Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qXmTINDMBx18w1NTlVEQ_c9loJs.roa
File: qXmTINDMBx18w1NTlVEQ_c9loJs.roa (raw, json)
Hash identifier: ebH4h0Ry3ykX7oJhLeA5yGUwvjj/uCAPkJ1ChuY1BBs=
Subject key identifier: A9:79:93:20:D0:CC:07:1D:7C:C3:53:53:95:51:10:FD:CF:65:A0:9B
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 01927D4BCAFEB8B6D0FBCB9C5AD3DA68CBB3
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qXmTINDMBx18w1NTlVEQ_c9loJs.roa
Signing time: Fri 11 Oct 2024 20:36:11 +0000
ROA not before: Fri 11 Oct 2024 20:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:3901::/32 maxlen: 32
2a09:3904::/32 maxlen: 32
2a09:3907::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:ca:fe:b8:b6:d0:fb:cb:9c:5a:d3:da:68:cb:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Oct 11 20:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9799320d0cc071d7cc35353955110fdcf65a09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:99:89:e5:f7:a6:11:8a:da:c5:1e:aa:5f:38:
e7:1e:cf:01:a8:84:58:c0:0f:b1:f7:01:78:02:7e:
83:05:e8:98:1f:56:e8:36:ee:c2:7b:8f:c6:70:29:
e7:d4:ab:45:55:70:d1:8a:2f:f7:1d:c7:66:8c:0e:
ff:23:01:c5:59:77:79:1a:90:27:48:0e:93:cd:b3:
8f:b4:3c:48:0d:31:25:e5:0b:dc:be:3d:a3:7f:de:
69:a4:c7:d8:b2:af:ba:18:96:a6:30:80:33:6f:0e:
dc:49:1a:11:ed:db:ac:eb:3c:45:3c:96:fe:14:9a:
fa:f7:ae:72:94:36:c6:56:40:74:71:5e:a8:18:8c:
a0:ed:5a:f6:67:5f:93:6a:56:88:6f:b0:1b:7d:db:
0c:07:ea:54:92:48:e3:e7:85:b6:e2:a4:1a:21:fd:
f3:75:2d:52:5d:98:3b:e0:0a:00:79:8e:d7:db:f0:
ec:e6:15:52:a7:57:73:8b:fd:b2:02:5d:a8:9a:dd:
e9:18:da:b0:3a:6e:76:ec:9d:ab:01:26:d7:18:96:
37:f1:34:37:a9:fe:a9:91:8a:e1:67:a5:99:84:b3:
18:61:b9:e0:a0:70:f1:e8:34:a3:65:0d:79:e7:cf:
62:5b:d6:6d:4f:9a:9a:06:d5:44:bc:60:dc:69:91:
1c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:79:93:20:D0:CC:07:1D:7C:C3:53:53:95:51:10:FD:CF:65:A0:9B
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qXmTINDMBx18w1NTlVEQ_c9loJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3901::/32
2a09:3904::/32
2a09:3907::/32
Signature Algorithm: sha256WithRSAEncryption
b3:4c:b0:85:5c:a8:fd:fa:90:07:33:68:3f:7e:c1:59:20:49:
04:f3:18:9b:fc:5f:16:68:fe:cf:39:58:e1:0f:6e:d9:b1:01:
3c:88:8d:bc:fe:1c:51:a9:ee:98:90:6d:d6:ed:c4:d2:fd:16:
70:16:03:75:7f:ea:da:2d:fa:67:42:2c:13:61:2e:83:fa:ab:
ef:4b:52:c9:12:68:46:0b:c4:0f:5c:c1:57:1f:27:75:34:04:
99:85:74:ca:7b:4c:4a:6b:73:0d:29:f6:c0:d4:6f:e7:b3:12:
0b:f7:52:c7:56:00:61:64:78:35:23:04:67:30:30:b2:57:36:
06:c7:e1:8e:e0:49:32:e1:70:2d:61:97:d1:50:7a:ca:36:b8:
12:3b:08:43:a4:1c:30:ae:ae:69:e7:b5:ab:87:4c:36:c7:e7:
b8:a0:8f:b8:a0:d7:e0:da:f4:df:ba:62:63:bc:f7:12:07:6f:
6d:50:e4:3b:ec:6f:61:fb:59:11:dc:6d:68:2d:56:a5:30:ef:
27:17:80:da:a9:e6:fc:03:be:0f:f0:d3:1b:4a:9b:83:08:b4:
47:ff:0d:de:fb:bc:40:4f:da:a8:fe:58:0d:fd:dd:3c:73:83:
0d:f3:8c:45:95:a5:e2:9f:8a:78:cb:9b:a2:28:e4:66:f6:93:
a3:cb:6a:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJ9S8r+uLbQ+8ucWtPaaMuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMDExMjAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTc5OTMyMGQwY2MwNzFkN2NjMzUzNTM5NTUxMTBmZGNmNjVhMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pmJ5femEYraxR6qXzjnHs8BqIRY
wA+x9wF4An6DBeiYH1boNu7Ce4/GcCnn1KtFVXDRii/3HcdmjA7/IwHFWXd5GpAn
SA6TzbOPtDxIDTEl5Qvcvj2jf95ppMfYsq+6GJamMIAzbw7cSRoR7dus6zxFPJb+
FJr6965ylDbGVkB0cV6oGIyg7Vr2Z1+TalaIb7AbfdsMB+pUkkjj54W24qQaIf3z
dS1SXZg74AoAeY7X2/Ds5hVSp1dzi/2yAl2omt3pGNqwOm527J2rASbXGJY38TQ3
qf6pkYrhZ6WZhLMYYbngoHDx6DSjZQ15589iW9ZtT5qaBtVEvGDcaZEcMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKl5kyDQzAcdfMNTU5VREP3PZaCbMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvcVhtVElORE1CeDE4dzFOVGxWRVFfYzlsb0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgk5AQMF
ACoJOQQDBQAqCTkHMA0GCSqGSIb3DQEBCwUAA4IBAQCzTLCFXKj9+pAHM2g/fsFZ
IEkE8xib/F8WaP7POVjhD27ZsQE8iI28/hxRqe6YkG3W7cTS/RZwFgN1f+raLfpn
QiwTYS6D+qvvS1LJEmhGC8QPXMFXHyd1NASZhXTKe0xKa3MNKfbA1G/nsxIL91LH
VgBhZHg1IwRnMDCyVzYGx+GO4Eky4XAtYZfRUHrKNrgSOwhDpBwwrq5p57Wrh0w2
x+e4oI+4oNfg2vTfumJjvPcSB29tUOQ77G9h+1kR3G1oLValMO8nF4Daqeb8A74P
8NMbSpuDCLRH/w3e+7xAT9qo/lgN/d08c4MN84xFlaXin4p4y5uiKORm9pOjy2oP
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org