Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/rR2gKvCeSMFkOqtGzazsccPVyL0.roa
File: rR2gKvCeSMFkOqtGzazsccPVyL0.roa (raw, json)
Hash identifier: mkCxlg4J88sNjoeWLOQui853yaYWKxPsibDbbisRt+g=
Subject key identifier: AD:1D:A0:2A:F0:9E:48:C1:64:3A:AB:46:CD:AC:EC:71:C3:D5:C8:BD
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01926847CC1C5417013B63680E37962F5835
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/rR2gKvCeSMFkOqtGzazsccPVyL0.roa
Signing time: Mon 07 Oct 2024 18:39:48 +0000
ROA not before: Mon 07 Oct 2024 18:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:d702::/32 maxlen: 32
2a0d:afc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Oct 2024 09:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:68:47:cc:1c:54:17:01:3b:63:68:0e:37:96:2f:58:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 7 18:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad1da02af09e48c1643aab46cdacec71c3d5c8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:d8:62:7c:d1:4b:b5:f5:14:23:28:f4:06:
a7:94:e5:bf:1e:59:f6:92:2a:21:18:55:64:1f:1e:
26:13:a9:56:4d:d4:a8:ad:6d:48:60:8d:2a:65:bc:
9f:5c:a3:dd:7c:33:b0:a5:ff:d9:8e:dd:7c:73:cb:
c7:3e:06:10:24:8f:8c:77:21:2b:57:e5:27:e1:d6:
3c:9f:2b:38:27:64:1d:68:9a:3b:fc:8d:20:a4:8e:
45:a4:52:cd:f4:24:e8:39:89:6e:fd:12:b9:bc:9b:
3d:5d:81:96:13:bb:8d:ab:d4:5a:d0:64:98:50:7a:
3f:2e:9e:c9:12:d8:03:43:1c:dd:c6:67:84:62:02:
f8:a6:2b:5f:f7:9a:db:0a:20:a2:3f:e8:e0:53:8c:
b3:ca:1b:c5:66:aa:79:00:0a:00:e9:f2:3c:77:6e:
f6:b1:b8:c8:42:96:e9:fa:97:a8:86:ea:2c:38:63:
d7:74:90:23:1d:da:5c:5b:0c:3e:97:4e:46:db:08:
4f:db:49:eb:b1:0b:7b:7a:e5:a4:09:01:c5:23:1e:
39:b1:38:38:6f:db:f6:c5:98:f6:f7:5d:d0:ae:e8:
2d:ea:3b:a3:e0:97:25:20:aa:16:4f:06:5d:11:73:
de:20:ce:e8:35:8c:ed:41:c3:3c:00:8b:1a:10:c9:
ca:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:1D:A0:2A:F0:9E:48:C1:64:3A:AB:46:CD:AC:EC:71:C3:D5:C8:BD
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/rR2gKvCeSMFkOqtGzazsccPVyL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:d702::/32
2a0d:afc2::/32
Signature Algorithm: sha256WithRSAEncryption
3d:d3:e2:56:5e:e5:43:7c:2b:00:bc:d4:9c:35:76:ef:de:8a:
74:1a:eb:21:f5:f5:32:1b:bb:ac:8d:e3:3f:2c:db:9f:9f:5c:
f5:34:13:85:c5:f4:ad:83:4c:2f:f1:4a:9e:2b:73:e2:7e:67:
f0:95:fb:91:ab:d9:fd:c8:8c:5d:87:db:fa:2a:96:e6:d6:9c:
56:9c:4e:c2:28:c5:b6:d1:ee:0d:d7:d8:0c:ad:04:e7:c5:4f:
84:38:eb:4e:11:99:f9:ee:54:aa:21:63:00:bc:1f:b5:91:5a:
b9:5d:ee:2d:78:5f:f8:01:5f:30:be:c1:0f:b0:f1:25:2e:ec:
98:cc:b4:8b:cf:7f:69:28:fe:41:88:37:1d:0b:5e:a4:2d:d5:
0a:07:0c:16:d7:bb:a9:4e:4e:98:52:4f:23:f6:cb:04:fd:db:
98:57:a2:de:25:31:31:7c:09:d6:0d:88:dd:4e:49:b1:e5:6d:
ea:e2:42:d8:c6:a1:52:63:ca:04:da:96:11:b9:d3:02:17:97:
1a:c2:a9:c1:8f:d6:83:0a:04:31:45:a1:71:5d:89:b3:33:7f:
9c:8b:0d:eb:1e:28:52:fc:56:77:c2:ef:48:0c:52:e0:94:a8:
5f:4a:d5:33:a1:3a:a2:30:77:2c:00:3b:71:f5:5b:87:08:b7:
3a:34:a6:60
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJoR8wcVBcBO2NoDjeWL1g1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDA3MTgzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDFkYTAyYWYwOWU0OGMxNjQzYWFiNDZjZGFjZWM3MWMzZDVjOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5DYYnzRS7X1FCMo9AanlOW/Hln2
kiohGFVkHx4mE6lWTdSorW1IYI0qZbyfXKPdfDOwpf/Zjt18c8vHPgYQJI+MdyEr
V+Un4dY8nys4J2QdaJo7/I0gpI5FpFLN9CToOYlu/RK5vJs9XYGWE7uNq9Ra0GSY
UHo/Lp7JEtgDQxzdxmeEYgL4pitf95rbCiCiP+jgU4yzyhvFZqp5AAoA6fI8d272
sbjIQpbp+peohuosOGPXdJAjHdpcWww+l05G2whP20nrsQt7euWkCQHFIx45sTg4
b9v2xZj2913Qrugt6juj4JclIKoWTwZdEXPeIM7oNYztQcM8AIsaEMnK/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK0doCrwnkjBZDqrRs2s7HHD1ci9MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvclIyZ0t2Q2VTTUZrT3F0R3phenNjY1BWeUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgnXAgMF
ACoNr8IwDQYJKoZIhvcNAQELBQADggEBAD3T4lZe5UN8KwC81Jw1du/einQa6yH1
9TIbu6yN4z8s25+fXPU0E4XF9K2DTC/xSp4rc+J+Z/CV+5Gr2f3IjF2H2/oqlubW
nFacTsIoxbbR7g3X2AytBOfFT4Q4604RmfnuVKohYwC8H7WRWrld7i14X/gBXzC+
wQ+w8SUu7JjMtIvPf2ko/kGINx0LXqQt1QoHDBbXu6lOTphSTyP2ywT925hXot4l
MTF8CdYNiN1OSbHlberiQtjGoVJjygTalhG50wIXlxrCqcGP1oMKBDFFoXFdibMz
f5yLDeseKFL8VnfC70gMUuCUqF9K1TOhOqIwdywAO3H1W4cItzo0pmA=
-----END CERTIFICATE-----
Generated at Wed Oct 9 13:27:01 2024 by rpki-client on console-fra.rpki-client.org