Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Uz1fVzj0SlZmktjnP9zqJE_CB4Y.roa
File: Uz1fVzj0SlZmktjnP9zqJE_CB4Y.roa (raw, json)
Hash identifier: YmIyUSQmR1z+lk5Vu53xSQM5LgQYN44bm2+lY60zl80=
Subject key identifier: 53:3D:5F:57:38:F4:4A:56:66:92:D8:E7:3F:DC:EA:24:4F:C2:07:86
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 0192E3F9560A0147490A871384D620D203EB
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Uz1fVzj0SlZmktjnP9zqJE_CB4Y.roa
Signing time: Thu 31 Oct 2024 19:07:01 +0000
ROA not before: Thu 31 Oct 2024 19:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3900::/32 maxlen: 32
2a09:3901::/32 maxlen: 32
2a09:3904::/32 maxlen: 32
2a09:3907::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:f9:56:0a:01:47:49:0a:87:13:84:d6:20:d2:03:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Oct 31 19:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=533d5f5738f44a566692d8e73fdcea244fc20786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3f:f2:44:4b:12:56:93:5c:99:51:23:3d:78:
bd:f9:7d:05:d5:2d:bb:db:87:b7:df:da:db:6e:da:
05:fb:5d:44:ec:b0:ec:67:d9:da:91:c4:0e:24:b9:
b0:7d:43:73:c2:12:63:ab:fd:a5:f2:60:6d:8d:04:
db:b0:e5:0b:93:58:76:9d:83:85:a5:9e:5e:7f:3f:
fe:cd:2d:a4:e0:32:36:2e:ce:ad:9f:23:00:a0:5c:
a4:13:3b:59:02:bc:56:76:9f:48:86:47:d6:eb:12:
dd:d2:72:9a:89:f1:60:8a:bb:b4:ad:aa:a7:ea:b3:
e7:6f:42:88:c4:42:28:55:b5:8a:a3:2e:ac:bc:99:
4f:5d:c3:74:bc:07:fb:2f:d3:cc:a2:1d:08:a6:09:
8f:ba:ac:b6:09:5f:3b:16:a5:3d:ee:da:00:59:e7:
23:32:b9:d0:55:d0:fd:f2:2f:76:a3:56:7d:4c:a4:
be:0e:ba:d8:e7:01:21:84:81:f0:76:30:de:22:9c:
1e:73:23:67:8c:66:77:11:65:86:f0:fe:f2:6c:1f:
7f:e3:b3:eb:2a:cb:37:3e:7b:33:23:3e:55:eb:1f:
ba:9d:70:b5:ce:d9:9f:41:5c:7d:b6:a5:14:a4:35:
ad:79:dd:5c:a2:a3:8d:0a:12:f8:12:70:f1:60:e7:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3D:5F:57:38:F4:4A:56:66:92:D8:E7:3F:DC:EA:24:4F:C2:07:86
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Uz1fVzj0SlZmktjnP9zqJE_CB4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3900::/31
2a09:3904::/32
2a09:3907::/32
Signature Algorithm: sha256WithRSAEncryption
04:54:77:20:28:7d:66:d2:b9:cc:d5:28:4a:47:fe:bb:e6:6d:
e9:8a:a6:fb:20:05:61:e5:84:86:c0:27:72:1f:a8:7f:cb:84:
b4:26:73:b7:18:68:06:7a:25:c2:0f:0b:77:58:57:f0:13:ed:
8b:9e:fd:a9:7d:47:e6:90:14:eb:ea:fc:0a:ee:61:63:09:a2:
a9:4e:ca:b7:63:ef:c7:ca:b3:b9:6a:32:8e:cc:bf:26:7c:94:
f0:21:82:a9:8b:4a:25:79:02:44:73:1b:da:8c:04:bd:72:c0:
c1:00:25:55:fa:f9:24:ba:be:9f:63:b4:e1:46:78:17:71:ac:
ab:26:1a:aa:68:10:d8:bf:09:0c:d0:69:40:3b:73:84:af:c4:
21:90:06:67:59:3d:5a:61:0b:ac:96:17:d4:c3:f0:a6:7e:86:
ba:3c:e8:1a:95:12:1f:7c:6f:c5:be:84:ca:a6:90:a0:87:50:
88:94:60:98:4d:39:8c:84:a5:e2:23:fd:a0:6d:9f:a2:cd:fb:
a4:ac:d7:e0:5f:5c:37:99:3b:10:2c:9e:5b:dd:a0:b5:c9:44:
1f:7f:b1:2a:52:24:b2:99:48:41:d5:8f:b9:95:19:8a:3b:22:
eb:07:5a:16:5b:de:c1:06:e8:44:6a:2c:fb:1c:2b:97:0c:fd:
69:c0:16:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLj+VYKAUdJCocThNYg0gPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMDMxMTkwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNkNWY1NzM4ZjQ0YTU2NjY5MmQ4ZTczZmRjZWEyNDRmYzIwNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j/yREsSVpNcmVEjPXi9+X0F1S27
24e339rbbtoF+11E7LDsZ9nakcQOJLmwfUNzwhJjq/2l8mBtjQTbsOULk1h2nYOF
pZ5efz/+zS2k4DI2Ls6tnyMAoFykEztZArxWdp9IhkfW6xLd0nKaifFgiru0raqn
6rPnb0KIxEIoVbWKoy6svJlPXcN0vAf7L9PMoh0IpgmPuqy2CV87FqU97toAWecj
MrnQVdD98i92o1Z9TKS+DrrY5wEhhIHwdjDeIpwecyNnjGZ3EWWG8P7ybB9/47Pr
Kss3PnszIz5V6x+6nXC1ztmfQVx9tqUUpDWted1coqONChL4EnDxYOctrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFM9X1c49EpWZpLY5z/c6iRPwgeGMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvVXoxZlZ6ajBTbFpta3RqblA5enFKRV9DQjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUBKgk5AAMF
ACoJOQQDBQAqCTkHMA0GCSqGSIb3DQEBCwUAA4IBAQAEVHcgKH1m0rnM1ShKR/67
5m3piqb7IAVh5YSGwCdyH6h/y4S0JnO3GGgGeiXCDwt3WFfwE+2Lnv2pfUfmkBTr
6vwK7mFjCaKpTsq3Y+/HyrO5ajKOzL8mfJTwIYKpi0oleQJEcxvajAS9csDBACVV
+vkkur6fY7ThRngXcayrJhqqaBDYvwkM0GlAO3OEr8QhkAZnWT1aYQuslhfUw/Cm
foa6POgalRIffG/FvoTKppCgh1CIlGCYTTmMhKXiI/2gbZ+izfukrNfgX1w3mTsQ
LJ5b3aC1yUQff7EqUiSymUhB1Y+5lRmKOyLrB1oWW97BBuhEaiz7HCuXDP1pwBaE
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:16 2024 by rpki-client on console-ams.rpki-client.org