Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/A9yYPb3Uz5TxHB4KU0_yQ_s2v6Y.roa
File: A9yYPb3Uz5TxHB4KU0_yQ_s2v6Y.roa (raw, json)
Hash identifier: 6G+MlhZd25Lar121SmoSgvFPLkQ9kGdeU3vbvODyUpM=
Subject key identifier: 03:DC:98:3D:BD:D4:CF:94:F1:1C:1E:0A:53:4F:F2:43:FB:36:BF:A6
Certificate issuer: /CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Certificate serial: 018F9744920F62E2A5D6A7B1A2F8797376F3
Authority key identifier: CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/A9yYPb3Uz5TxHB4KU0_yQ_s2v6Y.roa
Signing time: Mon 20 May 2024 18:30:04 +0000
ROA not before: Mon 20 May 2024 18:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216417
IP address blocks: 2a04:5040::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 06 Jul 2024 13:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:97:44:92:0f:62:e2:a5:d6:a7:b1:a2:f8:79:73:76:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3348abf173d2774c8942008cadf6d6012a3d52
Validity
Not Before: May 20 18:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03dc983dbdd4cf94f11c1e0a534ff243fb36bfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7d:f5:09:79:1c:02:64:16:e7:6d:24:19:00:
e5:d5:d7:57:a0:02:4f:13:d1:ac:71:d4:a4:f9:2f:
02:d3:72:54:f9:5c:fc:77:29:07:29:3b:8d:3a:54:
69:59:50:15:fe:3e:b3:64:03:f9:69:18:83:c4:3c:
b9:c5:72:6e:92:7a:11:84:2c:8d:13:d2:c0:1f:e5:
98:7f:af:0d:ac:01:39:40:7b:37:9f:ad:1f:ad:fb:
db:b2:96:68:c2:a6:e4:0a:d9:d6:01:68:e0:cc:7d:
2c:ab:b4:46:6a:f9:5b:c1:94:4b:d8:06:9b:2a:ed:
f4:43:c0:a3:7c:62:e7:4d:ad:64:d8:da:a2:91:4e:
63:f9:ef:ab:46:ec:8f:1c:9a:d9:6d:44:65:b3:20:
40:0d:b3:74:b6:21:42:df:fb:c1:0d:57:4e:3b:58:
90:34:b4:d1:72:5d:a8:63:92:99:2c:48:86:cd:a1:
cc:5f:9c:9d:40:ac:1e:94:78:47:fb:88:8e:bf:e8:
36:06:91:e2:d6:ff:3e:ad:e3:77:55:c5:60:08:22:
68:5e:82:6f:50:9a:65:cd:2e:19:28:69:f6:f8:7e:
c1:03:50:5c:46:f6:4b:0e:98:5a:4a:be:cd:dd:6b:
8a:43:a3:e4:bc:77:4f:2f:7b:3d:0b:d3:46:85:5b:
90:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DC:98:3D:BD:D4:CF:94:F1:1C:1E:0A:53:4F:F2:43:FB:36:BF:A6
X509v3 Authority Key Identifier:
keyid:CA:33:48:AB:F1:73:D2:77:4C:89:42:00:8C:AD:F6:D6:01:2A:3D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjNIq_Fz0ndMiUIAjK321gEqPVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/A9yYPb3Uz5TxHB4KU0_yQ_s2v6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/026914-1612-45f4-acdf-2acb9d17c11c/1/yjNIq_Fz0ndMiUIAjK321gEqPVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5040::/32
Signature Algorithm: sha256WithRSAEncryption
39:3b:8c:39:6d:4c:34:e9:dd:2a:0d:c1:34:59:6f:17:2d:42:
02:ee:9f:d2:c2:50:16:e3:1d:34:56:21:03:2f:00:a8:2b:b1:
7b:d6:7b:fc:1a:59:c7:13:a8:35:ac:79:65:73:0e:c5:c9:18:
b5:29:6e:b1:f9:e6:1f:ad:b9:f8:8e:5d:f6:a9:6a:4b:1b:e4:
4f:3f:23:4b:e4:02:c5:d1:61:ee:0c:52:d9:d4:ee:22:09:74:
b0:77:ec:05:5c:1e:f9:c2:b3:91:0d:c3:7f:47:c1:f4:88:f8:
b7:06:3f:75:49:02:f5:e2:3b:2e:52:9f:a6:36:16:d7:99:11:
08:a0:6c:10:6c:50:d4:19:df:15:3a:5a:32:d1:bb:8d:4a:9b:
f0:ef:87:d8:cb:9b:65:48:6f:40:7b:88:05:c1:02:2c:8e:47:
bd:66:06:8f:c8:b6:46:4e:37:7f:16:c8:d9:66:3f:f1:b2:9f:
8e:5f:01:8d:98:c8:fc:62:29:57:3d:ce:65:49:79:ba:76:92:
20:2f:61:8a:85:46:b7:27:3c:ee:a7:43:8f:7f:c0:50:d2:b7:
ec:e2:e0:09:bc:ae:e0:b5:70:d7:8f:8b:d6:8c:79:db:e8:a2:
f9:42:8a:0b:77:a3:5d:3a:8f:c5:ac:3d:83:16:a7:48:04:93:
bd:72:b4:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+XRJIPYuKl1qexovh5c3bzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzM0OGFiZjE3M2QyNzc0Yzg5NDIwMDhjYWRmNmQ2MDEy
YTNkNTIwHhcNMjQwNTIwMTgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RjOTgzZGJkZDRjZjk0ZjExYzFlMGE1MzRmZjI0M2ZiMzZiZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv331CXkcAmQW520kGQDl1ddXoAJP
E9GscdSk+S8C03JU+Vz8dykHKTuNOlRpWVAV/j6zZAP5aRiDxDy5xXJuknoRhCyN
E9LAH+WYf68NrAE5QHs3n60frfvbspZowqbkCtnWAWjgzH0sq7RGavlbwZRL2Aab
Ku30Q8CjfGLnTa1k2NqikU5j+e+rRuyPHJrZbURlsyBADbN0tiFC3/vBDVdOO1iQ
NLTRcl2oY5KZLEiGzaHMX5ydQKwelHhH+4iOv+g2BpHi1v8+reN3VcVgCCJoXoJv
UJplzS4ZKGn2+H7BA1BcRvZLDphaSr7N3WuKQ6PkvHdPL3s9C9NGhVuQ1QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAPcmD291M+U8RweClNP8kP7Nr+mMB8GA1UdIwQY
MBaAFMozSKvxc9J3TIlCAIyt9tYBKj1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYt
MmFjYjlkMTdjMTFjLzEvQTl5WVBiM1V6NVR4SEI0S1UwX3lRX3MydjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wMjY5MTQtMTYxMi00NWY0LWFjZGYtMmFjYjlkMTdjMTFj
LzEveWpOSXFfRnowbmRNaVVJQWpLMzIxZ0VxUFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgRQQDAN
BgkqhkiG9w0BAQsFAAOCAQEAOTuMOW1MNOndKg3BNFlvFy1CAu6f0sJQFuMdNFYh
Ay8AqCuxe9Z7/BpZxxOoNax5ZXMOxckYtSlusfnmH625+I5d9qlqSxvkTz8jS+QC
xdFh7gxS2dTuIgl0sHfsBVwe+cKzkQ3Df0fB9Ij4twY/dUkC9eI7LlKfpjYW15kR
CKBsEGxQ1BnfFTpaMtG7jUqb8O+H2MubZUhvQHuIBcECLI5HvWYGj8i2Rk43fxbI
2WY/8bKfjl8BjZjI/GIpVz3OZUl5unaSIC9hioVGtyc87qdDj3/AUNK37OLgCbyu
4LVw14+L1ox52+ii+UKKC3ejXTqPxaw9gxanSASTvXK0mg==
-----END CERTIFICATE-----
Generated at Sat Jul 6 15:45:33 2024 by rpki-client on console-fra.rpki-client.org