Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/vOTr6ZDebyHzqgNy3itVxPwTboU.roa
File: vOTr6ZDebyHzqgNy3itVxPwTboU.roa (raw, json)
Hash identifier: i3kWmoN+M8LuR0BPhHs0irPCF+3rPcfvFs0ohVc3tEY=
Subject key identifier: BC:E4:EB:E9:90:DE:6F:21:F3:AA:03:72:DE:2B:55:C4:FC:13:6E:85
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 01927D4AE10C4C26A99D830FC6BF480BEC72
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/vOTr6ZDebyHzqgNy3itVxPwTboU.roa
Signing time: Fri 11 Oct 2024 20:35:12 +0000
ROA not before: Fri 11 Oct 2024 20:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:cdc5::/32 maxlen: 32
2a0e:eec3::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 12 Oct 2024 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e1:0c:4c:26:a9:9d:83:0f:c6:bf:48:0b:ec:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Oct 11 20:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bce4ebe990de6f21f3aa0372de2b55c4fc136e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:11:87:d7:b9:17:ea:ef:f8:2b:f0:ce:f7:
bd:2c:d1:b7:0b:d5:68:1e:d7:ab:72:f7:11:3b:2b:
be:4a:99:b5:a2:3a:44:d5:67:a1:96:e6:d7:85:62:
cb:b0:cc:c9:ba:ad:da:cd:c6:72:08:27:48:51:44:
c7:3d:b5:96:1d:db:5f:3a:d5:5f:5e:3f:84:de:af:
91:6c:bd:4e:05:7f:0b:00:e9:7b:41:6a:d3:75:01:
08:1d:06:60:47:00:fe:9d:8b:38:9b:f3:28:7a:07:
54:98:4d:cb:41:d4:a7:09:4a:9e:1e:aa:42:71:74:
37:a2:c8:d1:3b:d4:4c:42:7b:25:6d:98:dd:cf:0c:
7f:f8:61:c2:ce:db:ba:e9:16:9f:5c:17:34:13:e3:
ea:36:cf:d8:a5:ed:38:ba:aa:0d:9a:d0:72:93:7c:
0b:12:42:17:7e:ae:26:6d:b5:a3:cb:f1:4a:6c:07:
51:3a:44:7b:39:f4:c5:c0:ec:ad:34:19:92:84:7c:
24:fb:0b:8c:7a:68:95:98:10:a4:5e:a6:8a:85:2f:
aa:4b:d0:4f:89:c8:50:a2:f0:c1:ea:a1:ed:15:3b:
20:99:a0:a2:4e:6f:11:c3:69:7e:77:23:d7:69:3c:
58:c8:f3:14:30:0c:e3:45:bb:17:f3:98:5d:34:c5:
cb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E4:EB:E9:90:DE:6F:21:F3:AA:03:72:DE:2B:55:C4:FC:13:6E:85
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/vOTr6ZDebyHzqgNy3itVxPwTboU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc5::/32
2a0e:eec3::/32
Signature Algorithm: sha256WithRSAEncryption
31:56:41:b9:b8:7d:98:84:7f:79:b7:8b:e3:f8:fc:18:8a:bd:
da:dc:45:a1:2b:81:a4:16:50:65:a1:e7:36:ca:6b:cb:5f:a7:
e4:85:a4:7e:e5:b7:20:4a:ab:d3:8f:a6:60:16:83:c1:13:57:
11:29:c8:47:c1:98:34:bd:7e:66:6c:1a:da:db:15:b1:f8:83:
0d:83:f1:5e:f2:d2:4e:87:ef:88:a3:b3:02:d2:36:63:03:2b:
59:8e:6e:d3:0f:9f:b4:2f:bf:aa:d5:5c:97:c5:88:ac:05:ad:
7e:f1:ab:c1:2e:5f:6e:83:d5:ef:73:be:08:50:99:54:56:3a:
60:32:06:07:ce:0c:f0:ff:5e:7a:a7:ea:2c:dc:6b:60:0c:98:
6b:fa:2e:92:a8:a1:74:41:b2:a3:15:b5:d8:92:3c:a1:b0:76:
a2:09:43:ee:19:f5:55:cc:f9:7f:85:80:2c:11:89:11:ae:84:
62:64:c2:2b:20:ab:27:52:a6:02:01:4a:31:7d:85:da:9f:65:
31:7b:8b:63:7d:1f:42:49:9b:04:a9:ec:12:01:65:17:eb:9e:
08:54:f6:58:4f:46:91:e2:08:9d:27:0e:c9:09:c1:38:f1:82:
bd:f3:fa:7a:cc:55:e1:97:21:17:6d:f0:79:7e:ac:34:a5:99:
cd:f7:14:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9SuEMTCapnYMPxr9IC+xyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQxMDExMjAzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U0ZWJlOTkwZGU2ZjIxZjNhYTAzNzJkZTJiNTVjNGZjMTM2ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/YRh9e5F+rv+Cvwzve9LNG3C9Vo
HtercvcROyu+Spm1ojpE1WehlubXhWLLsMzJuq3azcZyCCdIUUTHPbWWHdtfOtVf
Xj+E3q+RbL1OBX8LAOl7QWrTdQEIHQZgRwD+nYs4m/MoegdUmE3LQdSnCUqeHqpC
cXQ3osjRO9RMQnslbZjdzwx/+GHCztu66RafXBc0E+PqNs/Ype04uqoNmtByk3wL
EkIXfq4mbbWjy/FKbAdROkR7OfTFwOytNBmShHwk+wuMemiVmBCkXqaKhS+qS9BP
ichQovDB6qHtFTsgmaCiTm8Rw2l+dyPXaTxYyPMUMAzjRbsX85hdNMXLhwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLzk6+mQ3m8h86oDct4rVcT8E26FMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvdk9UcjZaRGVieUh6cWdOeTNpdFZ4UHdUYm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg3NxQMF
ACoO7sMwDQYJKoZIhvcNAQELBQADggEBADFWQbm4fZiEf3m3i+P4/BiKvdrcRaEr
gaQWUGWh5zbKa8tfp+SFpH7ltyBKq9OPpmAWg8ETVxEpyEfBmDS9fmZsGtrbFbH4
gw2D8V7y0k6H74ijswLSNmMDK1mObtMPn7Qvv6rVXJfFiKwFrX7xq8EuX26D1e9z
vghQmVRWOmAyBgfODPD/Xnqn6izca2AMmGv6LpKooXRBsqMVtdiSPKGwdqIJQ+4Z
9VXM+X+FgCwRiRGuhGJkwisgqydSpgIBSjF9hdqfZTF7i2N9H0JJmwSp7BIBZRfr
nghU9lhPRpHiCJ0nDskJwTjxgr3z+nrMVeGXIRdt8Hl+rDSlmc33FP0=
-----END CERTIFICATE-----
Generated at Sat Oct 12 22:40:43 2024 by rpki-client on console-ams.rpki-client.org