4:c5:d6:1a:81:e7:05:e1:3d:21:53:d9:
d3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:76:94:6E:DF:5B:C2:1A:50:42:1D:7E:9E:4B:50:6D:AE:27:DD:A4
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/1-3aUbt9bwhpQQh1-nktQba4n3aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:8dc::/48
2a10:a500::/32
Signature Algorithm: sha256WithRSAEncryption
02:23:5f:9a:f1:ae:90:76:12:61:80:38:3e:be:e6:66:d3:14:
2d:56:40:d3:1d:ba:5a:af:cf:0a:06:75:b7:6a:a8:f0:34:59:
11:0a:b8:90:e8:64:91:1c:ba:42:74:a2:f2:e3:59:a2:51:36:
5c:74:a3:09:10:3a:38:1c:14:77:3d:97:a0:36:d0:0a:ef:0b:
54:ad:74:58:87:d9:ae:a7:81:71:9c:05:82:ce:7e:63:70:d9:
07:3d:be:a4:e0:00:f4:6a:6f:1c:45:ed:9b:a5:fd:bc:d6:c8:
b9:4b:95:d3:34:a0:74:9a:64:df:98:57:c2:79:8d:62:16:b7:
54:af:22:87:e3:83:e4:53:8b:f1:98:dd:a1:89:b3:27:ad:e6:
03:70:98:2a:00:d1:ae:51:f9:7f:7f:85:28:71:c0:6f:c9:3e:
5a:75:73:0a:c8:6f:54:36:3f:b7:cd:f6:fb:7d:be:c4:95:b1:
8f:33:a3:e3:6f:c1:9d:0b:86:99:1e:da:96:18:cd:47:ea:6a:
0b:3c:30:1c:ee:d6:2e:c0:09:76:d6:72:30:74:d9:7f:35:51:
cb:34:24:6c:aa:d6:6c:22:b9:cb:46:bd:4a:af:18:37:c5:60:
51:cd:e4:95:63:2e:e2:c5:f8:ce:aa:c7:63:f5:d6:4c:5d:af:
4e:64:3a:fc
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzGuOfKp8s7Q2C7RVdg/nR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjc2OTQ2ZWRmNWJjMjFhNTA0MjFkN2U5ZTRiNTA2ZGFlMjdkZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc+3ABwEe6KNp6E4p9aJK17LVd5F
14q/T0bIzoV+bDozatiaAEcD8mDO+U7GbdTLEUY44piMruOIuSkSCDUNBLVM5emn
PUAibxq08xY3kR1XriueWvEGUnxUz3s514DhfsR+l5uVvZ94Cadr8AIjn6z+bGEL
I/y+AZLOLSpeybdeDzW11a+9qjS5vrbv1syIu5wWVYme+8n6lcGG31kchE85nSrM
3cnBm8Wv9Ia6qZQkyZJWbgih9xz2k6xRetGWXuAsCk9LS9sn6FJVqXVOwchgzDcx
w/jMR83FWBFHMG3mh+LNADlSkQ3kQpPFQBulmnP0xdYagecF4T0hU9nTUwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPt2lG7fW8IaUEIdfp5LUG2uJ92kMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMS0zYVVidDlid2hwUVFoMS1ua3RRYmE0bjNhUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZh
OC8xL25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjApBggrBgEFBQcBBwEB/wQaMBgwFgQCAAIwEAMHACABBnwI
3AMFACoQpQAwDQYJKoZIhvcNAQELBQADggEBAAIjX5rxrpB2EmGAOD6+5mbTFC1W
QNMdulqvzwoGdbdqqPA0WREKuJDoZJEcukJ0ovLjWaJRNlx0owkQOjgcFHc9l6A2
0ArvC1StdFiH2a6ngXGcBYLOfmNw2Qc9vqTgAPRqbxxF7Zul/bzWyLlLldM0oHSa
ZN+YV8J5jWIWt1SvIofjg+RTi/GY3aGJsyet5gNwmCoA0a5R+X9/hShxwG/JPlp1
cwrIb1Q2P7fN9vt9vsSVsY8zo+NvwZ0Lhpke2pYYzUfqags8MBzu1i7ACXbWcjB0
2X81Ucs0JGyq1mwiuctGvUqvGDfFYFHN5JVjLuLF+M6qx2P11kxdr05kOvw=
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:33 2024 by rpki-client on console-ams.rpki-client.org