Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/RU-IGYmiueV0UIxS83zafqZBn-U.roa
File: RU-IGYmiueV0UIxS83zafqZBn-U.roa (raw, json)
Hash identifier: YhbTChKxo972o/dFp5NXklNZin0LD7v6/Ohl+zKxUco=
Subject key identifier: 45:4F:88:19:89:A2:B9:E5:74:50:8C:52:F3:7C:DA:7E:A6:41:9F:E5
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 019321F1B9A27DDB473E472F02314A7EE572
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/RU-IGYmiueV0UIxS83zafqZBn-U.roa
Signing time: Tue 12 Nov 2024 19:55:09 +0000
ROA not before: Tue 12 Nov 2024 19:55:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 2a05:9bc0::/29 maxlen: 29
2a05:9bc0::/32 maxlen: 32
2a05:9bc1::/32 maxlen: 32
2a05:9bc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Nov 2024 21:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:f1:b9:a2:7d:db:47:3e:47:2f:02:31:4a:7e:e5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Nov 12 19:55:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=454f881989a2b9e574508c52f37cda7ea6419fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:09:5e:34:dd:e1:e4:63:dd:92:90:eb:2b:
83:d8:b6:5a:4c:d1:a3:4d:33:78:67:34:d7:77:2e:
3b:fe:9c:38:6b:43:9a:7b:fa:85:0d:95:f4:65:7f:
4d:04:d1:03:7a:49:1d:2d:8b:a8:df:23:bb:b2:fe:
2d:81:f1:66:b9:5c:22:d1:f5:f5:91:97:24:5b:1a:
dc:e5:fa:65:81:93:82:03:ec:b2:59:62:bf:5d:85:
f1:e3:62:80:61:0e:fe:24:96:82:de:62:69:1f:cb:
33:34:57:89:67:3d:aa:e2:01:42:a0:59:24:0c:5e:
91:f5:d7:1a:b7:dd:97:80:24:ca:d5:c0:e3:67:67:
43:73:06:42:22:7e:23:33:a1:5b:fe:de:11:12:7f:
20:6a:fd:03:5c:46:d2:15:8c:24:40:77:8d:a2:0f:
16:b2:ae:41:55:12:4b:71:f9:dc:88:d8:0c:14:39:
b2:55:bf:17:35:fd:45:3d:e9:e3:8a:f8:2f:9a:6c:
c6:df:39:71:62:ba:01:35:89:94:68:62:7a:96:f1:
da:70:ce:a8:84:86:a4:7b:f6:54:78:42:b6:4b:2c:
45:19:b7:0b:ed:4f:26:d6:f0:88:66:44:78:09:c9:
59:f6:9a:72:81:bc:6d:67:1b:80:37:3c:4f:58:f3:
63:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4F:88:19:89:A2:B9:E5:74:50:8C:52:F3:7C:DA:7E:A6:41:9F:E5
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/RU-IGYmiueV0UIxS83zafqZBn-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
48:a5:bd:84:75:f9:63:47:1f:be:34:0a:03:2f:67:da:ca:7e:
d2:77:f7:89:51:68:31:22:00:df:80:5a:01:7d:01:ac:d5:25:
15:f0:e1:1a:ad:09:81:fc:4f:c4:78:ad:b1:9b:b3:2e:8c:ce:
76:ad:2c:86:1b:fa:a7:a8:e2:af:7c:54:6f:74:17:70:d5:e5:
b8:6b:fd:c9:ca:00:0a:ee:46:fd:9a:18:6a:d9:57:43:99:f7:
4f:63:cf:be:28:70:6b:37:35:36:40:de:85:16:54:f3:5c:1d:
81:72:22:cb:e4:40:dc:6e:6e:8a:b0:b9:34:00:e6:f9:a8:16:
bb:66:07:a6:36:cc:1e:ca:3d:e5:80:8e:ca:7c:71:cc:1c:52:
23:83:5b:f0:18:ab:70:5d:0f:f0:e1:1f:3c:75:f2:8f:0b:4b:
f8:37:74:2c:a6:9a:26:c6:b3:d6:13:ec:78:19:3f:6e:c5:81:
b9:f8:5b:09:44:51:41:1b:58:52:d7:5e:5f:16:f2:ae:04:45:
fe:53:27:da:41:85:9e:1e:37:38:eb:86:98:40:dc:74:ec:92:
14:0a:47:e1:76:fc:01:5b:2f:fa:62:66:2d:55:0f:27:ed:92:
4a:a7:d5:26:2d:bf:da:84:e3:9a:63:5e:dd:7b:6f:59:43:a9:
f7:fb:57:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMh8bmifdtHPkcvAjFKfuVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjQxMTEyMTk1NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRmODgxOTg5YTJiOWU1NzQ1MDhjNTJmMzdjZGE3ZWE2NDE5ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3MJXjTd4eRj3ZKQ6yuD2LZaTNGj
TTN4ZzTXdy47/pw4a0Oae/qFDZX0ZX9NBNEDekkdLYuo3yO7sv4tgfFmuVwi0fX1
kZckWxrc5fplgZOCA+yyWWK/XYXx42KAYQ7+JJaC3mJpH8szNFeJZz2q4gFCoFkk
DF6R9dcat92XgCTK1cDjZ2dDcwZCIn4jM6Fb/t4REn8gav0DXEbSFYwkQHeNog8W
sq5BVRJLcfnciNgMFDmyVb8XNf1FPenjivgvmmzG3zlxYroBNYmUaGJ6lvHacM6o
hIake/ZUeEK2SyxFGbcL7U8m1vCIZkR4CclZ9ppygbxtZxuANzxPWPNjtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEVPiBmJornldFCMUvN82n6mQZ/lMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvUlUtSUdZbWl1ZVYwVUl4UzgzemFmcVpCbi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWbwDAN
BgkqhkiG9w0BAQsFAAOCAQEASKW9hHX5Y0cfvjQKAy9n2sp+0nf3iVFoMSIA34Ba
AX0BrNUlFfDhGq0JgfxPxHitsZuzLozOdq0shhv6p6jir3xUb3QXcNXluGv9ycoA
Cu5G/ZoYatlXQ5n3T2PPvihwazc1NkDehRZU81wdgXIiy+RA3G5uirC5NADm+agW
u2YHpjbMHso95YCOynxxzBxSI4Nb8BircF0P8OEfPHXyjwtL+Dd0LKaaJsaz1hPs
eBk/bsWBufhbCURRQRtYUtdeXxbyrgRF/lMn2kGFnh43OOuGmEDcdOySFApH4Xb8
AVsv+mJmLVUPJ+2SSqfVJi2/2oTjmmNe3XtvWUOp9/tXXw==
-----END CERTIFICATE-----
Generated at Tue Nov 12 23:40:51 2024 by rpki-client on console-ams.rpki-client.org