Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tozWoLSbl2Rtrsf-1Z_rwiz2QMo.roa
File: tozWoLSbl2Rtrsf-1Z_rwiz2QMo.roa (raw, json)
Hash identifier: xlzdyjLmXlRXYY32t75rvtFMc/8qV04t7aM3AL0gmP8=
Subject key identifier: B6:8C:D6:A0:B4:9B:97:64:6D:AE:C7:FE:D5:9F:EB:C2:2C:F6:40:CA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190E4DB22C9C6249EDE5F3EBF28AA95640D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tozWoLSbl2Rtrsf-1Z_rwiz2QMo.roa
Signing time: Wed 24 Jul 2024 13:08:04 +0000
ROA not before: Wed 24 Jul 2024 13:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 2a07:9200::/32 maxlen: 32
2a07:9201::/32 maxlen: 32
2a07:9202::/32 maxlen: 32
2a07:9203::/32 maxlen: 32
2a07:9204::/32 maxlen: 32
2a07:9205::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a582::/32 maxlen: 32
2a0c:a583::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a585::/32 maxlen: 32
2a0c:a587::/32 maxlen: 32
2a10:dfc0::/32 maxlen: 32
2a10:dfc1::/32 maxlen: 32
2a10:dfc2::/32 maxlen: 32
2a10:dfc3::/32 maxlen: 32
2a10:dfc4::/32 maxlen: 32
2a10:dfc5::/32 maxlen: 32
2a10:dfc6::/32 maxlen: 32
2a10:dfc7::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jul 2024 15:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:db:22:c9:c6:24:9e:de:5f:3e:bf:28:aa:95:64:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 24 13:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b68cd6a0b49b97646daec7fed59febc22cf640ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cf:47:89:d7:52:24:b4:ce:2d:7d:b8:4b:9a:
21:28:79:6e:d0:9a:2b:23:78:2b:c0:87:a0:74:ae:
e8:00:ef:6c:44:80:a2:94:c9:f4:b0:16:8d:4b:7f:
e8:02:cb:04:e4:23:39:54:f1:8f:78:5e:b8:1b:e0:
21:ea:e1:6f:bf:08:bf:1a:91:a8:94:53:9b:f8:d8:
03:6f:76:d5:ad:25:03:22:4e:db:6a:cd:bd:5b:84:
56:0b:31:62:46:6f:14:92:1c:ab:48:f1:ce:4b:fa:
5c:aa:62:fc:4c:47:4b:5b:8c:c8:67:82:b0:ea:e3:
e4:cb:ed:f5:8b:0f:da:c7:b7:e6:b4:6a:0a:42:1a:
de:2f:43:49:32:e9:8c:0e:55:30:ea:c3:d4:59:9a:
15:85:53:1d:de:c1:80:99:bc:b6:91:b6:8c:52:0a:
54:6c:48:22:e5:1c:3e:1b:bf:c9:40:44:d4:b1:e7:
e8:96:0c:13:ce:fe:f8:9a:c5:44:be:32:43:86:6f:
87:27:d3:ce:40:7a:57:c9:b3:1b:c5:c9:2d:77:f1:
0a:08:41:ce:23:7a:3b:d1:31:e5:7a:f8:f8:f3:0a:
57:6b:c2:df:b1:39:82:5f:e4:d2:f5:be:1c:69:d2:
39:9b:22:7d:41:f5:d8:ab:eb:19:68:f0:87:97:65:
28:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8C:D6:A0:B4:9B:97:64:6D:AE:C7:FE:D5:9F:EB:C2:2C:F6:40:CA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tozWoLSbl2Rtrsf-1Z_rwiz2QMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::-2a0c:a585:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:a587::/32
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/32
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
49:d1:64:2d:e6:68:f7:19:7b:9f:01:bb:58:47:1d:ac:7e:0b:
b7:c3:5c:7c:59:92:aa:2e:f4:75:7e:64:29:95:77:74:95:cb:
a7:cc:bc:78:43:e7:68:1d:f2:ad:09:d5:c8:d3:1a:30:97:d6:
10:9c:9f:b4:15:f7:1a:a4:6f:53:9f:e6:f7:0c:70:80:74:94:
f8:a9:32:6a:97:3e:24:f5:15:aa:ea:32:0b:a2:1e:f1:19:e6:
86:e2:1a:e8:82:1e:a6:9a:b3:15:79:d0:b7:36:e4:4f:69:6c:
45:01:d6:34:40:e3:2e:c0:d0:7f:d9:43:64:2f:30:38:05:df:
be:6d:2e:7e:53:19:fc:e7:3a:19:27:25:b7:20:00:c6:a9:32:
0f:1e:4d:78:78:e9:af:cb:72:37:8d:e9:e6:72:71:4d:38:1a:
d7:c0:68:3d:f3:ca:a9:f8:c6:6d:a4:49:6f:fc:6d:d0:b3:83:
78:cb:e5:95:1c:08:f7:aa:00:af:f8:1d:36:4d:d6:26:5b:d9:
21:27:22:da:ff:a8:7b:9d:07:08:81:d3:0c:0b:3f:63:40:4e:
24:73:42:67:e8:ce:4a:ff:41:30:3d:97:6f:3d:8d:b1:11:ba:
e6:52:8a:08:29:1f:01:fc:3d:f0:25:c8:bc:7f:aa:66:be:af:
2b:b9:43:07
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZDk2yLJxiSe3l8+vyiqlWQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzI0MTMwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjhjZDZhMGI0OWI5NzY0NmRhZWM3ZmVkNTlmZWJjMjJjZjY0MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM9HiddSJLTOLX24S5ohKHlu0Jor
I3grwIegdK7oAO9sRICilMn0sBaNS3/oAssE5CM5VPGPeF64G+Ah6uFvvwi/GpGo
lFOb+NgDb3bVrSUDIk7bas29W4RWCzFiRm8UkhyrSPHOS/pcqmL8TEdLW4zIZ4Kw
6uPky+31iw/ax7fmtGoKQhreL0NJMumMDlUw6sPUWZoVhVMd3sGAmby2kbaMUgpU
bEgi5Rw+G7/JQETUsefolgwTzv74msVEvjJDhm+HJ9POQHpXybMbxcktd/EKCEHO
I3o70THlevj48wpXa8LfsTmCX+TS9b4cadI5myJ9QfXYq+sZaPCHl2UoRwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFLaM1qC0m5dkba7H/tWf68Is9kDKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdG96V29MU2JsMlJ0cnNmLTFaX3J3aXoyUU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAIwawMFAyoHkgAD
BQAqCQNAAwUAKgnEQAMFACoMXUAwDgMFByoMpYADBQEqDKWEAwUAKgylhwMFAyoQ
38ADBQAqEPrAAwUAKhEFgAMFACoRFgADBQAqESqAAwUAKhE5AAMFACoR1oADBQAq
Ep8AMA0GCSqGSIb3DQEBCwUAA4IBAQBJ0WQt5mj3GXufAbtYRx2sfgu3w1x8WZKq
LvR1fmQplXd0lcunzLx4Q+doHfKtCdXI0xowl9YQnJ+0FfcapG9Tn+b3DHCAdJT4
qTJqlz4k9RWq6jILoh7xGeaG4hrogh6mmrMVedC3NuRPaWxFAdY0QOMuwNB/2UNk
LzA4Bd++bS5+Uxn85zoZJyW3IADGqTIPHk14eOmvy3I3jenmcnFNOBrXwGg988qp
+MZtpElv/G3Qs4N4y+WVHAj3qgCv+B02TdYmW9khJyLa/6h7nQcIgdMMCz9jQE4k
c0Jn6M5K/0EwPZdvPY2xEbrmUooIKR8B/D3wJci8f6pmvq8ruUMH
-----END CERTIFICATE-----
Generated at Wed Jul 31 18:39:27 2024 by rpki-client on console-ams.rpki-client.org