Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/D8f3kbTmoXr17gOHEoIA115ssZo.roa
File: D8f3kbTmoXr17gOHEoIA115ssZo.roa (raw, json)
Hash identifier: fVqQ0R8X4mISoWfk2XgRBEkkz/60HLHUMCK97kDJ4pI=
Subject key identifier: 0F:C7:F7:91:B4:E6:A1:7A:F5:EE:03:87:12:82:00:D7:5E:6C:B1:9A
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 0192525276BF099FCBBCFE36EFC2C79F3EC7
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/D8f3kbTmoXr17gOHEoIA115ssZo.roa
Signing time: Thu 03 Oct 2024 12:19:48 +0000
ROA not before: Thu 03 Oct 2024 12:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214159
IP address blocks: 2a02:ae00:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 22 Oct 2024 08:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:52:76:bf:09:9f:cb:bc:fe:36:ef:c2:c7:9f:3e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Oct 3 12:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fc7f791b4e6a17af5ee0387128200d75e6cb19a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:8e:e1:ab:5b:ba:bb:63:1c:07:4f:a0:a2:
c4:54:c1:c2:d8:7c:e8:56:ff:88:57:8a:3a:0d:4a:
b2:67:fe:83:05:3a:05:fe:49:c9:74:08:c4:70:5e:
70:8d:3f:5b:76:c0:de:e4:f9:80:4a:19:9e:4a:23:
59:7e:04:da:49:7c:6b:a4:a6:97:03:7c:8f:b6:51:
ce:b8:7e:d2:a3:fe:09:d6:89:54:56:66:5f:0a:4d:
39:87:03:ec:04:9c:3a:75:66:34:1e:32:be:a4:1a:
1d:bc:2f:9a:40:ad:50:4a:9b:10:27:dd:5b:6b:cc:
1c:84:b1:90:16:81:48:7f:fc:f6:b3:ad:3b:11:7f:
37:06:99:00:b8:f6:48:17:67:11:cb:eb:b1:dc:98:
7f:ca:51:8e:b1:3a:0f:9c:46:bc:78:92:12:3b:b2:
0f:25:b2:f4:e5:cb:92:fc:d9:82:84:27:b6:4b:e8:
e1:e1:b9:46:81:d6:07:93:09:f1:93:88:7c:e3:72:
0d:03:92:f3:fd:73:f5:0a:b3:4f:25:73:94:20:b0:
1a:e6:3c:b5:66:7b:84:bd:33:ce:14:e8:d0:f7:4d:
01:52:dd:75:32:89:84:fc:fb:3d:02:70:ae:05:73:
c1:e9:14:50:d8:d8:7e:99:e4:be:c6:8e:bd:66:62:
11:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C7:F7:91:B4:E6:A1:7A:F5:EE:03:87:12:82:00:D7:5E:6C:B1:9A
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/D8f3kbTmoXr17gOHEoIA115ssZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ae00:2000::/36
Signature Algorithm: sha256WithRSAEncryption
53:7e:24:78:e1:e7:6b:47:be:58:bb:10:a3:a2:d7:ac:49:e6:
45:b8:96:96:51:da:80:24:cf:30:32:86:16:a0:5e:54:95:3a:
c2:9d:21:a1:f5:d0:ba:ba:9f:90:bf:c4:53:fd:31:f2:7f:5e:
c8:58:27:a5:94:bb:e8:a3:87:f9:83:23:84:a0:25:66:7e:01:
cd:7a:1f:07:ba:4f:32:6b:9f:06:3f:b9:58:f2:a6:78:44:8a:
ce:3e:b3:d3:32:27:f1:f3:95:e7:fa:49:08:41:71:b6:65:1d:
04:20:ab:99:78:e2:af:5a:5d:92:88:6f:1d:38:56:8c:71:e3:
5d:6b:0a:e1:af:d3:5f:96:1f:f2:8c:72:8a:af:a2:ca:e4:e9:
ed:dd:8a:a7:01:8d:b1:98:c8:2a:2e:c2:9c:f0:7c:2a:20:02:
53:10:de:84:4a:70:6e:90:d2:af:2c:82:bc:f0:38:83:e2:1d:
7b:8b:b7:77:10:c0:32:57:2d:33:62:b0:b9:4b:ca:26:1e:40:
55:7e:23:ba:cb:9d:7e:fe:45:0c:12:9e:2e:f0:ab:a9:d4:f5:
34:ad:44:f9:2f:39:68:f8:92:08:23:c6:d0:de:8a:da:ae:c7:
90:41:91:4a:68:a9:f1:99:8f:0a:7d:ab:53:1b:2b:cf:f1:62:
bd:82:db:ba
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZJSUna/CZ/LvP4278LHnz7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjQxMDAzMTIxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM3Zjc5MWI0ZTZhMTdhZjVlZTAzODcxMjgyMDBkNzVlNmNiMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuiO4atburtjHAdPoKLEVMHC2Hzo
Vv+IV4o6DUqyZ/6DBToF/knJdAjEcF5wjT9bdsDe5PmAShmeSiNZfgTaSXxrpKaX
A3yPtlHOuH7So/4J1olUVmZfCk05hwPsBJw6dWY0HjK+pBodvC+aQK1QSpsQJ91b
a8wchLGQFoFIf/z2s607EX83BpkAuPZIF2cRy+ux3Jh/ylGOsToPnEa8eJISO7IP
JbL05cuS/NmChCe2S+jh4blGgdYHkwnxk4h843INA5Lz/XP1CrNPJXOUILAa5jy1
ZnuEvTPOFOjQ900BUt11MomE/Ps9AnCuBXPB6RRQ2Nh+meS+xo69ZmIRDwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA/H95G05qF69e4DhxKCANdebLGaMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvRDhmM2tiVG1vWHIxN2dPSEVvSUExMTVzc1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgKuACAw
DQYJKoZIhvcNAQELBQADggEBAFN+JHjh52tHvli7EKOi16xJ5kW4lpZR2oAkzzAy
hhagXlSVOsKdIaH10Lq6n5C/xFP9MfJ/XshYJ6WUu+ijh/mDI4SgJWZ+Ac16Hwe6
TzJrnwY/uVjypnhEis4+s9MyJ/Hzlef6SQhBcbZlHQQgq5l44q9aXZKIbx04Voxx
411rCuGv01+WH/KMcoqvosrk6e3diqcBjbGYyCouwpzwfCogAlMQ3oRKcG6Q0q8s
grzwOIPiHXuLt3cQwDJXLTNisLlLyiYeQFV+I7rLnX7+RQwSni7wq6nU9TStRPkv
OWj4kggjxtDeitqux5BBkUpoqfGZjwp9q1MbK8/xYr2C27o=
-----END CERTIFICATE-----
Generated at Tue Oct 22 11:00:17 2024 by rpki-client on console-ams.rpki-client.org