Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/9cKIUMicDHZ0Ku0gA2yvjNd1fGY.roa
File: 9cKIUMicDHZ0Ku0gA2yvjNd1fGY.roa (raw, json)
Hash identifier: R1ABPVwpqvfZts0ooiVFfezKEBp5RgQNOOBGp7j44Vo=
Subject key identifier: F5:C2:88:50:C8:9C:0C:76:74:2A:ED:20:03:6C:AF:8C:D7:75:7C:66
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01927D4AE050A22B814BED43D06663DD9903
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/9cKIUMicDHZ0Ku0gA2yvjNd1fGY.roa
Signing time: Fri 11 Oct 2024 20:35:11 +0000
ROA not before: Fri 11 Oct 2024 20:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3901::/32 maxlen: 32
2a09:3904::/32 maxlen: 32
2a09:3907::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e0:50:a2:2b:81:4b:ed:43:d0:66:63:dd:99:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Oct 11 20:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5c28850c89c0c76742aed20036caf8cd7757c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:21:da:32:d2:fc:5b:fd:79:41:6e:3a:ed:
0c:5a:a2:0b:f2:38:27:42:b7:ae:d5:8f:91:b8:eb:
f3:09:92:ac:9b:ec:bb:8a:61:40:2a:51:47:ab:63:
ab:54:25:3e:81:b2:03:32:d2:5e:96:8a:f7:91:86:
a4:6f:7b:01:56:bb:44:08:1c:6e:31:cd:d7:85:53:
87:a8:c1:01:91:fc:e1:6d:c2:bb:91:13:fa:77:1a:
f3:d8:75:bb:7f:bd:e9:7f:f3:9f:ce:27:19:22:da:
fa:c5:d4:40:11:dc:2a:2d:a9:dc:f2:eb:84:17:c9:
59:ba:f6:8a:57:0d:13:d5:71:08:e1:38:09:81:1f:
8b:d8:18:9b:f7:c2:17:a2:ea:05:12:b3:32:55:75:
93:4f:59:91:06:6c:ed:04:78:60:10:c7:06:e4:10:
ba:fa:96:27:12:c0:11:4b:d4:64:f5:a5:16:16:86:
ac:4b:95:21:08:d7:9b:03:fa:3d:2f:ef:57:cd:07:
30:7e:78:f3:7d:31:31:2a:af:9c:89:60:a5:d8:ec:
27:9a:f1:f0:30:10:5b:7c:63:65:9c:3f:69:f6:85:
ce:c3:44:b3:d6:0b:e0:b7:c4:b7:1e:57:cf:fc:29:
7c:33:74:ce:79:28:5f:ce:63:e5:7e:f0:14:cc:ff:
4e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C2:88:50:C8:9C:0C:76:74:2A:ED:20:03:6C:AF:8C:D7:75:7C:66
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/9cKIUMicDHZ0Ku0gA2yvjNd1fGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3901::/32
2a09:3904::/32
2a09:3907::/32
Signature Algorithm: sha256WithRSAEncryption
bc:94:fa:36:7a:3a:b2:bb:7f:37:8f:a7:05:d3:36:9a:e0:15:
e5:90:76:fa:9d:d2:b0:c7:42:a9:89:ee:c8:85:5f:bf:34:57:
0b:23:34:44:41:d1:d9:56:52:b6:75:7f:b8:dc:17:97:2a:b9:
1b:44:6b:08:b9:95:35:9a:68:bd:d3:7d:cf:e9:c1:74:44:89:
0b:e0:d8:9a:8d:d9:af:d9:ac:7b:7d:8a:eb:5d:2b:fc:d7:70:
6e:4b:34:9c:7c:c9:b3:82:52:17:4d:f8:7e:76:14:39:84:ec:
9c:61:9a:32:d1:18:a3:08:1f:fc:fb:9c:b7:17:fc:4b:29:77:
4b:2c:97:35:85:e9:4a:39:ec:49:ad:59:0c:91:bd:9c:cd:d0:
0c:e6:13:13:a1:e9:bf:2e:2b:8d:ec:ef:ef:82:ea:cf:a6:a7:
81:f4:ed:53:31:cf:69:f7:bb:d5:4e:b0:b0:c1:fb:ae:b8:e6:
3c:89:7a:73:86:99:17:b1:d8:54:94:7f:fe:d4:99:5f:f2:8b:
b2:88:d8:58:b8:7a:50:43:b4:3f:fd:90:14:dd:fe:82:53:63:
dc:11:6f:61:ff:fb:85:cb:e7:86:b3:7c:76:61:ba:53:fc:81:
b0:b1:da:8f:65:0a:39:78:f1:c2:30:53:93:02:c3:82:9c:56:
c2:bc:db:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJ9SuBQoiuBS+1D0GZj3ZkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMDExMjAzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWMyODg1MGM4OWMwYzc2NzQyYWVkMjAwMzZjYWY4Y2Q3NzU3YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlMh2jLS/Fv9eUFuOu0MWqIL8jgn
Qreu1Y+RuOvzCZKsm+y7imFAKlFHq2OrVCU+gbIDMtJelor3kYakb3sBVrtECBxu
Mc3XhVOHqMEBkfzhbcK7kRP6dxrz2HW7f73pf/OfzicZItr6xdRAEdwqLanc8uuE
F8lZuvaKVw0T1XEI4TgJgR+L2Bib98IXouoFErMyVXWTT1mRBmztBHhgEMcG5BC6
+pYnEsARS9Rk9aUWFoasS5UhCNebA/o9L+9XzQcwfnjzfTExKq+ciWCl2OwnmvHw
MBBbfGNlnD9p9oXOw0Sz1gvgt8S3HlfP/Cl8M3TOeShfzmPlfvAUzP9OGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPXCiFDInAx2dCrtIANsr4zXdXxmMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvOWNLSVVNaWNESFowS3UwZ0EyeXZqTmQxZkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgk5AQMF
ACoJOQQDBQAqCTkHMA0GCSqGSIb3DQEBCwUAA4IBAQC8lPo2ejqyu383j6cF0zaa
4BXlkHb6ndKwx0Kpie7IhV+/NFcLIzREQdHZVlK2dX+43BeXKrkbRGsIuZU1mmi9
033P6cF0RIkL4Niajdmv2ax7fYrrXSv813BuSzScfMmzglIXTfh+dhQ5hOycYZoy
0RijCB/8+5y3F/xLKXdLLJc1helKOexJrVkMkb2czdAM5hMToem/LiuN7O/vgurP
pqeB9O1TMc9p97vVTrCwwfuuuOY8iXpzhpkXsdhUlH/+1Jlf8ouyiNhYuHpQQ7Q/
/ZAU3f6CU2PcEW9h//uFy+eGs3x2YbpT/IGwsdqPZQo5ePHCMFOTAsOCnFbCvNsp
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org