Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/h73FFoVSnAl93thX3ElR3kNJVUE.roa
File: h73FFoVSnAl93thX3ElR3kNJVUE.roa (raw, json)
Hash identifier: 24b2JcnqbKHaN/IrzDZAfDHxut9GUtMOCfNIFpHSYuQ=
Subject key identifier: 87:BD:C5:16:85:52:9C:09:7D:DE:D8:57:DC:49:51:DE:43:49:55:41
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0192C34B7C8457CED7E84437D2D31CDC0236
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/h73FFoVSnAl93thX3ElR3kNJVUE.roa
Signing time: Fri 25 Oct 2024 10:49:17 +0000
ROA not before: Fri 25 Oct 2024 10:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:95c1::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Oct 2024 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:4b:7c:84:57:ce:d7:e8:44:37:d2:d3:1c:dc:02:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 25 10:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87bdc51685529c097dded857dc4951de43495541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f9:2d:3f:a6:ed:3a:a1:d0:e6:9d:7e:a8:ca:
8e:30:02:4b:5f:8f:f8:ba:59:c7:3d:34:f9:0e:6e:
45:01:8a:79:21:81:f1:95:de:f0:48:38:b0:01:f9:
9c:f8:4f:8f:37:03:c1:ce:c7:04:72:f1:e2:12:4c:
8a:ed:91:e6:9c:c9:05:ae:69:ec:1a:65:09:ce:17:
1a:bc:42:27:29:57:37:5a:7e:d7:7f:c9:12:fb:87:
9b:c2:b0:84:80:78:b8:9b:bb:28:77:32:7c:62:29:
60:61:9c:1e:a1:7e:68:dd:53:78:34:b2:80:c4:0e:
60:45:20:23:4f:f2:4e:6f:22:d9:ef:d4:9b:49:10:
60:64:08:fa:87:94:24:5e:19:bd:69:d8:0a:15:26:
0c:be:26:f5:0c:b4:2e:08:3a:42:fa:c4:e2:ff:4b:
ad:12:93:74:55:61:84:03:b4:06:d9:50:de:5c:9e:
c2:0b:fc:6d:90:f0:4a:fc:9b:58:db:26:4b:f1:ab:
93:db:c3:27:b8:90:a4:78:55:f9:f4:5f:c6:96:dc:
78:ff:b8:d4:b5:7a:56:dd:fe:7b:e2:86:b1:2e:77:
74:00:90:40:7f:51:75:8c:b2:74:26:75:04:6f:b2:
40:9f:d3:2a:4b:dd:9c:02:d9:d6:91:6d:42:97:85:
d8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BD:C5:16:85:52:9C:09:7D:DE:D8:57:DC:49:51:DE:43:49:55:41
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/h73FFoVSnAl93thX3ElR3kNJVUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a09:ef01::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:95c1::/32
2a0d:afc2::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
84:b3:16:84:02:08:c8:09:9c:d4:ff:8a:6e:cb:cf:80:ea:db:
a6:cc:07:cd:3a:cd:3b:36:2f:7e:7b:be:6c:0b:c4:80:bc:e1:
82:a8:17:70:93:e4:32:fa:85:54:de:50:16:bd:fb:3b:a2:5d:
57:18:14:74:9c:58:b1:e2:46:c0:8c:7d:79:e4:7e:ed:b0:27:
14:06:bb:5e:b5:41:17:08:db:de:a5:d5:16:31:af:5a:02:76:
38:41:50:91:89:2c:b5:b7:fe:00:19:f8:2c:68:06:06:d4:40:
01:b4:32:32:3c:25:ef:c1:83:95:4b:50:11:87:6c:76:2e:f9:
38:0d:ed:0d:21:7b:46:c4:be:c5:6a:8d:17:a3:c6:9f:e8:01:
58:be:6d:4e:e2:36:a4:55:d1:ba:f9:84:53:80:34:17:b5:49:
a3:f9:b5:f2:94:19:dd:d7:06:be:27:72:60:f8:90:78:46:97:
29:02:87:18:57:16:4a:49:f2:a0:ab:d8:fb:42:92:e2:cf:7f:
08:b7:2d:ab:ca:f7:33:57:e6:56:11:0e:93:7f:8d:5f:51:6c:
d0:2b:48:bf:41:f0:56:f9:44:98:2c:64:be:f9:35:1f:4c:b2:
90:a4:72:97:9d:2a:5a:6b:1b:cf:e8:86:56:3a:59:6e:7f:5d:
70:85:6d:3a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZLDS3yEV87X6EQ30tMc3AI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDI1MTA0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JkYzUxNjg1NTI5YzA5N2RkZWQ4NTdkYzQ5NTFkZTQzNDk1NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/ktP6btOqHQ5p1+qMqOMAJLX4/4
ulnHPTT5Dm5FAYp5IYHxld7wSDiwAfmc+E+PNwPBzscEcvHiEkyK7ZHmnMkFrmns
GmUJzhcavEInKVc3Wn7Xf8kS+4ebwrCEgHi4m7sodzJ8YilgYZweoX5o3VN4NLKA
xA5gRSAjT/JObyLZ79SbSRBgZAj6h5QkXhm9adgKFSYMvib1DLQuCDpC+sTi/0ut
EpN0VWGEA7QG2VDeXJ7CC/xtkPBK/JtY2yZL8auT28MnuJCkeFX59F/Gltx4/7jU
tXpW3f574oaxLnd0AJBAf1F1jLJ0JnUEb7JAn9MqS92cAtnWkW1Cl4XYwQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIe9xRaFUpwJfd7YV9xJUd5DSVVBMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvaDczRkZvVlNuQWw5M3RoWDNFbFIza05KVlVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgbWQAMF
ACoJ7wEDBQAqCrOFAwUAKg08RAMFACoNlcEDBQAqDa/CAwUAKg8xAjANBgkqhkiG
9w0BAQsFAAOCAQEAhLMWhAIIyAmc1P+KbsvPgOrbpswHzTrNOzYvfnu+bAvEgLzh
gqgXcJPkMvqFVN5QFr37O6JdVxgUdJxYseJGwIx9eeR+7bAnFAa7XrVBFwjb3qXV
FjGvWgJ2OEFQkYkstbf+ABn4LGgGBtRAAbQyMjwl78GDlUtQEYdsdi75OA3tDSF7
RsS+xWqNF6PGn+gBWL5tTuI2pFXRuvmEU4A0F7VJo/m18pQZ3dcGvidyYPiQeEaX
KQKHGFcWSknyoKvY+0KS4s9/CLctq8r3M1fmVhEOk3+NX1Fs0CtIv0HwVvlEmCxk
vvk1H0yykKRyl50qWmsbz+iGVjpZbn9dcIVtOg==
-----END CERTIFICATE-----
Generated at Mon Oct 28 17:32:36 2024 by rpki-client on console-ams.rpki-client.org