Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PrEXDIhhc3CU1AjvhsF8T_dRvOg.roa
File: PrEXDIhhc3CU1AjvhsF8T_dRvOg.roa (raw, json)
Hash identifier: EvGJz12XmIR+BCeQNuhO2e50WcqSmEOzsyza6d7MMfg=
Subject key identifier: 3E:B1:17:0C:88:61:73:70:94:D4:08:EF:86:C1:7C:4F:F7:51:BC:E8
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01903BF1666DD7CC0FF94B9E5A78DD9F777B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PrEXDIhhc3CU1AjvhsF8T_dRvOg.roa
Signing time: Fri 21 Jun 2024 17:56:34 +0000
ROA not before: Fri 21 Jun 2024 17:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34567
IP address blocks: 2a0f:9a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Jul 2024 22:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:f1:66:6d:d7:cc:0f:f9:4b:9e:5a:78:dd:9f:77:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 21 17:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb1170c8861737094d408ef86c17c4ff751bce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:bf:69:8a:5c:c3:93:5d:80:21:42:33:86:
ea:20:29:75:b4:5b:1a:c8:1b:74:c3:cd:6f:6e:34:
9a:b0:ca:90:b1:da:a4:e9:b7:2f:95:18:3e:6e:ea:
bf:f3:03:9f:79:5d:11:38:30:fa:ee:c2:67:82:d6:
80:ee:99:7e:09:62:c4:78:ff:58:19:b0:a8:37:58:
50:7a:22:e4:6e:4e:f7:61:9b:ab:00:54:3f:e6:68:
98:dc:b3:9d:08:ca:87:62:81:1e:fe:c5:f0:b1:bb:
4f:e9:8f:f1:65:32:5e:0f:3c:4b:3a:8a:f4:cf:54:
0e:f7:50:d2:82:5d:5c:96:80:32:62:fc:6e:70:f2:
95:6e:09:b3:eb:65:be:93:bd:b9:4d:df:69:06:a2:
f4:62:02:c8:f9:de:c3:bf:66:ba:ef:a2:36:ba:cb:
f9:60:68:e9:55:d1:97:ca:ae:13:e3:34:01:82:ed:
9f:f3:a0:64:db:9d:07:bb:22:c8:98:51:58:f4:f0:
4a:e4:cd:63:ab:d5:d9:8f:63:fa:ea:f0:29:9d:36:
37:7a:86:44:cc:54:7f:0f:e3:8d:59:a2:df:74:55:
8f:45:dd:88:67:86:55:40:e3:66:3a:5d:70:46:99:
db:9f:b9:93:3d:96:e8:5c:3b:b9:28:c6:d0:fa:32:
d4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B1:17:0C:88:61:73:70:94:D4:08:EF:86:C1:7C:4F:F7:51:BC:E8
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PrEXDIhhc3CU1AjvhsF8T_dRvOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
44:5b:b6:73:9b:dc:b4:9c:99:7b:9a:0e:71:1f:dd:d2:9a:8a:
43:e7:3a:dd:7b:37:77:ec:94:27:bb:64:a2:79:29:f4:8f:41:
fc:c2:af:91:0c:5d:4b:2f:95:a5:71:12:4f:57:14:ca:fa:eb:
9f:59:5f:30:05:44:c9:37:44:8b:9d:15:6b:a2:d9:3b:be:42:
d8:b3:71:50:29:ee:d4:92:a6:68:87:87:ac:0a:9a:54:74:61:
d5:b2:69:53:5f:97:93:c9:7b:1f:17:44:97:91:f7:dc:21:62:
36:5d:0e:27:b3:f0:d1:ce:0b:1f:73:6a:e7:88:8a:26:49:4d:
4b:fd:08:29:4c:fd:ce:92:a9:79:2b:69:4c:53:67:93:29:ff:
07:25:ec:1b:71:66:28:c0:b6:ef:0d:4f:4b:e9:d9:b2:96:7a:
4d:a2:b3:dd:fd:58:81:c3:9e:61:f5:dc:87:78:f0:79:d0:31:
99:53:ae:f1:36:ed:c1:9b:7e:f2:c0:4a:58:e9:19:9b:89:68:
c7:7b:13:ff:3b:d6:9a:d0:74:69:c4:90:9b:72:74:24:23:35:
fb:f4:ef:77:f5:1b:5d:03:2e:7a:8e:dc:16:9e:9a:28:df:5b:
72:a6:5d:1b:3a:b0:25:22:b5:6f:77:90:f3:35:ee:70:30:c8:
87:94:55:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZA78WZt18wP+UueWnjdn3d7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjIxMTc1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWIxMTcwYzg4NjE3MzcwOTRkNDA4ZWY4NmMxN2M0ZmY3NTFiY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozS/aYpcw5NdgCFCM4bqICl1tFsa
yBt0w81vbjSasMqQsdqk6bcvlRg+buq/8wOfeV0RODD67sJngtaA7pl+CWLEeP9Y
GbCoN1hQeiLkbk73YZurAFQ/5miY3LOdCMqHYoEe/sXwsbtP6Y/xZTJeDzxLOor0
z1QO91DSgl1cloAyYvxucPKVbgmz62W+k725Td9pBqL0YgLI+d7Dv2a676I2usv5
YGjpVdGXyq4T4zQBgu2f86Bk250HuyLImFFY9PBK5M1jq9XZj2P66vApnTY3eoZE
zFR/D+ONWaLfdFWPRd2IZ4ZVQONmOl1wRpnbn7mTPZboXDu5KMbQ+jLULwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD6xFwyIYXNwlNQI74bBfE/3UbzoMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUHJFWERJaGhjM0NVMUFqdmhzRjhUX2RSdk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+aQDAN
BgkqhkiG9w0BAQsFAAOCAQEARFu2c5vctJyZe5oOcR/d0pqKQ+c63Xs3d+yUJ7tk
onkp9I9B/MKvkQxdSy+VpXEST1cUyvrrn1lfMAVEyTdEi50Va6LZO75C2LNxUCnu
1JKmaIeHrAqaVHRh1bJpU1+Xk8l7HxdEl5H33CFiNl0OJ7Pw0c4LH3Nq54iKJklN
S/0IKUz9zpKpeStpTFNnkyn/ByXsG3FmKMC27w1PS+nZspZ6TaKz3f1YgcOeYfXc
h3jwedAxmVOu8TbtwZt+8sBKWOkZm4lox3sT/zvWmtB0acSQm3J0JCM1+/Tvd/Ub
XQMueo7cFp6aKN9bcqZdGzqwJSK1b3eQ8zXucDDIh5RVBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 24 01:25:08 2024 by rpki-client on console-ams.rpki-client.org