Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/EwviQaHMpksIErXZsB6FG0ct3k4.roa
File: EwviQaHMpksIErXZsB6FG0ct3k4.roa (raw, json)
Hash identifier: EKKOJZ4Gkvkk1eRGKVys31HkDbrjXb7+zAYvWXsU4mU=
Subject key identifier: 13:0B:E2:41:A1:CC:A6:4B:08:12:B5:D9:B0:1E:85:1B:47:2D:DE:4E
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0192E3F956617AD63556305E015509FA9C4B
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/EwviQaHMpksIErXZsB6FG0ct3k4.roa
Signing time: Thu 31 Oct 2024 19:07:01 +0000
ROA not before: Thu 31 Oct 2024 19:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:9440::/32 maxlen: 32
2a09:9443::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Nov 2024 16:11:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:f9:56:61:7a:d6:35:56:30:5e:01:55:09:fa:9c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Oct 31 19:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=130be241a1cca64b0812b5d9b01e851b472dde4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:04:9a:20:36:99:ff:0b:4f:0c:33:98:0e:bf:
df:34:ca:66:5a:a2:8b:8c:cc:a1:d5:20:25:1a:e7:
f0:1b:b6:a1:c5:6d:b8:8c:46:3b:b2:d9:f7:09:8d:
f8:ec:0c:74:40:ed:64:57:a6:eb:09:3b:d8:2a:6e:
d4:76:50:9a:8e:06:ba:82:44:58:53:51:cc:d9:74:
ba:10:dc:5f:b7:28:ea:70:8e:99:25:f7:e0:95:5e:
8a:bb:31:41:20:cf:a4:ad:69:9e:72:7c:f1:b3:73:
8c:28:34:10:46:65:d4:ac:84:c9:87:45:8e:4a:9a:
94:d9:1e:5c:e4:f2:58:99:c5:2e:63:82:79:33:3f:
85:a5:7f:d9:44:0b:e1:af:83:fa:af:11:72:2a:03:
61:29:5f:f9:fb:c8:71:1a:1f:c8:2b:5a:b7:b9:e8:
62:e3:bf:ff:2c:60:c6:6b:45:9a:06:45:e5:c9:2e:
35:0d:8a:40:b6:34:af:4b:64:fe:fa:57:c9:2e:9a:
a5:77:b5:8e:21:55:fa:d4:f4:b3:e2:c5:63:65:22:
9f:db:25:cc:c8:06:7a:79:cd:83:9b:9f:c3:ee:7d:
7a:63:57:eb:3f:6f:5f:10:04:73:15:a2:d6:fe:bd:
35:80:cf:2b:8d:53:23:c1:5b:82:82:b1:a3:0e:49:
43:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0B:E2:41:A1:CC:A6:4B:08:12:B5:D9:B0:1E:85:1B:47:2D:DE:4E
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/EwviQaHMpksIErXZsB6FG0ct3k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9440::/32
2a09:9443::/32
Signature Algorithm: sha256WithRSAEncryption
91:e6:3b:9d:5b:72:ee:94:b6:21:ed:73:e1:c7:5b:ef:f8:6b:
34:cc:59:f5:db:a6:e8:49:2a:d9:25:54:35:46:f5:66:67:6d:
94:16:44:84:65:32:de:27:e7:55:f6:3d:44:9e:06:e7:e6:28:
e4:45:4d:61:70:b2:71:de:ef:a4:39:77:49:d7:d6:fa:00:40:
f2:52:64:9f:cd:a6:92:99:0f:91:06:68:9c:d6:95:9c:30:bb:
69:02:ce:2e:69:4e:c8:b1:ba:31:00:14:8a:af:eb:9f:62:a7:
c0:1b:95:99:41:61:be:a9:ec:f5:d7:99:f5:c8:91:60:87:49:
78:32:89:67:b1:45:bc:76:03:df:58:7a:02:69:8b:bd:4a:14:
0c:f1:a7:3c:c9:11:5d:8d:81:18:2d:55:e0:92:e1:c2:4d:4a:
3e:4a:e5:9c:d5:53:56:4b:5e:73:3e:ae:28:38:c5:eb:12:ca:
18:4d:ab:91:f6:a3:a4:0a:a8:d2:3f:87:db:9f:19:4d:12:cc:
0b:27:06:03:f4:96:06:d8:cc:26:57:ca:72:2e:cb:a0:1e:5a:
e0:9b:e1:f5:d3:dd:19:4c:e2:75:15:ce:5c:73:d2:a1:c0:df:
e8:94:3f:7f:39:b7:1b:ce:cc:d9:c3:a4:1c:23:38:06:0f:9f:
91:17:d7:01
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZLj+VZhetY1VjBeAVUJ+pxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQxMDMxMTkwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzBiZTI0MWExY2NhNjRiMDgxMmI1ZDliMDFlODUxYjQ3MmRkZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQSaIDaZ/wtPDDOYDr/fNMpmWqKL
jMyh1SAlGufwG7ahxW24jEY7stn3CY347Ax0QO1kV6brCTvYKm7UdlCajga6gkRY
U1HM2XS6ENxftyjqcI6ZJffglV6KuzFBIM+krWmecnzxs3OMKDQQRmXUrITJh0WO
SpqU2R5c5PJYmcUuY4J5Mz+FpX/ZRAvhr4P6rxFyKgNhKV/5+8hxGh/IK1q3uehi
47//LGDGa0WaBkXlyS41DYpAtjSvS2T++lfJLpqld7WOIVX61PSz4sVjZSKf2yXM
yAZ6ec2Dm5/D7n16Y1frP29fEARzFaLW/r01gM8rjVMjwVuCgrGjDklDewIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBML4kGhzKZLCBK12bAehRtHLd5OMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvRXd2aVFhSE1wa3NJRXJYWnNCNkZHMGN0M2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmUQAMF
ACoJlEMwDQYJKoZIhvcNAQELBQADggEBAJHmO51bcu6UtiHtc+HHW+/4azTMWfXb
puhJKtklVDVG9WZnbZQWRIRlMt4n51X2PUSeBufmKORFTWFwsnHe76Q5d0nX1voA
QPJSZJ/NppKZD5EGaJzWlZwwu2kCzi5pTsixujEAFIqv659ip8AblZlBYb6p7PXX
mfXIkWCHSXgyiWexRbx2A99YegJpi71KFAzxpzzJEV2NgRgtVeCS4cJNSj5K5ZzV
U1ZLXnM+rig4xesSyhhNq5H2o6QKqNI/h9ufGU0SzAsnBgP0lgbYzCZXynIuy6Ae
WuCb4fXT3RlM4nUVzlxz0qHA3+iUP385txvOzNnDpBwjOAYPn5EX1wE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:59:32 2024 by rpki-client on console-ams.rpki-client.org