Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1aYiS1GWhYTZ8exI8SG79thNzYY.roa
File: 1aYiS1GWhYTZ8exI8SG79thNzYY.roa (raw, json)
Hash identifier: hw4rHhLMtc5P2yRi2ze4NPZcWI1jiMcZnH5/dVkxnaw=
Subject key identifier: D5:A6:22:4B:51:96:85:84:D9:F1:EC:48:F1:21:BB:F6:D8:4D:CD:86
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01927DBC680F3175FB3708319913DA9CD4E6
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1aYiS1GWhYTZ8exI8SG79thNzYY.roa
Signing time: Fri 11 Oct 2024 22:39:12 +0000
ROA not before: Fri 11 Oct 2024 22:39:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a01:48a0:4001::/48 maxlen: 48
2a0d:95c1::/32 maxlen: 32
2a0d:c103::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:bc:68:0f:31:75:fb:37:08:31:99:13:da:9c:d4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 11 22:39:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5a6224b51968584d9f1ec48f121bbf6d84dcd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6c:8b:fb:24:27:ed:11:2e:2e:07:b9:b3:52:
63:10:51:2e:84:17:94:42:f2:f8:43:46:28:d3:6d:
10:fe:f0:5f:37:eb:1b:ca:0e:64:94:ff:1c:f2:63:
99:22:86:45:45:af:1d:84:92:c6:79:ed:24:bc:e2:
01:33:24:11:9e:f4:fa:3c:84:14:c6:35:16:c5:03:
1f:68:52:18:e1:23:70:ca:74:c6:71:e1:e1:95:a1:
78:3c:93:04:93:8d:ee:3a:39:93:87:05:13:c3:8a:
60:b8:0f:0b:b9:70:43:4f:c5:fc:45:e2:16:3b:95:
98:85:13:93:13:06:8e:b7:56:26:9c:fd:72:6a:b9:
e4:22:3f:66:8a:5a:13:69:42:64:c2:8f:08:2c:af:
b3:a4:5c:50:5f:63:ff:02:20:4f:a9:f1:04:b2:f9:
22:de:15:20:bb:a0:20:6f:a6:23:fb:4a:d6:04:9c:
5d:89:4c:a4:a5:f4:e7:1e:0d:8d:98:0b:ba:37:7b:
6a:be:2f:4c:f1:d8:30:65:b1:17:89:76:37:6b:cc:
84:3e:ee:4f:26:d3:22:fd:f8:c6:2d:30:16:2e:b2:
c3:32:51:af:d3:b0:77:01:13:48:82:a4:62:98:2c:
29:19:88:e8:84:38:75:e6:52:72:50:55:ad:18:8e:
86:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A6:22:4B:51:96:85:84:D9:F1:EC:48:F1:21:BB:F6:D8:4D:CD:86
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1aYiS1GWhYTZ8exI8SG79thNzYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:48a0:4001::/48
2a0d:95c1::/32
2a0d:c103::/32
Signature Algorithm: sha256WithRSAEncryption
96:2e:9b:4a:5f:43:d4:ee:35:d3:17:e5:e5:79:36:dd:06:f0:
7b:53:c8:b3:b2:9f:9c:25:56:c4:49:3d:b3:08:12:ab:f1:31:
76:93:ef:01:a8:10:ad:ac:2b:fc:1c:dc:7b:77:4d:c4:fb:f4:
93:9e:1e:52:27:a4:20:87:5a:00:32:f8:00:e3:47:66:8b:9c:
e5:0a:75:60:ae:74:8e:34:a4:59:64:cd:d8:08:31:fe:9a:ac:
f8:43:df:b8:1a:d1:9f:b8:b7:20:11:2b:ca:a3:0a:0d:6f:89:
2a:9a:3c:20:da:ab:28:8f:dc:a1:b9:45:5c:3b:d4:0d:5d:5e:
59:f7:85:7e:e2:86:79:2f:66:09:b2:f2:27:da:66:62:15:9d:
c7:c7:55:38:3e:86:86:24:30:d8:57:70:91:a9:d8:55:35:30:
47:53:9e:6f:c7:93:ab:a6:35:f3:0f:ee:1b:ee:cd:82:0c:97:
33:b6:c8:57:81:66:e0:3e:ce:15:25:b3:fc:0f:aa:b0:37:2c:
f5:c9:58:29:07:34:f7:fd:1b:ac:99:9d:2d:19:ef:22:d7:fc:
08:24:cc:aa:79:fb:d1:35:b0:52:48:d7:25:25:d1:db:83:94:
db:96:2f:0c:3f:f3:ab:12:39:37:b9:31:6c:5f:da:17:26:0a:
6e:11:74:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJ9vGgPMXX7NwgxmRPanNTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDExMjIzOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWE2MjI0YjUxOTY4NTg0ZDlmMWVjNDhmMTIxYmJmNmQ4NGRjZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGyL+yQn7REuLge5s1JjEFEuhBeU
QvL4Q0Yo020Q/vBfN+sbyg5klP8c8mOZIoZFRa8dhJLGee0kvOIBMyQRnvT6PIQU
xjUWxQMfaFIY4SNwynTGceHhlaF4PJMEk43uOjmThwUTw4pguA8LuXBDT8X8ReIW
O5WYhROTEwaOt1YmnP1yarnkIj9miloTaUJkwo8ILK+zpFxQX2P/AiBPqfEEsvki
3hUgu6Agb6Yj+0rWBJxdiUykpfTnHg2NmAu6N3tqvi9M8dgwZbEXiXY3a8yEPu5P
JtMi/fjGLTAWLrLDMlGv07B3ARNIgqRimCwpGYjohDh15lJyUFWtGI6GPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWmIktRloWE2fHsSPEhu/bYTc2GMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMWFZaVMxR1doWVRaOGV4SThTRzc5dGhOellZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgFIoEAB
AwUAKg2VwQMFACoNwQMwDQYJKoZIhvcNAQELBQADggEBAJYum0pfQ9TuNdMX5eV5
Nt0G8HtTyLOyn5wlVsRJPbMIEqvxMXaT7wGoEK2sK/wc3Ht3TcT79JOeHlInpCCH
WgAy+ADjR2aLnOUKdWCudI40pFlkzdgIMf6arPhD37ga0Z+4tyARK8qjCg1viSqa
PCDaqyiP3KG5RVw71A1dXln3hX7ihnkvZgmy8ifaZmIVncfHVTg+hoYkMNhXcJGp
2FU1MEdTnm/Hk6umNfMP7hvuzYIMlzO2yFeBZuA+zhUls/wPqrA3LPXJWCkHNPf9
G6yZnS0Z7yLX/AgkzKp5+9E1sFJI1yUl0duDlNuWLww/86sSOTe5MWxf2hcmCm4R
dBA=
-----END CERTIFICATE-----
Generated at Thu Oct 17 22:34:22 2024 by rpki-client on console-ams.rpki-client.org