Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Wllk6pw2x7w7ExqJo5Z8nAIB2yc.roa
File: Wllk6pw2x7w7ExqJo5Z8nAIB2yc.roa (raw, json)
Hash identifier: 1A0TNt5Fo2ykOpZOD7K1uGJ2SvBdo8QNDSMwtGmtRi0=
Subject key identifier: 5A:59:64:EA:9C:36:C7:BC:3B:13:1A:89:A3:96:7C:9C:02:01:DB:27
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018CF5B4DF7673EEA18846425B486916C15C
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Wllk6pw2x7w7ExqJo5Z8nAIB2yc.roa
Signing time: Wed 10 Jan 2024 23:28:40 +0000
ROA not before: Wed 10 Jan 2024 23:28:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3906::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 16:09:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:b4:df:76:73:ee:a1:88:46:42:5b:48:69:16:c1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jan 10 23:28:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a5964ea9c36c7bc3b131a89a3967c9c0201db27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:22:a9:96:89:ca:95:a6:2f:c5:14:20:bf:d9:
96:50:7f:da:a8:ad:b1:4c:95:ab:52:78:42:47:53:
8d:ca:fc:14:b4:e0:10:73:cc:93:c9:8d:d0:28:12:
4d:bb:e5:58:a0:78:6f:d2:cf:1a:6b:01:13:40:07:
b7:35:0e:6b:ea:bc:90:ed:d5:77:92:54:99:a2:e3:
39:63:1d:42:e7:e0:25:7d:90:25:54:3c:42:1a:60:
bc:45:51:f7:29:b2:98:5a:f6:cb:30:64:ce:51:20:
e3:d7:d9:5e:09:b5:83:fc:a8:9a:f9:a8:13:f1:63:
f4:a4:84:ce:42:67:5f:e7:b1:a4:33:87:f0:07:c9:
78:e8:9a:2f:43:0a:f8:98:d1:96:b0:a1:08:43:f2:
76:a8:59:20:ab:4b:03:5f:2a:3a:2c:e3:ad:ab:a2:
57:65:24:39:ae:f6:bd:e3:b4:a8:95:bc:b1:07:cc:
88:a8:38:46:59:c8:4f:bd:62:58:65:43:be:fe:e4:
77:f1:7d:40:8f:fc:25:b6:26:e7:d7:6a:55:a3:b9:
39:cb:87:f3:0c:06:c4:1b:eb:7e:7b:6c:fb:43:98:
67:4b:b4:8b:09:80:12:cc:ba:bd:04:c6:41:46:8b:
83:8d:94:94:6b:0e:c2:34:1a:2f:4b:75:59:9d:bf:
02:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:59:64:EA:9C:36:C7:BC:3B:13:1A:89:A3:96:7C:9C:02:01:DB:27
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/Wllk6pw2x7w7ExqJo5Z8nAIB2yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3906::/32
Signature Algorithm: sha256WithRSAEncryption
59:3c:f9:17:cb:81:ac:99:68:ed:c2:8f:fe:d7:fe:d7:de:0d:
5c:98:12:8d:a0:01:33:46:70:ac:8f:1b:e5:79:e2:fb:0a:98:
1b:f1:ee:6e:41:fd:8b:64:61:9d:ad:c6:ee:bb:9e:88:e8:e7:
e2:9f:bb:2b:fb:7c:c0:6c:6c:ed:3b:23:e1:d1:13:17:23:13:
51:76:f6:90:08:25:31:46:b9:d5:da:bc:06:ea:af:68:b4:5f:
99:cd:c8:7c:00:82:f4:32:cd:a3:8c:04:2e:79:de:16:d0:5a:
af:46:73:b9:23:bd:c0:6b:19:6c:33:b7:86:46:d5:5c:73:04:
81:56:29:96:9c:96:81:cd:52:7f:86:50:70:12:97:5d:98:c9:
44:ab:45:37:40:bd:86:81:f3:9b:40:7c:16:80:a4:1d:50:4d:
db:ed:a0:5f:6c:aa:a4:ed:77:78:cc:12:8c:01:9b:2c:9e:f9:
97:88:80:20:d5:76:e0:ae:56:11:60:b4:30:55:62:56:61:93:
09:7c:77:46:10:4e:ee:8f:01:ba:6a:9c:6a:5f:cd:ad:e4:f0:
20:95:c9:ec:69:9f:6b:f9:85:b9:5c:39:f5:56:66:fc:ed:8f:
fa:a3:52:95:8a:49:44:1b:84:1c:64:22:a0:01:a5:96:11:46:
5a:65:ca:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYz1tN92c+6hiEZCW0hpFsFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMTEwMjMyODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTU5NjRlYTljMzZjN2JjM2IxMzFhODlhMzk2N2M5YzAyMDFkYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyKplonKlaYvxRQgv9mWUH/aqK2x
TJWrUnhCR1ONyvwUtOAQc8yTyY3QKBJNu+VYoHhv0s8aawETQAe3NQ5r6ryQ7dV3
klSZouM5Yx1C5+AlfZAlVDxCGmC8RVH3KbKYWvbLMGTOUSDj19leCbWD/Kia+agT
8WP0pITOQmdf57GkM4fwB8l46JovQwr4mNGWsKEIQ/J2qFkgq0sDXyo6LOOtq6JX
ZSQ5rva947SolbyxB8yIqDhGWchPvWJYZUO+/uR38X1Aj/wltibn12pVo7k5y4fz
DAbEG+t+e2z7Q5hnS7SLCYASzLq9BMZBRouDjZSUaw7CNBovS3VZnb8CawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFpZZOqcNse8OxMaiaOWfJwCAdsnMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvV2xsazZwdzJ4N3c3RXhxSm81WjhuQUlCMnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5BjAN
BgkqhkiG9w0BAQsFAAOCAQEAWTz5F8uBrJlo7cKP/tf+194NXJgSjaABM0ZwrI8b
5Xni+wqYG/HubkH9i2Rhna3G7rueiOjn4p+7K/t8wGxs7Tsj4dETFyMTUXb2kAgl
MUa51dq8BuqvaLRfmc3IfACC9DLNo4wELnneFtBar0ZzuSO9wGsZbDO3hkbVXHME
gVYplpyWgc1Sf4ZQcBKXXZjJRKtFN0C9hoHzm0B8FoCkHVBN2+2gX2yqpO13eMwS
jAGbLJ75l4iAINV24K5WEWC0MFViVmGTCXx3RhBO7o8Bumqcal/NreTwIJXJ7Gmf
a/mFuVw59VZm/O2P+qNSlYpJRBuEHGQioAGllhFGWmXKBQ==
-----END CERTIFICATE-----
Generated at Wed Jan 17 21:33:08 2024 by rpki-client on console-ams.rpki-client.org