Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/CbfWPql9gZlfO7G4YzxR87J1Y3o.roa
File: CbfWPql9gZlfO7G4YzxR87J1Y3o.roa (raw, json)
Hash identifier: ZjAPmfLwQMPxz0rwz0vbJVlmGTJhVqkQJG8wRcIxiww=
Subject key identifier: 09:B7:D6:3E:A9:7D:81:99:5F:3B:B1:B8:63:3C:51:F3:B2:75:63:7A
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 0192C33BEBA5B34D42F13446DFB486BB33B4
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/CbfWPql9gZlfO7G4YzxR87J1Y3o.roa
Signing time: Fri 25 Oct 2024 10:32:17 +0000
ROA not before: Fri 25 Oct 2024 10:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0d:cdc4::/32 maxlen: 32
2a0e:eec6::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:3b:eb:a5:b3:4d:42:f1:34:46:df:b4:86:bb:33:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Oct 25 10:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b7d63ea97d81995f3bb1b8633c51f3b275637a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a5:60:1c:2c:92:5d:8a:39:8f:d6:af:1d:70:
c2:00:1d:96:0c:29:62:e5:b7:4a:c6:66:29:aa:3e:
38:6d:47:e7:8c:bc:c4:2b:fd:82:40:df:9d:65:aa:
c0:b9:41:61:52:54:ae:74:9c:3a:d4:e6:ad:18:05:
3b:cf:09:4e:9a:0a:c3:68:68:bf:48:a0:d1:af:42:
9e:9e:7d:fa:45:b9:4f:ff:ca:b6:b4:93:8f:82:a5:
70:de:53:6f:c9:46:a3:e2:c7:44:9a:2b:2c:d5:05:
8e:b9:f4:cd:73:fc:c7:d4:3f:39:b1:80:c1:2d:65:
34:ba:e4:28:3f:9a:73:be:7f:c1:10:c0:f6:3c:1f:
8e:44:3e:8b:0e:ce:ef:96:cf:21:24:01:a1:c3:24:
cb:2b:3e:a4:57:7e:26:de:10:b9:15:e5:9e:4c:2f:
ed:47:2d:2d:7e:36:17:ec:cc:95:67:06:7c:c4:e9:
3f:2d:24:d1:8c:e6:1d:b7:93:2e:b1:ab:d6:9a:ee:
1f:0a:5e:1a:a4:94:08:49:06:7e:a6:ad:13:60:31:
57:27:1e:d7:2a:cc:85:f4:18:2e:ce:c7:67:d6:26:
21:77:82:9d:46:a7:79:7f:4a:55:f4:7e:5b:16:8e:
f9:28:d7:b0:16:1d:ec:6f:b1:71:93:e6:3e:35:db:
f0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B7:D6:3E:A9:7D:81:99:5F:3B:B1:B8:63:3C:51:F3:B2:75:63:7A
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/CbfWPql9gZlfO7G4YzxR87J1Y3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc4::/32
2a0e:eec6::/32
Signature Algorithm: sha256WithRSAEncryption
59:b2:4c:dd:b6:89:df:d1:9b:bd:2b:e9:a3:d5:9a:35:82:76:
9e:8e:08:e1:94:21:cf:1a:a3:cf:42:b8:68:d9:3e:41:6e:85:
25:97:ff:3e:b4:79:e5:01:bb:7b:86:e7:28:ee:ba:88:52:fa:
fe:45:d5:ba:53:32:3e:cb:b7:67:2b:d7:2b:7c:2d:87:7e:f1:
74:34:6e:a1:5f:a9:79:bc:4c:75:48:cd:1d:a4:58:1b:c9:d9:
c0:6f:55:5d:d2:0b:65:83:f3:91:9c:50:3a:75:34:40:18:0d:
fd:32:7b:6e:20:0d:41:fd:50:d7:9a:6e:07:f7:3d:48:de:1f:
09:a0:10:3e:95:a6:4a:3e:4e:90:5e:1f:7c:c6:7d:19:42:b3:
d9:96:e2:1c:0e:c9:dd:4f:22:c9:fb:97:e5:1b:39:07:e0:88:
65:ad:ae:50:a2:f8:f9:4e:0a:e0:25:e4:3d:04:87:de:ed:99:
c1:17:d3:c8:76:c9:95:39:c1:c8:0f:4a:7a:fc:2e:83:94:72:
7a:fc:e2:c9:72:3c:fe:96:ff:3d:4c:87:53:dc:3d:e9:c0:9c:
ea:7c:94:a8:be:50:8b:e8:5b:6b:17:50:2b:fb:69:d2:aa:15:
f1:f1:73:3e:00:06:87:06:88:69:6d:e9:54:6c:09:82:ef:87:
22:0e:ad:ee
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZLDO+uls01C8TRG37SGuzO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQxMDI1MTAzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI3ZDYzZWE5N2Q4MTk5NWYzYmIxYjg2MzNjNTFmM2IyNzU2MzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+aVgHCySXYo5j9avHXDCAB2WDCli
5bdKxmYpqj44bUfnjLzEK/2CQN+dZarAuUFhUlSudJw61OatGAU7zwlOmgrDaGi/
SKDRr0Kenn36RblP/8q2tJOPgqVw3lNvyUaj4sdEmiss1QWOufTNc/zH1D85sYDB
LWU0uuQoP5pzvn/BEMD2PB+ORD6LDs7vls8hJAGhwyTLKz6kV34m3hC5FeWeTC/t
Ry0tfjYX7MyVZwZ8xOk/LSTRjOYdt5MusavWmu4fCl4apJQISQZ+pq0TYDFXJx7X
KsyF9Bguzsdn1iYhd4KdRqd5f0pV9H5bFo75KNewFh3sb7Fxk+Y+NdvwoQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAm31j6pfYGZXzuxuGM8UfOydWN6MB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvQ2JmV1BxbDlnWmxmTzdHNFl6eFI4N0oxWTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg3NxAMF
ACoO7sYwDQYJKoZIhvcNAQELBQADggEBAFmyTN22id/Rm70r6aPVmjWCdp6OCOGU
Ic8ao89CuGjZPkFuhSWX/z60eeUBu3uG5yjuuohS+v5F1bpTMj7Lt2cr1yt8LYd+
8XQ0bqFfqXm8THVIzR2kWBvJ2cBvVV3SC2WD85GcUDp1NEAYDf0ye24gDUH9UNea
bgf3PUjeHwmgED6Vpko+TpBeH3zGfRlCs9mW4hwOyd1PIsn7l+UbOQfgiGWtrlCi
+PlOCuAl5D0Eh97tmcEX08h2yZU5wcgPSnr8LoOUcnr84slyPP6W/z1Mh1PcPenA
nOp8lKi+UIvoW2sXUCv7adKqFfHxcz4ABocGiGlt6VRsCYLvhyIOre4=
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:07 2024 by rpki-client on console-fra.rpki-client.org