Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/h6n2IG_BT3A2HUiLk-yi9raQBmU.roa
File: h6n2IG_BT3A2HUiLk-yi9raQBmU.roa (raw, json)
Hash identifier: 24MRd/XKPsP7uyv0pSFiUoYVduH3+z7y08t5AAy9TRg=
Subject key identifier: 87:A9:F6:20:6F:C1:4F:70:36:1D:48:8B:93:EC:A2:F6:B6:90:06:65
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01929C026A6B363D05572A94A3D54B773DB7
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/h6n2IG_BT3A2HUiLk-yi9raQBmU.roa
Signing time: Thu 17 Oct 2024 19:44:16 +0000
ROA not before: Thu 17 Oct 2024 19:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:3901::/32 maxlen: 32
2a09:3907::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:02:6a:6b:36:3d:05:57:2a:94:a3:d5:4b:77:3d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Oct 17 19:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a9f6206fc14f70361d488b93eca2f6b6900665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b8:16:00:f6:55:4d:f3:e5:c7:5d:4a:32:53:
77:c0:1d:f8:5c:a7:e9:fd:3f:2c:4f:4a:0a:79:4e:
15:f7:e9:70:89:6b:9f:e3:34:83:99:6e:e4:a0:0e:
a4:b6:1d:29:4b:b8:63:0c:28:07:16:02:17:94:15:
db:ea:60:85:dc:5a:61:6b:87:e9:89:51:2f:99:63:
92:c9:db:37:69:5c:a0:69:af:24:cd:ff:0a:08:49:
14:e5:f3:62:47:b4:d8:27:46:ed:29:09:5d:b2:e1:
d9:00:c1:ab:a8:1d:c5:b8:3c:27:01:d3:4f:16:45:
c8:16:d6:e5:03:e5:ad:de:d0:0e:6a:ab:aa:19:96:
d5:74:23:41:b8:be:a2:34:da:4c:75:10:86:02:a3:
0f:b8:f5:49:a0:a7:51:3b:30:e2:e7:f7:df:80:ea:
bb:46:53:ec:15:c9:aa:b6:e9:d4:9f:20:c1:24:95:
6c:a9:e6:3c:bd:59:4b:6a:8e:63:40:45:97:c5:c4:
dd:64:34:55:c3:eb:a9:73:d2:4f:d5:1c:2a:3a:3d:
3d:6e:fd:67:d4:97:72:84:01:c6:1a:4c:a9:2d:0e:
41:c8:4d:d9:d8:61:e7:1a:5f:09:01:11:00:63:a1:
c5:6f:56:9d:71:85:c7:e5:4a:82:95:27:21:59:cd:
dc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A9:F6:20:6F:C1:4F:70:36:1D:48:8B:93:EC:A2:F6:B6:90:06:65
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/h6n2IG_BT3A2HUiLk-yi9raQBmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3901::/32
2a09:3907::/32
Signature Algorithm: sha256WithRSAEncryption
69:38:e3:9f:c3:7e:65:45:3c:ed:eb:7a:13:79:79:e3:ce:10:
e1:df:a3:35:70:22:47:7e:db:fa:01:31:54:ad:32:e3:85:5c:
e2:00:79:d4:af:54:dc:79:ec:d7:ca:f5:e5:c6:e2:da:a6:4b:
7e:13:a0:89:21:18:f3:61:db:de:2f:b2:7e:55:a9:5b:7d:1f:
e9:43:98:e6:e5:bc:ee:d2:9a:4f:24:bb:d0:1a:45:cc:6f:0a:
20:ff:ac:4d:9a:12:ef:d5:9d:a3:fd:e7:dd:71:49:45:58:98:
06:55:d2:17:a7:3e:a9:1a:88:e8:cd:ed:b5:e1:34:ad:3e:05:
a5:71:38:fe:80:28:a3:d6:16:6a:2f:13:45:80:7a:8e:38:17:
bb:a1:de:39:aa:9e:2c:ef:cc:61:ea:07:30:30:aa:6e:d4:f6:
7e:9c:79:fd:7e:b4:b0:bd:d8:f0:c3:b8:98:b4:10:ba:08:b4:
b7:ef:44:86:84:53:d6:78:e5:ce:41:43:56:7d:58:91:77:53:
65:21:c5:c8:1f:1c:cb:60:24:c4:8e:b7:c1:8e:ee:79:17:1d:
a2:c5:05:f0:75:b7:20:6b:e1:28:c1:25:8e:10:cd:d0:dd:27:
b3:01:cf:b5:e9:86:1e:56:bd:04:b5:4a:44:83:75:d6:5c:6d:
3d:98:f4:54
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZKcAmprNj0FVyqUo9VLdz23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMDE3MTk0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E5ZjYyMDZmYzE0ZjcwMzYxZDQ4OGI5M2VjYTJmNmI2OTAwNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bgWAPZVTfPlx11KMlN3wB34XKfp
/T8sT0oKeU4V9+lwiWuf4zSDmW7koA6kth0pS7hjDCgHFgIXlBXb6mCF3Fpha4fp
iVEvmWOSyds3aVygaa8kzf8KCEkU5fNiR7TYJ0btKQldsuHZAMGrqB3FuDwnAdNP
FkXIFtblA+Wt3tAOaquqGZbVdCNBuL6iNNpMdRCGAqMPuPVJoKdROzDi5/ffgOq7
RlPsFcmqtunUnyDBJJVsqeY8vVlLao5jQEWXxcTdZDRVw+upc9JP1RwqOj09bv1n
1JdyhAHGGkypLQ5ByE3Z2GHnGl8JAREAY6HFb1adcYXH5UqClSchWc3cMwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIep9iBvwU9wNh1Ii5Psova2kAZlMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvaDZuMklHX0JUM0EySFVpTGsteWk5cmFRQm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgk5AQMF
ACoJOQcwDQYJKoZIhvcNAQELBQADggEBAGk445/DfmVFPO3rehN5eePOEOHfozVw
Ikd+2/oBMVStMuOFXOIAedSvVNx57NfK9eXG4tqmS34ToIkhGPNh294vsn5VqVt9
H+lDmOblvO7Smk8ku9AaRcxvCiD/rE2aEu/VnaP9591xSUVYmAZV0henPqkaiOjN
7bXhNK0+BaVxOP6AKKPWFmovE0WAeo44F7uh3jmqnizvzGHqBzAwqm7U9n6cef1+
tLC92PDDuJi0ELoItLfvRIaEU9Z45c5BQ1Z9WJF3U2UhxcgfHMtgJMSOt8GO7nkX
HaLFBfB1tyBr4SjBJY4QzdDdJ7MBz7Xphh5WvQS1SkSDddZcbT2Y9FQ=
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:16 2024 by rpki-client on console-ams.rpki-client.org