Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/s9kYrbDWvZ_gbmjxvny6rpir6g4.roa
File: s9kYrbDWvZ_gbmjxvny6rpir6g4.roa (raw, json)
Hash identifier: t7r3kDu6xQ3vi5W4uilBQg5AYv+gXnLJV4MgntDKJsg=
Subject key identifier: B3:D9:18:AD:B0:D6:BD:9F:E0:6E:68:F1:BE:7C:BA:AE:98:AB:EA:0E
Certificate issuer: /CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Certificate serial: 0186C0045E6D14A90B6533A8B072B6B3CA92
Authority key identifier: AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/s9kYrbDWvZ_gbmjxvny6rpir6g4.roa
Signing time: Wed 08 Mar 2023 06:59:17 +0000
ROA not before: Wed 08 Mar 2023 06:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 84.252.80.0/22 maxlen: 22
2a09:6080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:04:5e:6d:14:a9:0b:65:33:a8:b0:72:b6:b3:ca:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Validity
Not Before: Mar 8 06:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3d918adb0d6bd9fe06e68f1be7cbaae98abea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f8:01:e5:82:ad:f7:26:52:85:c2:e8:0e:02:
11:7f:a0:b6:e0:64:d4:cd:7a:ba:af:68:29:05:d8:
52:0c:d1:a3:69:dd:bd:4f:fc:2c:b6:10:f9:a0:d6:
f1:21:1b:91:64:48:dd:8c:b5:d5:69:49:2f:d3:d4:
85:f1:a4:64:44:36:e8:ca:c1:95:ad:2e:34:22:b7:
4f:e4:51:cd:dc:f3:4d:7d:64:d3:01:83:b9:ae:60:
2d:45:78:f7:1c:46:2e:43:b4:b9:56:28:84:83:79:
dc:c1:84:bb:13:03:f8:e2:3d:1f:d4:f0:9c:09:6e:
0e:fb:ca:fe:85:db:71:20:a0:aa:38:e7:01:5c:af:
00:b7:13:79:36:63:a7:b1:40:6c:c9:70:33:d4:06:
be:63:c4:3f:a6:74:ed:5e:bf:47:70:e9:9f:f6:65:
12:ae:0d:e3:db:e3:9f:1b:d1:e8:b6:5d:cd:bb:dc:
67:e6:80:4a:af:8b:ba:2c:9a:c5:33:9d:a9:d4:ab:
5c:e2:d2:bf:47:1f:6f:d6:32:81:16:aa:7f:6d:37:
00:bc:7f:51:73:6d:b3:ee:4e:b8:c2:af:9c:50:8d:
df:b1:fb:23:ba:a5:cc:57:58:6c:3a:b2:10:07:c4:
6a:81:31:5b:3e:ba:ce:39:29:ab:8c:f7:93:9a:94:
6b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D9:18:AD:B0:D6:BD:9F:E0:6E:68:F1:BE:7C:BA:AE:98:AB:EA:0E
X509v3 Authority Key Identifier:
keyid:AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/s9kYrbDWvZ_gbmjxvny6rpir6g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/qpoWTGVkErfar66FccxnnMb1h9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.80.0/22
IPv6:
2a09:6080::/29
Signature Algorithm: sha256WithRSAEncryption
bc:eb:62:86:43:34:87:c3:b7:48:46:e9:f6:61:43:3b:4a:ec:
c1:35:b8:0f:05:d2:d7:d3:d9:ba:4a:c3:bf:37:66:83:12:e1:
bf:c2:42:18:2a:c0:6a:50:b7:ee:66:ec:03:06:5f:ef:5a:b8:
bf:07:2c:20:48:7f:06:c6:c5:a5:f0:ba:d7:5b:aa:a2:a5:ee:
3e:c6:8a:e6:ab:af:f7:55:a5:50:b8:43:01:59:d9:bb:72:9e:
1a:ed:cb:35:85:69:c1:50:3f:c6:39:24:66:a6:54:b1:50:04:
a3:7b:19:b1:b3:3c:f8:ee:ad:a8:39:c9:83:bb:d6:a1:53:2e:
7d:61:8d:3f:54:8e:8f:f5:d6:d7:49:d5:27:5c:92:d7:96:1c:
88:2c:47:1d:a4:c6:db:e1:0f:81:ad:d3:03:3e:8e:98:8c:35:
ad:df:49:c1:e1:af:99:be:4f:04:13:cf:4c:31:3f:11:f3:3b:
15:d5:9c:01:6e:46:ba:0b:93:46:ff:66:57:52:1d:e9:66:82:
86:63:7d:7b:86:50:66:21:59:4a:ce:cd:d0:73:a4:b0:28:c8:
84:b3:63:03:f9:19:65:8a:e3:f4:f5:0e:11:af:f9:35:22:1b:
c1:ca:d5:d7:8e:65:ab:ea:65:1d:30:cb:c6:76:e3:b3:c6:81:
8a:22:fe:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbABF5tFKkLZTOosHK2s8qSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWExNjRjNjU2NDEyYjdkYWFmYWU4NTcxY2M2NzljYzZm
NTg3ZDAwHhcNMjMwMzA4MDY1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Q5MThhZGIwZDZiZDlmZTA2ZTY4ZjFiZTdjYmFhZTk4YWJlYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/gB5YKt9yZShcLoDgIRf6C24GTU
zXq6r2gpBdhSDNGjad29T/wsthD5oNbxIRuRZEjdjLXVaUkv09SF8aRkRDboysGV
rS40IrdP5FHN3PNNfWTTAYO5rmAtRXj3HEYuQ7S5ViiEg3ncwYS7EwP44j0f1PCc
CW4O+8r+hdtxIKCqOOcBXK8AtxN5NmOnsUBsyXAz1Aa+Y8Q/pnTtXr9HcOmf9mUS
rg3j2+OfG9Hotl3Nu9xn5oBKr4u6LJrFM52p1Ktc4tK/Rx9v1jKBFqp/bTcAvH9R
c22z7k64wq+cUI3fsfsjuqXMV1hsOrIQB8RqgTFbPrrOOSmrjPeTmpRrBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPZGK2w1r2f4G5o8b58uq6Yq+oOMB8GA1UdIwQY
MBaAFKqaFkxlZBK32q+uhXHMZ5zG9YfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjIt
Mjg4MjljMDNjNjlhLzEvczlrWXJiRFd2Wl9nYm1qeHZueTZycGlyNmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjItMjg4MjljMDNjNjlh
LzEvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVPxQMA0E
AgACMAcDBQMqCWCAMA0GCSqGSIb3DQEBCwUAA4IBAQC862KGQzSHw7dIRun2YUM7
SuzBNbgPBdLX09m6SsO/N2aDEuG/wkIYKsBqULfuZuwDBl/vWri/BywgSH8GxsWl
8LrXW6qipe4+xormq6/3VaVQuEMBWdm7cp4a7cs1hWnBUD/GOSRmplSxUASjexmx
szz47q2oOcmDu9ahUy59YY0/VI6P9dbXSdUnXJLXlhyILEcdpMbb4Q+BrdMDPo6Y
jDWt30nB4a+Zvk8EE89MMT8R8zsV1ZwBbka6C5NG/2ZXUh3pZoKGY317hlBmIVlK
zs3Qc6SwKMiEs2MD+RlliuP09Q4Rr/k1IhvBytXXjmWr6mUdMMvGduOzxoGKIv6L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:37 2024 by rpki-client on console-fra.rpki-client.org