Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/RhnX9l6LCXraLG1JaiSIdFa96Xo.roa
File: RhnX9l6LCXraLG1JaiSIdFa96Xo.roa (raw, json)
Hash identifier: JY6VD1O5mjMQReBUFqj034GaJp/0V7F4dBfOHOiZ7vE=
Subject key identifier: 46:19:D7:F6:5E:8B:09:7A:DA:2C:6D:49:6A:24:88:74:56:BD:E9:7A
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018F061F0ACD1B917C2EFA62021BBDC2114D
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/RhnX9l6LCXraLG1JaiSIdFa96Xo.roa
Signing time: Mon 22 Apr 2024 14:04:08 +0000
ROA not before: Mon 22 Apr 2024 14:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:3901::/32 maxlen: 32
2a09:3907::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:1f:0a:cd:1b:91:7c:2e:fa:62:02:1b:bd:c2:11:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Apr 22 14:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4619d7f65e8b097ada2c6d496a24887456bde97a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cd:8a:10:64:8d:9d:26:9c:9b:ff:89:4d:27:
a1:17:48:ff:4c:b7:95:bf:8a:fa:e1:dc:eb:68:7a:
54:7d:8b:4a:cf:89:05:d4:4e:1a:85:a9:b7:cc:bb:
39:31:c1:39:29:fd:7a:30:f1:a0:5c:68:75:4f:3c:
aa:3a:23:4b:42:03:d2:cd:b7:5e:ee:f9:b0:28:b0:
4a:76:64:09:01:a3:e9:52:d9:49:49:00:ae:6c:9e:
fa:03:9a:f5:8d:df:8c:62:94:6b:a3:39:bb:07:18:
aa:9d:47:93:0f:69:04:3c:75:14:31:03:fb:1b:65:
af:90:23:d4:af:ad:ec:3e:e6:1d:a7:bf:09:ec:f4:
e2:73:65:ed:e2:7f:bc:46:3e:09:a6:76:e6:a0:68:
aa:de:2b:f1:1e:dc:12:76:84:32:ee:e4:97:11:3c:
ea:4f:11:56:e0:6d:a8:d9:9d:7b:90:09:b8:c9:b7:
4f:27:99:ac:e6:83:c2:41:9e:cb:12:6b:bc:b7:b7:
f2:e3:07:4e:df:98:c5:db:8f:ec:4e:62:d8:27:4e:
68:68:ae:00:a1:d9:48:84:58:ab:4b:38:cd:a5:ef:
53:ac:65:74:15:6e:ec:f8:43:85:43:01:9b:60:65:
ed:84:62:82:e1:ad:97:1e:5b:a0:54:fa:c2:57:bf:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:19:D7:F6:5E:8B:09:7A:DA:2C:6D:49:6A:24:88:74:56:BD:E9:7A
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/RhnX9l6LCXraLG1JaiSIdFa96Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3901::/32
2a09:3907::/32
Signature Algorithm: sha256WithRSAEncryption
50:d3:81:5a:7d:c5:17:9c:9b:a3:b6:2e:1b:28:aa:fe:d8:ec:
4f:4d:38:a6:44:11:e9:02:bf:76:3e:a1:0f:eb:f7:12:d1:02:
0a:ba:ff:0c:bf:88:78:c3:42:ed:55:98:07:e0:e2:85:e2:36:
6a:c2:ab:a2:00:50:5c:25:18:43:74:6c:67:81:70:c2:d3:cc:
88:93:d9:22:74:03:63:fc:da:ce:41:52:fb:0e:58:0f:23:2e:
a5:ac:bb:43:2f:bf:96:72:fd:06:4b:69:9d:88:eb:47:44:31:
63:bf:0d:13:11:b3:44:57:66:d8:4d:a5:10:ff:ec:33:3b:26:
80:9c:58:cf:85:9f:1f:5a:61:04:4e:8e:52:65:01:58:e4:54:
af:4c:e2:d7:50:8c:5a:6b:c6:df:a3:ab:1c:ae:ba:4a:44:d0:
49:5b:e4:ce:5e:a7:30:12:05:4b:f6:91:e0:df:87:97:24:34:
04:55:9b:21:49:80:1a:5a:7e:d2:bc:2e:6a:77:67:7f:60:7e:
0f:34:52:48:85:1c:3c:0b:0f:e4:a3:0b:d0:08:c5:9f:d2:d8:
33:4b:23:67:ac:4a:f7:39:fb:d5:1f:d1:29:0d:49:5d:17:82:
37:20:71:03:ec:0c:35:7e:a9:a4:11:4e:dc:98:f0:1f:d1:d2:
cf:f2:b2:ea
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8GHwrNG5F8LvpiAhu9whFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwNDIyMTQwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE5ZDdmNjVlOGIwOTdhZGEyYzZkNDk2YTI0ODg3NDU2YmRlOTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws2KEGSNnSacm/+JTSehF0j/TLeV
v4r64dzraHpUfYtKz4kF1E4aham3zLs5McE5Kf16MPGgXGh1TzyqOiNLQgPSzbde
7vmwKLBKdmQJAaPpUtlJSQCubJ76A5r1jd+MYpRrozm7BxiqnUeTD2kEPHUUMQP7
G2WvkCPUr63sPuYdp78J7PTic2Xt4n+8Rj4JpnbmoGiq3ivxHtwSdoQy7uSXETzq
TxFW4G2o2Z17kAm4ybdPJ5ms5oPCQZ7LEmu8t7fy4wdO35jF24/sTmLYJ05oaK4A
odlIhFirSzjNpe9TrGV0FW7s+EOFQwGbYGXthGKC4a2XHlugVPrCV79zuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEYZ1/Zeiwl62ixtSWokiHRWvel6MB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvUmhuWDlsNkxDWHJhTEcxSmFpU0lkRmE5NlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgk5AQMF
ACoJOQcwDQYJKoZIhvcNAQELBQADggEBAFDTgVp9xRecm6O2Lhsoqv7Y7E9NOKZE
EekCv3Y+oQ/r9xLRAgq6/wy/iHjDQu1VmAfg4oXiNmrCq6IAUFwlGEN0bGeBcMLT
zIiT2SJ0A2P82s5BUvsOWA8jLqWsu0Mvv5Zy/QZLaZ2I60dEMWO/DRMRs0RXZthN
pRD/7DM7JoCcWM+Fnx9aYQROjlJlAVjkVK9M4tdQjFprxt+jqxyuukpE0Elb5M5e
pzASBUv2keDfh5ckNARVmyFJgBpaftK8Lmp3Z39gfg80UkiFHDwLD+SjC9AIxZ/S
2DNLI2esSvc5+9Uf0SkNSV0XgjcgcQPsDDV+qaQRTtyY8B/R0s/ysuo=
-----END CERTIFICATE-----
Generated at Fri Oct 11 22:31:16 2024 by rpki-client on console-fra.rpki-client.org