Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/0z6Ri-Db0cd55pR6rHguv8gKcTY.roa
File: 0z6Ri-Db0cd55pR6rHguv8gKcTY.roa (raw, json)
Hash identifier: /PU5SC+rzovnAl/gA8ct6MGF516GXxEwv7fSeCwRON0=
Subject key identifier: D3:3E:91:8B:E0:DB:D1:C7:79:E6:94:7A:AC:78:2E:BF:C8:0A:71:36
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 01927B05F6EC6A09C973B65C2B56FAE8C6F5
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/0z6Ri-Db0cd55pR6rHguv8gKcTY.roa
Signing time: Fri 11 Oct 2024 10:00:41 +0000
ROA not before: Fri 11 Oct 2024 10:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0e:7f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:05:f6:ec:6a:09:c9:73:b6:5c:2b:56:fa:e8:c6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Oct 11 10:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d33e918be0dbd1c779e6947aac782ebfc80a7136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bb:12:b9:0a:e8:0c:76:45:16:7a:15:6a:99:
cf:5b:db:c1:5a:03:b8:4b:a7:ba:ad:30:01:b5:e1:
09:bd:27:c8:e6:ac:d7:c8:cf:ba:6e:04:9d:b6:5e:
e3:a3:e8:4e:4e:34:29:b6:68:6a:96:4b:6b:98:c5:
6a:b8:2d:1c:ee:38:d0:75:b6:ce:a8:eb:67:15:41:
23:7e:c7:df:95:fe:83:5a:6b:df:e5:a7:eb:05:f0:
ff:dc:74:85:2b:52:11:45:00:d9:72:b5:20:c8:0f:
95:58:3a:eb:b7:cc:2f:37:cc:99:99:d8:e5:0d:5e:
90:12:b9:d6:d6:63:dc:6d:ed:86:ec:93:63:71:f6:
48:64:44:70:a6:c0:94:59:6c:d4:02:59:76:09:b3:
97:71:4c:20:82:6b:bf:93:3d:80:10:25:29:6f:19:
5b:a5:c9:67:1e:48:36:d2:80:e9:c4:c7:b0:53:dd:
97:4b:51:b3:67:f8:9c:8b:6a:ef:7e:81:39:2b:77:
a2:2e:0d:69:87:48:b8:64:70:1b:93:0d:75:1e:d5:
e4:64:cf:d4:d8:b6:36:fb:3b:fb:62:bf:a4:dd:92:
fd:e3:51:10:9a:ae:5c:de:a7:28:ad:d6:3d:47:c7:
95:4f:dd:e5:7b:1d:26:89:b7:02:f0:b0:20:02:41:
ec:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3E:91:8B:E0:DB:D1:C7:79:E6:94:7A:AC:78:2E:BF:C8:0A:71:36
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/0z6Ri-Db0cd55pR6rHguv8gKcTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/32
Signature Algorithm: sha256WithRSAEncryption
01:a1:9a:64:5d:4f:c6:57:46:d5:4a:d0:94:2d:33:b8:15:2b:
fd:39:4a:7c:b0:97:81:78:b2:00:2e:7a:48:d5:45:a4:f8:4e:
73:2c:57:43:e7:32:11:dc:77:bb:21:27:82:75:78:53:d7:27:
fb:ea:21:3f:f4:48:56:90:17:1c:5b:35:4b:ec:88:70:a8:88:
3e:08:e3:75:c2:87:60:8a:8a:40:65:49:f0:42:37:28:f3:07:
c0:cd:68:d3:18:f6:95:f9:c4:d3:b4:b5:73:4d:82:74:8f:71:
39:e8:b2:42:d5:ca:6b:16:fd:e9:23:0b:b4:dd:4a:c3:9e:82:
83:b4:67:20:fb:17:ad:18:0b:13:8f:c9:bb:d1:23:08:19:f5:
69:06:d4:a9:66:47:9e:f3:1c:bb:b5:39:3b:ff:d0:57:ce:bb:
7f:1c:2e:6f:96:52:73:bc:bb:7b:ef:c4:d1:13:d0:d1:50:29:
4d:8e:89:fe:fd:f3:9a:ce:ca:09:4e:17:f6:65:c7:8c:30:3f:
e3:6f:2f:3c:94:7b:03:d9:b8:64:e6:b0:dd:73:b0:c5:9a:da:
0b:54:01:f8:4b:63:96:f4:4c:0d:bd:bf:40:1a:35:19:da:57:
b6:f5:c4:25:e2:dd:c7:96:ef:62:09:89:a1:d1:70:d1:8b:1f:
b5:54:21:97
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJ7BfbsagnJc7ZcK1b66Mb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQxMDExMTAwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNlOTE4YmUwZGJkMWM3NzllNjk0N2FhYzc4MmViZmM4MGE3MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7sSuQroDHZFFnoVapnPW9vBWgO4
S6e6rTABteEJvSfI5qzXyM+6bgSdtl7jo+hOTjQptmhqlktrmMVquC0c7jjQdbbO
qOtnFUEjfsfflf6DWmvf5afrBfD/3HSFK1IRRQDZcrUgyA+VWDrrt8wvN8yZmdjl
DV6QErnW1mPcbe2G7JNjcfZIZERwpsCUWWzUAll2CbOXcUwggmu/kz2AECUpbxlb
pclnHkg20oDpxMewU92XS1GzZ/ici2rvfoE5K3eiLg1ph0i4ZHAbkw11HtXkZM/U
2LY2+zv7Yr+k3ZL941EQmq5c3qcordY9R8eVT93lex0mibcC8LAgAkHseQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNM+kYvg29HHeeaUeqx4Lr/ICnE2MB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvMHo2UmktRGIwY2Q1NXBSNnJIZ3V2OGdLY1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAAaGaZF1PxldG1UrQlC0zuBUr/TlKfLCXgXiyAC56
SNVFpPhOcyxXQ+cyEdx3uyEngnV4U9cn++ohP/RIVpAXHFs1S+yIcKiIPgjjdcKH
YIqKQGVJ8EI3KPMHwM1o0xj2lfnE07S1c02CdI9xOeiyQtXKaxb96SMLtN1Kw56C
g7RnIPsXrRgLE4/Ju9EjCBn1aQbUqWZHnvMcu7U5O//QV867fxwub5ZSc7y7e+/E
0RPQ0VApTY6J/v3zms7KCU4X9mXHjDA/428vPJR7A9m4ZOaw3XOwxZraC1QB+Etj
lvRMDb2/QBo1GdpXtvXEJeLdx5bvYgmJodFw0YsftVQhlw==
-----END CERTIFICATE-----
Generated at Fri Oct 11 22:31:17 2024 by rpki-client on console-fra.rpki-client.org