Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FhwpSyy5wu7PEYoYruJJQ5XCrgg.roa
File: FhwpSyy5wu7PEYoYruJJQ5XCrgg.roa (raw, json)
Hash identifier: DhQQSipmZTaHLfRtBSFsUkn0qYgPOFozDRWfO7Jw/tI=
Subject key identifier: 16:1C:29:4B:2C:B9:C2:EE:CF:11:8A:18:AE:E2:49:43:95:C2:AE:08
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01927DBC684DE354DFEA2A0CAC89F69321CF
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FhwpSyy5wu7PEYoYruJJQ5XCrgg.roa
Signing time: Fri 11 Oct 2024 22:39:12 +0000
ROA not before: Fri 11 Oct 2024 22:39:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:bc:68:4d:e3:54:df:ea:2a:0c:ac:89:f6:93:21:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 11 22:39:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=161c294b2cb9c2eecf118a18aee2494395c2ae08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:81:88:64:a9:77:07:3b:a9:6f:43:09:fc:fb:
0d:42:bf:3a:53:22:e8:e6:2c:22:41:95:65:2f:4a:
e6:57:03:53:c2:6b:3f:4f:18:f0:26:34:de:c3:40:
36:36:5c:ce:b2:96:f3:d5:84:3a:9c:5b:52:8c:d4:
39:ec:d0:9a:72:e4:ee:b7:eb:89:d8:06:95:69:48:
7f:a7:12:03:74:b6:73:e5:5e:3e:f8:45:bf:17:e6:
32:a2:f3:37:c0:ab:5f:69:63:03:89:de:6b:ec:00:
a8:ba:98:4c:bc:23:a2:89:a4:1b:24:a8:27:f5:ff:
a9:83:a4:4e:4f:38:89:13:74:60:7a:aa:58:2e:6d:
d4:37:cb:0d:cf:b9:2b:5b:b9:2d:b7:ee:30:c3:20:
0a:f8:f0:ee:63:bb:ef:37:ea:1a:9b:19:ad:05:a5:
31:55:f6:90:41:5e:04:f8:fe:01:57:88:bd:c2:d2:
22:98:d2:40:4d:09:bb:e9:f8:1e:c0:3f:c5:b2:87:
fa:a4:a8:38:55:fc:65:6d:32:ae:ac:a7:bb:12:eb:
2a:10:ac:0a:55:e3:33:aa:85:52:f0:28:60:76:8a:
66:72:d8:3a:62:e2:99:39:de:19:59:9b:b4:72:94:
55:5d:41:d6:69:9d:f3:b7:65:ac:f1:2d:cd:71:fc:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1C:29:4B:2C:B9:C2:EE:CF:11:8A:18:AE:E2:49:43:95:C2:AE:08
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/FhwpSyy5wu7PEYoYruJJQ5XCrgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a09:ef01::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:afc2::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
18:fa:35:a1:43:58:0a:3f:6b:00:e1:3a:0f:31:c2:87:82:4d:
78:b0:e3:2a:8b:f2:ba:9b:74:89:3e:71:3b:16:63:be:f6:5e:
59:9c:27:c8:fb:33:02:5f:cc:04:8d:11:ab:c7:94:43:0c:de:
b0:b5:26:5b:82:b4:ba:1e:9e:8e:a8:32:bd:56:aa:72:a7:7c:
d0:8f:58:19:09:71:29:e8:13:85:84:c2:ef:d3:51:53:a1:a5:
9b:86:30:05:07:c4:b1:07:b1:0a:46:c2:31:82:07:ce:9e:0a:
ad:6e:9e:ad:d5:8c:4b:20:df:f2:8a:ce:ba:01:3e:ff:2d:f2:
fe:8e:1b:27:4f:51:e9:1d:e3:48:dc:94:2e:a4:c2:9a:38:05:
2e:c1:79:68:ab:4f:b0:36:10:91:af:ba:8d:35:99:ef:53:8b:
dd:cf:02:f1:ac:4f:a8:a8:6f:09:a5:43:3f:26:45:67:81:77:
c0:4a:93:90:38:49:75:80:7b:d1:0a:72:a2:ff:3c:51:5c:54:
40:47:31:db:25:4d:3c:65:ba:ef:82:13:cc:33:09:b1:99:5c:
4f:11:3a:ed:10:45:cf:17:05:24:31:7a:d9:db:c6:bd:42:97:
5a:45:05:c6:8a:e4:da:c2:e3:5e:72:44:b6:08:10:55:69:fb:
84:39:b0:bf
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJ9vGhN41Tf6ioMrIn2kyHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDExMjIzOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjFjMjk0YjJjYjljMmVlY2YxMThhMThhZWUyNDk0Mzk1YzJhZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4GIZKl3Bzupb0MJ/PsNQr86UyLo
5iwiQZVlL0rmVwNTwms/TxjwJjTew0A2NlzOspbz1YQ6nFtSjNQ57NCacuTut+uJ
2AaVaUh/pxIDdLZz5V4++EW/F+YyovM3wKtfaWMDid5r7ACouphMvCOiiaQbJKgn
9f+pg6ROTziJE3RgeqpYLm3UN8sNz7krW7ktt+4wwyAK+PDuY7vvN+oamxmtBaUx
VfaQQV4E+P4BV4i9wtIimNJATQm76fgewD/Fsof6pKg4VfxlbTKurKe7EusqEKwK
VeMzqoVS8Chgdopmctg6YuKZOd4ZWZu0cpRVXUHWaZ3zt2Ws8S3NcfxfcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBYcKUssucLuzxGKGK7iSUOVwq4IMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvRmh3cFN5eTV3dTdQRVlvWXJ1SkpRNVhDcmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgbWQAMF
ACoJ7wEDBQAqCrOFAwUAKg08RAMFACoNr8IDBQAqDzECMA0GCSqGSIb3DQEBCwUA
A4IBAQAY+jWhQ1gKP2sA4ToPMcKHgk14sOMqi/K6m3SJPnE7FmO+9l5ZnCfI+zMC
X8wEjRGrx5RDDN6wtSZbgrS6Hp6OqDK9Vqpyp3zQj1gZCXEp6BOFhMLv01FToaWb
hjAFB8SxB7EKRsIxggfOngqtbp6t1YxLIN/yis66AT7/LfL+jhsnT1HpHeNI3JQu
pMKaOAUuwXloq0+wNhCRr7qNNZnvU4vdzwLxrE+oqG8JpUM/JkVngXfASpOQOEl1
gHvRCnKi/zxRXFRARzHbJU08ZbrvghPMMwmxmVxPETrtEEXPFwUkMXrZ28a9Qpda
RQXGiuTawuNeckS2CBBVafuEObC/
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org