Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgdsp_Bl3GJes6St0q2xGaehZlc.roa
File: pgdsp_Bl3GJes6St0q2xGaehZlc.roa (raw, json)
Hash identifier: u8IZbp4j5aU96aF4AZGT76zi0TGcHvF5ZyzfCggwM6Y=
Subject key identifier: A6:07:6C:A7:F0:65:DC:62:5E:B3:A4:AD:D2:AD:B1:19:A7:A1:66:57
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01927D4BCACCBB1576510CAB8F391BE1B4DC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgdsp_Bl3GJes6St0q2xGaehZlc.roa
Signing time: Fri 11 Oct 2024 20:36:11 +0000
ROA not before: Fri 11 Oct 2024 20:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a06:d640::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:95c1::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 22:39:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:ca:cc:bb:15:76:51:0c:ab:8f:39:1b:e1:b4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 11 20:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6076ca7f065dc625eb3a4add2adb119a7a16657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:80:25:71:f0:4b:bf:1e:82:82:4b:44:7c:93:
c4:ae:96:5d:24:d0:d5:6a:40:d5:74:7c:80:f4:04:
25:38:b3:ed:d3:dc:8e:12:75:e6:8b:6c:2d:09:64:
b8:ac:f3:44:1f:1b:5f:05:1c:97:89:33:0c:97:54:
66:ae:a0:47:96:fb:71:ce:2c:9d:98:48:a6:77:e0:
28:59:99:6f:aa:a5:52:4b:d1:61:18:15:97:12:16:
aa:7c:9d:d0:99:c1:c0:d3:e9:22:87:71:0e:80:f4:
0b:41:c9:f1:68:4f:fb:f4:1c:27:ee:51:35:80:80:
76:47:93:71:10:ae:de:e9:88:8c:4b:10:f8:b3:1d:
cc:13:24:83:65:da:47:a0:77:e1:e4:37:76:3d:95:
a0:7f:99:bf:53:f0:b4:33:a3:07:f6:ad:28:bc:22:
3a:83:59:18:5d:c9:c6:46:2d:e7:d5:1e:c3:83:d3:
d5:81:9b:ef:c8:ed:2d:6f:6e:cb:9c:08:44:d6:f3:
d2:4d:40:02:a7:5d:2d:eb:64:87:e8:10:11:f7:6d:
31:c0:43:6d:8f:09:36:8b:e2:09:b7:63:36:05:94:
84:48:e6:11:09:e3:72:5f:c7:9b:48:58:19:ea:6d:
bc:db:83:85:08:e3:a0:27:91:f1:55:e9:4b:0d:ef:
35:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:07:6C:A7:F0:65:DC:62:5E:B3:A4:AD:D2:AD:B1:19:A7:A1:66:57
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgdsp_Bl3GJes6St0q2xGaehZlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a09:ef01::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:95c1::/32
2a0d:afc2::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ba:8c:f0:e6:c5:8a:0c:0c:79:65:59:1a:1d:51:f7:a3:7c:
41:c7:bb:a6:93:af:06:ed:56:4b:59:04:4c:74:ca:91:1f:26:
0a:8c:52:0a:2d:1a:c6:08:35:92:4f:d0:27:da:61:3e:5e:6c:
96:0e:96:ec:b3:3c:74:1e:ef:bb:27:1d:fa:2e:d4:a1:83:55:
89:74:63:67:14:e0:b4:e4:fa:ba:8e:3c:48:df:c1:ed:09:e9:
05:df:4f:8b:a6:fa:d4:9f:52:8b:6a:91:33:e5:1d:5c:c1:d3:
24:67:cb:bd:37:70:18:7a:fd:69:3a:93:aa:92:a5:91:10:b2:
4d:a0:98:19:59:dd:ee:f5:70:e6:31:11:66:46:2d:ae:96:6d:
69:e3:ca:d7:21:5e:04:3f:97:83:58:24:95:32:ba:d9:4c:53:
5d:f9:e0:9a:c8:7d:cd:2f:92:95:9e:77:13:b9:bf:27:23:76:
55:80:c4:d3:de:c0:c9:68:0d:64:c4:cc:7c:2a:31:7f:31:03:
02:9b:eb:d0:f7:94:22:f2:5c:2c:7e:96:e9:c4:22:7d:f1:53:
eb:22:46:d1:42:c7:90:37:d5:e3:a8:e8:77:8a:20:30:98:d9:
1e:83:1d:d5:81:06:02:08:64:07:76:97:0f:2e:68:72:d6:f4:
1a:f3:0a:28
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZJ9S8rMuxV2UQyrjzkb4bTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDExMjAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA3NmNhN2YwNjVkYzYyNWViM2E0YWRkMmFkYjExOWE3YTE2NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIAlcfBLvx6CgktEfJPErpZdJNDV
akDVdHyA9AQlOLPt09yOEnXmi2wtCWS4rPNEHxtfBRyXiTMMl1RmrqBHlvtxziyd
mEimd+AoWZlvqqVSS9FhGBWXEhaqfJ3QmcHA0+kih3EOgPQLQcnxaE/79Bwn7lE1
gIB2R5NxEK7e6YiMSxD4sx3MEySDZdpHoHfh5Dd2PZWgf5m/U/C0M6MH9q0ovCI6
g1kYXcnGRi3n1R7Dg9PVgZvvyO0tb27LnAhE1vPSTUACp10t62SH6BAR920xwENt
jwk2i+IJt2M2BZSESOYRCeNyX8ebSFgZ6m2824OFCOOgJ5HxVelLDe81CQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKYHbKfwZdxiXrOkrdKtsRmnoWZXMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcGdkc3BfQmwzR0plczZTdDBxMnhHYWVoWmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgbWQAMF
ACoJ7wEDBQAqCrOFAwUAKg08RAMFACoNlcEDBQAqDa/CAwUAKg8xAjANBgkqhkiG
9w0BAQsFAAOCAQEApbqM8ObFigwMeWVZGh1R96N8Qce7ppOvBu1WS1kETHTKkR8m
CoxSCi0axgg1kk/QJ9phPl5slg6W7LM8dB7vuycd+i7UoYNViXRjZxTgtOT6uo48
SN/B7QnpBd9Pi6b61J9Si2qRM+UdXMHTJGfLvTdwGHr9aTqTqpKlkRCyTaCYGVnd
7vVw5jERZkYtrpZtaePK1yFeBD+Xg1gklTK62UxTXfngmsh9zS+SlZ53E7m/JyN2
VYDE097AyWgNZMTMfCoxfzEDApvr0PeUIvJcLH6W6cQiffFT6yJG0ULHkDfV46jo
d4ogMJjZHoMd1YEGAghkB3aXDy5octb0GvMKKA==
-----END CERTIFICATE-----
Generated at Sat Oct 12 03:20:57 2024 by rpki-client on console-ams.rpki-client.org