Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aXliueNYqg5MUvZ8fAJYHZ3x3BI.roa
File: aXliueNYqg5MUvZ8fAJYHZ3x3BI.roa (raw, json)
Hash identifier: K4I4ph9RQI0zij1ij3B7tHpJRDbiXqLMdcCwdh8W9HI=
Subject key identifier: 69:79:62:B9:E3:58:AA:0E:4C:52:F6:7C:7C:02:58:1D:9D:F1:DC:12
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0192B9A1BB61A929E89F1925943D000CE157
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aXliueNYqg5MUvZ8fAJYHZ3x3BI.roa
Signing time: Wed 23 Oct 2024 13:47:17 +0000
ROA not before: Wed 23 Oct 2024 13:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:a1:bb:61:a9:29:e8:9f:19:25:94:3d:00:0c:e1:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 23 13:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=697962b9e358aa0e4c52f67c7c02581d9df1dc12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:59:a0:18:ca:eb:4e:42:a4:bc:46:ac:8a:aa:
bf:e1:69:65:13:f5:b7:9f:17:24:ca:be:d5:a1:ca:
ec:df:65:c2:f9:b4:49:56:e7:02:08:06:b2:1b:6a:
9d:7d:f2:48:3e:0b:b6:61:9a:78:6e:09:08:bb:1c:
b8:cb:ff:0a:9f:8b:e1:f9:37:cf:86:39:08:4d:6b:
72:3a:2a:97:14:c8:4c:e4:65:75:53:fd:e0:c6:f7:
d2:0a:56:82:9e:5a:1f:54:5b:ee:dd:6f:34:50:35:
2c:dd:24:dd:b4:24:33:bb:5c:a6:c2:69:82:53:2a:
9d:d8:37:f2:5d:d7:54:64:fe:d7:6e:dc:ee:9d:a0:
1d:be:49:e0:66:c8:a8:b9:79:6c:b4:42:f1:e7:e5:
4b:37:4c:fd:63:a0:2a:90:10:4f:d4:ad:e6:0c:ed:
31:74:f8:d4:ae:57:e6:42:cd:d2:a9:86:76:6a:a5:
03:a6:75:34:65:ee:9c:8b:61:73:a5:ed:33:56:90:
9b:53:e7:2f:dd:a8:40:98:a3:f3:d3:ab:c9:88:4e:
d5:bf:9b:43:6f:3a:cc:fc:09:4d:9e:b6:f7:3b:7a:
b0:53:92:08:d3:43:23:31:03:a1:0b:3b:e0:60:97:
e5:8b:90:a5:06:82:12:40:94:44:c7:aa:16:05:bf:
64:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:79:62:B9:E3:58:AA:0E:4C:52:F6:7C:7C:02:58:1D:9D:F1:DC:12
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/aXliueNYqg5MUvZ8fAJYHZ3x3BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a09:ef01::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:afc2::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
7c:a5:f7:58:80:71:60:09:46:ce:b9:64:f7:4b:22:af:a4:53:
7d:4b:f1:9d:1b:cb:9e:fe:0f:2d:87:05:14:36:c3:79:2f:d8:
9f:97:f1:6a:4a:ab:6d:67:c5:90:42:2d:79:92:97:c0:2c:79:
f8:10:52:20:8d:8a:23:ad:36:87:64:f8:d0:dc:ac:de:84:29:
1e:6d:17:b8:9a:2c:a6:08:bb:8e:2e:84:b3:e6:77:ef:24:e5:
b7:c7:b5:8c:18:61:3a:0f:89:3e:af:04:40:de:0f:01:e3:61:
c0:5e:f0:36:ed:5c:c6:7d:a1:33:84:c0:f3:5a:ad:b2:1a:81:
fa:8a:31:71:de:74:69:1f:f9:c6:e3:1d:90:95:b4:01:3a:96:
dc:45:e1:c7:4c:f0:08:67:9c:f6:89:ff:c9:39:bf:b8:84:b6:
ba:b1:bb:62:38:8a:2e:a7:a3:f2:22:f7:de:d0:e8:5e:37:99:
85:74:f1:e8:9b:60:36:c2:52:6b:ca:13:f8:67:4b:1b:99:05:
53:47:fa:4c:16:ef:3b:bc:18:a4:80:2d:3b:3a:62:d2:5c:dd:
78:5a:2b:01:29:4d:40:db:6b:fc:f4:a9:30:06:d0:e5:8b:16:
11:f4:31:9c:ca:99:5c:a1:5c:ae:f6:e7:a6:39:49:62:9c:e3:
5f:44:4f:79
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZK5obthqSnonxkllD0ADOFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDIzMTM0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5NjJiOWUzNThhYTBlNGM1MmY2N2M3YzAyNTgxZDlkZjFkYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFmgGMrrTkKkvEasiqq/4WllE/W3
nxckyr7Vocrs32XC+bRJVucCCAayG2qdffJIPgu2YZp4bgkIuxy4y/8Kn4vh+TfP
hjkITWtyOiqXFMhM5GV1U/3gxvfSClaCnlofVFvu3W80UDUs3STdtCQzu1ymwmmC
Uyqd2DfyXddUZP7XbtzunaAdvkngZsiouXlstELx5+VLN0z9Y6AqkBBP1K3mDO0x
dPjUrlfmQs3SqYZ2aqUDpnU0Ze6ci2Fzpe0zVpCbU+cv3ahAmKPz06vJiE7Vv5tD
bzrM/AlNnrb3O3qwU5II00MjMQOhCzvgYJfli5ClBoISQJREx6oWBb9kiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGl5YrnjWKoOTFL2fHwCWB2d8dwSMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvYVhsaXVlTllxZzVNVXZaOGZBSllIWjN4M0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgbWQAMF
ACoJ7wEDBQAqCrOFAwUAKg08RAMFACoNr8IDBQAqDzECMA0GCSqGSIb3DQEBCwUA
A4IBAQB8pfdYgHFgCUbOuWT3SyKvpFN9S/GdG8ue/g8thwUUNsN5L9ifl/FqSqtt
Z8WQQi15kpfALHn4EFIgjYojrTaHZPjQ3KzehCkebRe4miymCLuOLoSz5nfvJOW3
x7WMGGE6D4k+rwRA3g8B42HAXvA27VzGfaEzhMDzWq2yGoH6ijFx3nRpH/nG4x2Q
lbQBOpbcReHHTPAIZ5z2if/JOb+4hLa6sbtiOIoup6PyIvfe0OheN5mFdPHom2A2
wlJryhP4Z0sbmQVTR/pMFu87vBikgC07OmLSXN14WisBKU1A22v89KkwBtDlixYR
9DGcyplcoVyu9uemOUlinONfRE95
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:48 2024 by rpki-client on console-fra.rpki-client.org