Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pra0LsEh5RGl0-YHjBn8kjODcHQ.roa
File: pra0LsEh5RGl0-YHjBn8kjODcHQ.roa (raw, json)
Hash identifier: pEzJSsE9Ao1iGG3aRKqMtlnDX1vt9hwgAJpvkj63QCQ=
Subject key identifier: A6:B6:B4:2E:C1:21:E5:11:A5:D3:E6:07:8C:19:FC:92:33:83:70:74
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01927DBC676EDFB25DFAFA8889F00674E051
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pra0LsEh5RGl0-YHjBn8kjODcHQ.roa
Signing time: Fri 11 Oct 2024 22:39:12 +0000
ROA not before: Fri 11 Oct 2024 22:39:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a06:d640::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:bc:67:6e:df:b2:5d:fa:fa:88:89:f0:06:74:e0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 11 22:39:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6b6b42ec121e511a5d3e6078c19fc9233837074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:36:88:b1:dd:bd:b2:5d:dc:19:ed:90:a6:
aa:50:7c:6d:a0:ea:41:b7:7b:40:c4:da:d4:9c:79:
56:d3:04:e4:68:1f:b2:39:32:a9:ec:c3:a1:52:38:
81:4b:0e:ee:d6:26:2f:d7:16:66:20:4e:d0:22:9b:
e8:55:98:26:78:60:56:fc:e5:d5:bc:4e:b0:60:72:
cd:c8:90:8e:01:43:2e:d0:3f:2a:83:01:e3:3c:8b:
b3:07:09:df:5b:d7:a7:2d:89:52:fc:c4:52:d9:bb:
a0:a7:23:91:6a:90:34:2f:db:44:27:39:89:5b:11:
0f:a1:26:ac:f8:ee:43:32:30:c2:03:4a:bd:ec:19:
56:a9:ad:29:76:f6:05:b4:3b:b7:17:1f:85:91:50:
24:83:5a:c6:eb:f8:94:d2:d0:76:69:fd:6d:28:21:
43:96:08:75:45:0f:a0:6a:3f:d9:3a:e3:02:82:b0:
a4:54:8c:74:80:cc:9c:df:71:57:78:07:75:34:87:
5e:d2:f3:9f:c1:99:30:ac:ad:a2:f4:68:6b:85:63:
48:5a:88:a5:8c:2d:36:1b:5b:58:eb:82:8a:ad:de:
0d:d8:9f:17:93:81:c5:d7:bb:03:21:12:c4:96:09:
c1:fd:d5:57:98:e9:de:cd:36:94:28:2c:7e:12:95:
85:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B6:B4:2E:C1:21:E5:11:A5:D3:E6:07:8C:19:FC:92:33:83:70:74
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pra0LsEh5RGl0-YHjBn8kjODcHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a09:ef01::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:afc2::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
cb:69:66:d4:ed:67:6c:77:01:67:b0:e7:e0:0f:94:5a:e9:27:
1a:c5:26:40:6c:6a:dc:c5:8a:b4:d0:6a:49:18:57:48:a0:04:
2f:ea:0e:2b:a2:f9:2e:3e:99:c0:f0:23:e6:19:73:a4:15:0f:
aa:c9:7b:4e:da:b7:ff:39:32:8a:e8:c4:32:3d:7c:97:2e:07:
f9:23:1a:6d:20:73:55:0b:89:7d:d8:25:a1:ba:96:30:c2:ee:
d6:bd:c5:24:ed:18:36:3f:74:e7:65:e8:28:65:01:3c:eb:5e:
65:c2:3a:3d:e0:ca:2c:fa:6e:2b:a0:e8:5a:1f:ed:76:53:a4:
46:b6:ef:cd:2f:08:df:bc:38:f2:fc:56:79:ca:6c:c6:32:0b:
11:f0:cb:62:e5:93:21:52:ab:84:62:f7:6b:48:83:aa:fd:f1:
5a:e1:6b:5c:07:fd:4e:da:20:5d:4e:fe:f3:76:c2:29:86:59:
ba:32:f9:c9:2d:b1:da:0c:96:9b:b9:03:ff:52:88:92:27:58:
bf:39:a1:2c:ce:60:5c:90:d2:de:01:1c:29:2a:da:a0:0f:74:
ae:5b:d2:b4:5e:c0:5f:d5:83:e3:97:e8:f0:9c:c2:98:01:e4:
82:f0:f5:95:67:ba:c6:96:71:de:5b:af:b6:e2:88:fc:ab:9e:
a4:4b:fd:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJ9vGdu37Jd+vqIifAGdOBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDExMjIzOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI2YjQyZWMxMjFlNTExYTVkM2U2MDc4YzE5ZmM5MjMzODM3MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zs2iLHdvbJd3BntkKaqUHxtoOpB
t3tAxNrUnHlW0wTkaB+yOTKp7MOhUjiBSw7u1iYv1xZmIE7QIpvoVZgmeGBW/OXV
vE6wYHLNyJCOAUMu0D8qgwHjPIuzBwnfW9enLYlS/MRS2bugpyORapA0L9tEJzmJ
WxEPoSas+O5DMjDCA0q97BlWqa0pdvYFtDu3Fx+FkVAkg1rG6/iU0tB2af1tKCFD
lgh1RQ+gaj/ZOuMCgrCkVIx0gMyc33FXeAd1NIde0vOfwZkwrK2i9GhrhWNIWoil
jC02G1tY64KKrd4N2J8Xk4HF17sDIRLElgnB/dVXmOnezTaUKCx+EpWFZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKa2tC7BIeURpdPmB4wZ/JIzg3B0MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcHJhMExzRWg1UkdsMC1ZSGpCbjhrak9EY0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgbWQAMF
ACoJ7wEDBQAqCrOFAwUAKg08RAMFACoNr8IDBQAqDzECMA0GCSqGSIb3DQEBCwUA
A4IBAQDLaWbU7WdsdwFnsOfgD5Ra6ScaxSZAbGrcxYq00GpJGFdIoAQv6g4rovku
PpnA8CPmGXOkFQ+qyXtO2rf/OTKK6MQyPXyXLgf5IxptIHNVC4l92CWhupYwwu7W
vcUk7Rg2P3TnZegoZQE8615lwjo94Mos+m4roOhaH+12U6RGtu/NLwjfvDjy/FZ5
ymzGMgsR8Mti5ZMhUquEYvdrSIOq/fFa4WtcB/1O2iBdTv7zdsIphlm6MvnJLbHa
DJabuQP/UoiSJ1i/OaEszmBckNLeARwpKtqgD3SuW9K0XsBf1YPjl+jwnMKYAeSC
8PWVZ7rGlnHeW6+24oj8q56kS/0E
-----END CERTIFICATE-----
Generated at Thu Oct 17 22:34:22 2024 by rpki-client on console-ams.rpki-client.org