Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/4gAftuT1H8qhDUdxboyf1Po9d7o.roa
File: 4gAftuT1H8qhDUdxboyf1Po9d7o.roa (raw, json)
Hash identifier: nEox3z5JpHG78zGSvdw6IvFEwAcDUtEgOf2a6lFVL54=
Subject key identifier: E2:00:1F:B6:E4:F5:1F:CA:A1:0D:47:71:6E:8C:9F:D4:FA:3D:77:BA
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01927D4AE159B72D6EB59BCA8A20F432D85E
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/4gAftuT1H8qhDUdxboyf1Po9d7o.roa
Signing time: Fri 11 Oct 2024 20:35:12 +0000
ROA not before: Fri 11 Oct 2024 20:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:9443::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e1:59:b7:2d:6e:b5:9b:ca:8a:20:f4:32:d8:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Oct 11 20:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2001fb6e4f51fcaa10d47716e8c9fd4fa3d77ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:ad:5c:0f:08:49:27:57:49:06:36:65:1b:
0c:ea:ac:0e:58:97:91:49:01:d0:84:a9:02:99:0e:
17:ce:03:ff:e8:e5:c3:32:22:c3:a9:1c:93:f9:5c:
0a:03:dd:69:4e:25:bb:9b:cc:57:a2:06:8d:ab:57:
f9:59:ab:68:14:ee:37:52:1f:5a:d2:a8:8a:9b:6a:
75:01:d5:9b:aa:6e:8a:73:f6:1a:4f:d4:95:e4:e0:
3f:ab:a6:0f:3d:75:05:66:55:1d:19:34:8a:ed:2d:
44:2b:76:cc:a0:7b:4a:cf:7d:74:98:76:b8:62:b9:
8f:62:06:32:12:96:51:29:54:d7:4e:8e:d6:33:ba:
c4:fc:ca:a5:ee:6c:df:bb:c2:b4:84:08:f9:fb:fd:
4d:fc:ea:e1:db:41:74:fc:1b:56:d1:4f:96:98:ac:
f8:3f:e2:c7:d5:76:07:25:12:6d:36:72:17:26:71:
1d:37:ee:fc:3f:c3:c8:10:db:28:77:62:a0:f8:24:
f5:8c:c0:34:00:30:29:eb:c1:84:a9:ad:b6:41:7e:
cc:9e:f4:68:60:5c:46:83:86:7e:6e:cf:f0:bf:64:
2a:b1:86:e9:57:9f:27:0a:d5:b5:83:c0:ed:e5:2a:
55:53:aa:33:1e:4a:26:61:fa:dc:5d:51:05:ad:9e:
ad:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:00:1F:B6:E4:F5:1F:CA:A1:0D:47:71:6E:8C:9F:D4:FA:3D:77:BA
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/4gAftuT1H8qhDUdxboyf1Po9d7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9443::/32
Signature Algorithm: sha256WithRSAEncryption
37:32:f9:9e:a5:49:9f:07:3b:0e:38:d3:7a:f2:2a:93:78:74:
8a:74:44:87:dd:44:4a:86:41:57:9a:97:40:37:b0:d4:a0:0d:
43:b5:7c:ae:b7:06:1e:a9:d7:63:b5:6e:ae:7e:61:8e:5a:14:
56:2a:28:85:0f:1d:1e:32:18:e7:62:46:99:ef:93:9a:52:ed:
15:5f:7c:4c:63:28:85:d0:36:ff:1c:4e:a9:09:f8:77:69:e0:
f3:5b:b8:20:27:cf:8c:57:ce:8b:fc:12:07:4a:b7:81:40:8b:
a9:0c:a8:01:81:2c:7e:53:51:1b:38:84:d1:1e:c8:17:48:05:
a4:a3:74:1a:bd:0b:42:d3:88:10:c4:b4:4f:08:53:54:50:3c:
7d:81:84:80:a2:eb:f0:38:b4:a4:df:63:a5:5c:c7:a7:94:7c:
9d:e8:6f:78:03:7f:51:08:81:b4:65:9a:fd:3a:10:78:e3:2d:
70:a2:33:f5:e3:e4:78:38:6b:46:8a:69:66:1f:e3:1c:fb:88:
2c:0d:73:18:5a:2f:c9:f8:69:02:81:1b:da:6d:64:85:02:38:
8d:f0:d8:38:ff:74:44:dc:b5:2b:49:e0:6d:5d:68:61:41:96:
2d:c5:bc:91:97:d0:a9:62:33:f5:08:e1:fd:59:53:f0:73:fd:
f1:6d:b9:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ9SuFZty1utZvKiiD0MtheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQxMDExMjAzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjAwMWZiNmU0ZjUxZmNhYTEwZDQ3NzE2ZThjOWZkNGZhM2Q3N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXutXA8ISSdXSQY2ZRsM6qwOWJeR
SQHQhKkCmQ4XzgP/6OXDMiLDqRyT+VwKA91pTiW7m8xXogaNq1f5WatoFO43Uh9a
0qiKm2p1AdWbqm6Kc/YaT9SV5OA/q6YPPXUFZlUdGTSK7S1EK3bMoHtKz310mHa4
YrmPYgYyEpZRKVTXTo7WM7rE/Mql7mzfu8K0hAj5+/1N/Orh20F0/BtW0U+WmKz4
P+LH1XYHJRJtNnIXJnEdN+78P8PIENsod2Kg+CT1jMA0ADAp68GEqa22QX7MnvRo
YFxGg4Z+bs/wv2QqsYbpV58nCtW1g8Dt5SpVU6ozHkomYfrcXVEFrZ6tnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOIAH7bk9R/KoQ1HcW6Mn9T6PXe6MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvNGdBZnR1VDFIOHFoRFVkeGJveWYxUG85ZDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmUQzAN
BgkqhkiG9w0BAQsFAAOCAQEANzL5nqVJnwc7DjjTevIqk3h0inREh91ESoZBV5qX
QDew1KANQ7V8rrcGHqnXY7Vurn5hjloUVioohQ8dHjIY52JGme+TmlLtFV98TGMo
hdA2/xxOqQn4d2ng81u4ICfPjFfOi/wSB0q3gUCLqQyoAYEsflNRGziE0R7IF0gF
pKN0Gr0LQtOIEMS0TwhTVFA8fYGEgKLr8Di0pN9jpVzHp5R8nehveAN/UQiBtGWa
/ToQeOMtcKIz9ePkeDhrRoppZh/jHPuILA1zGFovyfhpAoEb2m1khQI4jfDYOP90
RNy1K0ngbV1oYUGWLcW8kZfQqWIz9Qjh/VlT8HP98W25Lg==
-----END CERTIFICATE-----
Generated at Thu Oct 17 22:34:22 2024 by rpki-client on console-ams.rpki-client.org