Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/9w0lb0aBCmFgzvHTLGlLpELlq2E.roa
File: 9w0lb0aBCmFgzvHTLGlLpELlq2E.roa (raw, json)
Hash identifier: mLVc7MJqUTf9FrGNMZltDbI10/XzPYG7fYmqDtWG2rg=
Subject key identifier: F7:0D:25:6F:46:81:0A:61:60:CE:F1:D3:2C:69:4B:A4:42:E5:AB:61
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 018E2847FC58919AA9326060DF111C3CC829
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/9w0lb0aBCmFgzvHTLGlLpELlq2E.roa
Signing time: Sun 10 Mar 2024 12:13:10 +0000
ROA not before: Sun 10 Mar 2024 12:13:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211521
IP address blocks: 96.9.145.0/24 maxlen: 24
2a0a:c743:1::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 11 Sep 2024 05:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:47:fc:58:91:9a:a9:32:60:60:df:11:1c:3c:c8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Mar 10 12:13:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70d256f46810a6160cef1d32c694ba442e5ab61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:de:74:cb:ba:ee:e0:40:0d:7d:bc:d2:4a:b8:
80:22:e0:b8:67:29:e5:3b:7d:94:91:3f:ed:67:43:
b7:47:8b:ff:33:19:8b:be:b7:ea:08:c6:43:da:f4:
fa:52:73:1d:d1:7e:9f:68:a6:6d:b2:aa:f7:de:1d:
f5:95:c2:45:78:c4:45:02:7b:15:db:34:c3:c7:47:
44:15:f6:f2:e9:70:fc:ff:04:29:3d:3d:f8:1c:e0:
9f:60:5a:9e:a2:fa:44:b5:2b:e4:4a:5d:fd:f4:35:
0e:53:8c:63:9f:1e:9f:1b:02:5e:9f:0b:b3:f5:6c:
02:02:2e:9e:32:2f:44:7a:67:b7:2e:39:d7:7a:b1:
40:b6:c4:4c:07:1a:89:a1:e6:51:72:65:94:56:7e:
c8:0b:6d:c3:90:fb:bb:41:ad:f2:de:75:27:92:b9:
8f:f1:5c:84:85:e7:9d:d7:86:a6:89:47:f1:48:a9:
98:23:16:bb:74:68:7c:88:af:8b:b4:28:17:b0:ac:
6f:c7:44:70:ad:7e:35:4c:de:c0:8d:40:e0:b5:58:
cb:67:e7:ab:76:fd:f5:5e:2c:bc:db:9b:0c:01:31:
b0:67:f9:33:b4:b0:8d:fa:ef:af:cf:16:14:50:c1:
fa:70:4e:b7:0a:46:6c:69:b4:e6:31:d1:cf:af:05:
c5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0D:25:6F:46:81:0A:61:60:CE:F1:D3:2C:69:4B:A4:42:E5:AB:61
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/9w0lb0aBCmFgzvHTLGlLpELlq2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.9.145.0/24
IPv6:
2a0a:c743:1::/64
Signature Algorithm: sha256WithRSAEncryption
86:1d:a8:d4:ca:e8:5a:68:41:a3:a8:32:fc:5c:1c:20:96:34:
b6:53:76:eb:fc:8e:57:67:64:b4:54:3c:2c:83:4a:c7:39:71:
3e:7e:4c:ef:d2:bb:35:58:23:82:44:ad:7f:98:f6:0a:9e:c5:
f0:c6:91:bb:77:92:0b:20:12:42:82:c9:e0:c9:d4:b0:e6:93:
4b:92:bf:b0:0a:87:a5:0e:8c:75:7b:4c:99:2e:7a:50:2f:0e:
99:04:a6:eb:31:8c:f9:69:d8:91:7f:5a:b9:06:15:91:26:df:
fa:51:25:48:48:1c:63:aa:99:58:7a:db:79:90:16:fd:bb:de:
5f:d3:11:46:e1:8e:73:3a:d1:d1:76:1b:f2:77:0d:6c:49:f2:
41:a0:29:a2:db:4c:6d:08:80:5b:0e:fe:cc:39:db:ce:0e:9e:
61:38:85:8b:56:14:08:5a:01:be:a6:01:48:2e:87:3e:57:b9:
cc:f1:0d:fb:2b:84:2d:ea:b4:c2:b8:cf:92:6d:87:b0:14:53:
80:e2:e1:61:dc:e5:90:cf:93:7a:6a:78:4e:af:dc:f9:18:2b:
74:a0:f1:f4:b5:46:0f:4f:53:4c:5a:9d:4d:61:b8:24:3d:54:
bf:53:34:00:d7:d6:c0:7e:1d:bb:ef:6d:4d:06:54:d5:88:7a:
2e:cc:d9:fe
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY4oR/xYkZqpMmBg3xEcPMgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjQwMzEwMTIxMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBkMjU2ZjQ2ODEwYTYxNjBjZWYxZDMyYzY5NGJhNDQyZTVhYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd50y7ru4EANfbzSSriAIuC4Zynl
O32UkT/tZ0O3R4v/MxmLvrfqCMZD2vT6UnMd0X6faKZtsqr33h31lcJFeMRFAnsV
2zTDx0dEFfby6XD8/wQpPT34HOCfYFqeovpEtSvkSl399DUOU4xjnx6fGwJenwuz
9WwCAi6eMi9Eeme3LjnXerFAtsRMBxqJoeZRcmWUVn7IC23DkPu7Qa3y3nUnkrmP
8VyEheed14amiUfxSKmYIxa7dGh8iK+LtCgXsKxvx0RwrX41TN7AjUDgtVjLZ+er
dv31Xiy825sMATGwZ/kztLCN+u+vzxYUUMH6cE63CkZsabTmMdHPrwXFhQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPcNJW9GgQphYM7x0yxpS6RC5athMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvOXcwbGIwYUJDbUZnenZIVExHbExwRUxscTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQAYAmRMBEE
AgACMAsDCQAqCsdDAAEAADANBgkqhkiG9w0BAQsFAAOCAQEAhh2o1MroWmhBo6gy
/FwcIJY0tlN26/yOV2dktFQ8LINKxzlxPn5M79K7NVgjgkStf5j2Cp7F8MaRu3eS
CyASQoLJ4MnUsOaTS5K/sAqHpQ6MdXtMmS56UC8OmQSm6zGM+WnYkX9auQYVkSbf
+lElSEgcY6qZWHrbeZAW/bveX9MRRuGOczrR0XYb8ncNbEnyQaApottMbQiAWw7+
zDnbzg6eYTiFi1YUCFoBvqYBSC6HPle5zPEN+yuELeq0wrjPkm2HsBRTgOLhYdzl
kM+Temp4Tq/c+RgrdKDx9LVGD09TTFqdTWG4JD1Uv1M0ANfWwH4du+9tTQZU1Yh6
LszZ/g==
-----END CERTIFICATE-----
Generated at Wed Sep 11 06:55:41 2024 by rpki-client on console-fra.rpki-client.org