Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/8ka7nPaVJ31q_GCtYKL5m8V2ACM.roa
File: 8ka7nPaVJ31q_GCtYKL5m8V2ACM.roa (raw, json)
Hash identifier: +SXtCHVjSr84rbHlURrzg/92KSH02SyG7un/H++9OvU=
Subject key identifier: F2:46:BB:9C:F6:95:27:7D:6A:FC:60:AD:60:A2:F9:9B:C5:76:00:23
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01927D4BCBAEA43E92642BE5EB4BB74B3C28
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/8ka7nPaVJ31q_GCtYKL5m8V2ACM.roa
Signing time: Fri 11 Oct 2024 20:36:12 +0000
ROA not before: Fri 11 Oct 2024 20:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:9443::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:cb:ae:a4:3e:92:64:2b:e5:eb:4b:b7:4b:3c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Oct 11 20:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f246bb9cf695277d6afc60ad60a2f99bc5760023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:72:7b:16:fe:cc:02:cd:27:cf:71:f0:ef:9f:
ec:97:f1:e7:8e:1d:9e:2e:cf:fd:05:6f:6e:9c:e2:
79:6b:82:ec:90:c0:7a:4b:8e:ad:7d:3a:15:35:70:
26:03:03:13:22:f5:e5:3c:e9:fc:00:da:bf:69:d4:
3e:22:a1:57:e2:1f:48:f6:ae:f9:29:5e:ab:08:ec:
b5:c8:96:ac:89:a6:94:ce:ee:56:82:5a:a7:43:0d:
82:86:4f:a6:b7:60:8f:91:22:94:20:b6:4c:ab:1f:
2f:88:c4:dd:ce:b0:2f:6f:bb:35:0c:53:89:c0:cb:
3b:d5:d2:ea:76:dd:af:f4:5b:f4:f7:7b:2a:3c:52:
ee:9c:00:b5:00:a6:29:d0:1b:71:a0:87:a3:92:96:
36:5a:5f:68:32:13:79:de:a1:0c:7d:96:38:a5:10:
a1:df:c8:09:76:0b:3b:85:d6:3c:99:4e:6d:e4:01:
92:49:a1:5d:1b:40:13:0d:18:63:76:79:f4:5c:37:
52:4c:97:7d:93:39:3d:0d:be:c6:e8:eb:f5:2c:69:
a5:e6:e8:3b:f5:5a:6f:aa:8a:53:ae:af:b7:94:fb:
ba:75:77:2f:a0:0f:70:7d:95:8b:83:49:e6:3d:3f:
4e:aa:7d:78:fc:23:40:24:7a:0b:cf:bd:60:78:97:
41:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:46:BB:9C:F6:95:27:7D:6A:FC:60:AD:60:A2:F9:9B:C5:76:00:23
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/8ka7nPaVJ31q_GCtYKL5m8V2ACM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9443::/32
Signature Algorithm: sha256WithRSAEncryption
9b:35:f5:3b:ec:44:4e:3c:1f:15:bc:53:13:81:50:37:c3:9d:
83:57:d5:d2:8a:27:4a:48:17:f4:5a:35:a9:1b:9a:20:a2:fd:
86:26:a1:66:fc:12:ba:e2:26:35:a9:eb:bf:08:15:01:30:ce:
87:e0:46:41:b1:4d:69:f7:f0:7e:b2:d3:d9:73:8d:0f:91:2d:
20:b4:04:d4:eb:b6:f6:e2:ec:0e:c9:a7:a6:22:3d:e3:5b:00:
f7:74:a1:bb:6e:3b:c6:02:c6:d0:2c:74:dd:13:15:09:8f:f7:
5a:05:d0:fb:24:78:34:78:f2:ff:5a:2c:28:19:b4:5a:54:f8:
30:7d:ff:4b:be:d0:b9:90:c4:61:d9:f3:11:b5:09:74:2a:67:
8f:c9:eb:f2:64:e5:33:dc:e1:c9:fb:07:dd:bc:f9:4c:ed:7c:
eb:a4:08:d2:04:8f:6d:ed:e3:fc:80:40:da:ef:b0:2c:f2:16:
5e:af:77:ab:62:9a:55:7b:f1:a2:06:95:c0:fd:7f:5a:89:02:
e1:c6:aa:0f:f6:79:cb:c4:23:fa:3e:58:fc:7c:fc:54:33:89:
97:2a:a6:41:54:54:62:9d:bc:02:a2:46:75:53:17:cc:9a:e0:
20:cf:bd:62:bb:e1:9f:3f:2c:1f:f1:66:8c:c5:4e:9c:3e:3e:
7e:1e:8f:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ9S8uupD6SZCvl60u3SzwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQxMDExMjAzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ2YmI5Y2Y2OTUyNzdkNmFmYzYwYWQ2MGEyZjk5YmM1NzYwMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33J7Fv7MAs0nz3Hw75/sl/Hnjh2e
Ls/9BW9unOJ5a4LskMB6S46tfToVNXAmAwMTIvXlPOn8ANq/adQ+IqFX4h9I9q75
KV6rCOy1yJasiaaUzu5WglqnQw2Chk+mt2CPkSKUILZMqx8viMTdzrAvb7s1DFOJ
wMs71dLqdt2v9Fv093sqPFLunAC1AKYp0BtxoIejkpY2Wl9oMhN53qEMfZY4pRCh
38gJdgs7hdY8mU5t5AGSSaFdG0ATDRhjdnn0XDdSTJd9kzk9Db7G6Ov1LGml5ug7
9VpvqopTrq+3lPu6dXcvoA9wfZWLg0nmPT9Oqn14/CNAJHoLz71geJdB0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPJGu5z2lSd9avxgrWCi+ZvFdgAjMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvOGthN25QYVZKMzFxX0dDdFlLTDVtOFYyQUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmUQzAN
BgkqhkiG9w0BAQsFAAOCAQEAmzX1O+xETjwfFbxTE4FQN8Odg1fV0oonSkgX9Fo1
qRuaIKL9hiahZvwSuuImNanrvwgVATDOh+BGQbFNaffwfrLT2XOND5EtILQE1Ou2
9uLsDsmnpiI941sA93Shu247xgLG0Cx03RMVCY/3WgXQ+yR4NHjy/1osKBm0WlT4
MH3/S77QuZDEYdnzEbUJdCpnj8nr8mTlM9zhyfsH3bz5TO1866QI0gSPbe3j/IBA
2u+wLPIWXq93q2KaVXvxogaVwP1/WokC4caqD/Z5y8Qj+j5Y/Hz8VDOJlyqmQVRU
Yp28AqJGdVMXzJrgIM+9Yrvhnz8sH/FmjMVOnD4+fh6PPw==
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org