Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/7uwSdmtg2ctRj33SeTlvvc7IFdI.roa
File: 7uwSdmtg2ctRj33SeTlvvc7IFdI.roa (raw, json)
Hash identifier: juJmB1Tj6E6y6WjYD0YFq0AsgnxKc3R86C8PuyBKsBI=
Subject key identifier: EE:EC:12:76:6B:60:D9:CB:51:8F:7D:D2:79:39:6F:BD:CE:C8:15:D2
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0192C34B7D4D3205589DCEDA6FE81FB7A28C
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/7uwSdmtg2ctRj33SeTlvvc7IFdI.roa
Signing time: Fri 25 Oct 2024 10:49:17 +0000
ROA not before: Fri 25 Oct 2024 10:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c2::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:4b:7d:4d:32:05:58:9d:ce:da:6f:e8:1f:b7:a2:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 25 10:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeec12766b60d9cb518f7dd279396fbdcec815d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:63:a6:1a:11:ce:10:6e:b3:bd:10:83:b4:
a3:c2:1e:ae:62:d9:42:6e:3c:b0:d5:59:ac:42:81:
70:9f:1c:51:2b:7b:d8:eb:69:f0:ee:49:9e:33:95:
36:ec:a2:42:08:e9:ac:23:69:cf:26:0f:54:a4:52:
17:54:cc:51:c8:1e:63:49:58:d3:89:8a:dc:bc:94:
0a:3e:fe:27:d7:fd:10:ed:04:75:87:33:37:42:7d:
19:6d:11:5e:38:80:ef:3c:46:a3:ce:ca:87:d2:99:
46:85:ab:89:25:69:d2:7d:b6:65:18:ee:57:3b:2f:
5e:02:93:23:6d:af:d5:2a:f1:7f:a2:f6:4d:34:2e:
73:a6:19:d7:59:c4:8f:b2:5e:fb:36:ac:e5:29:2e:
c1:56:2d:68:a6:6b:18:39:87:7e:8b:f9:78:5d:8e:
da:82:76:cf:96:11:0d:92:26:39:03:cd:96:de:8f:
ef:49:84:11:13:2a:21:68:79:c5:59:98:9c:c5:93:
85:5e:fc:b2:7c:b4:52:2a:83:52:18:82:fa:30:11:
b0:6d:c6:8a:44:92:6d:c5:81:d0:6c:ec:02:61:0f:
1c:eb:f2:16:1a:12:64:11:9c:9f:e4:12:39:0d:cf:
6f:d5:8b:cd:70:7e:52:6c:3e:81:fd:17:ec:e5:03:
81:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EC:12:76:6B:60:D9:CB:51:8F:7D:D2:79:39:6F:BD:CE:C8:15:D2
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/7uwSdmtg2ctRj33SeTlvvc7IFdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::-2a0d:b9c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
0f:11:31:12:39:5d:cc:8e:0f:3f:a9:67:5f:4f:81:5a:66:ae:
c9:83:42:bf:14:7d:3d:75:9e:2b:f3:fc:f2:99:93:26:b1:eb:
5c:fa:d4:93:a7:0c:3f:7d:95:9b:6e:b9:8c:65:da:92:a0:22:
66:10:d0:6c:ec:5c:f1:1f:d6:48:2a:e4:63:9c:14:d0:a2:6b:
41:0d:d6:11:12:66:98:b3:43:48:74:67:2f:34:60:87:59:bf:
7a:e3:2c:36:15:3e:23:2b:0f:88:98:3e:3c:83:6a:c1:7d:ee:
9e:f4:26:a2:b2:72:d4:36:b6:bb:17:a9:7c:50:6a:d1:9f:7a:
cd:c7:83:20:1f:66:72:b6:5e:20:81:d1:15:75:44:0a:8a:3a:
bb:fa:e6:17:a1:f5:3d:98:74:25:3f:87:98:47:b6:e6:58:9d:
64:7a:75:4c:81:60:a2:e0:43:e2:09:12:70:e6:e4:46:f9:4d:
f0:c6:90:95:77:5e:8c:2b:39:b5:c7:0e:88:2d:cf:71:1d:f5:
85:fb:dc:19:ac:c0:24:a7:1b:5c:5a:b5:03:75:d8:9e:e3:b9:
15:01:b7:a9:bd:32:39:33:c1:26:de:33:9e:b9:05:2a:da:88:
a3:2f:23:fe:f8:61:18:8a:e8:52:8c:f8:86:5a:13:b6:3a:b6:
99:64:35:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZLDS31NMgVYnc7ab+gft6KMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQxMDI1MTA0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWVjMTI3NjZiNjBkOWNiNTE4ZjdkZDI3OTM5NmZiZGNlYzgxNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDNjphoRzhBus70Qg7Sjwh6uYtlC
bjyw1VmsQoFwnxxRK3vY62nw7kmeM5U27KJCCOmsI2nPJg9UpFIXVMxRyB5jSVjT
iYrcvJQKPv4n1/0Q7QR1hzM3Qn0ZbRFeOIDvPEajzsqH0plGhauJJWnSfbZlGO5X
Oy9eApMjba/VKvF/ovZNNC5zphnXWcSPsl77NqzlKS7BVi1opmsYOYd+i/l4XY7a
gnbPlhENkiY5A82W3o/vSYQREyohaHnFWZicxZOFXvyyfLRSKoNSGIL6MBGwbcaK
RJJtxYHQbOwCYQ8c6/IWGhJkEZyf5BI5Dc9v1YvNcH5SbD6B/Rfs5QOBNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO7sEnZrYNnLUY990nk5b73OyBXSMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvN3V3U2RtdGcyY3RSajMzU2VUbHZ2YzdJRmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqDbnB
AwUAKg25wgMFACoNucUwDQYJKoZIhvcNAQELBQADggEBAA8RMRI5XcyODz+pZ19P
gVpmrsmDQr8UfT11nivz/PKZkyax61z61JOnDD99lZtuuYxl2pKgImYQ0GzsXPEf
1kgq5GOcFNCia0EN1hESZpizQ0h0Zy80YIdZv3rjLDYVPiMrD4iYPjyDasF97p70
JqKyctQ2trsXqXxQatGfes3HgyAfZnK2XiCB0RV1RAqKOrv65heh9T2YdCU/h5hH
tuZYnWR6dUyBYKLgQ+IJEnDm5Eb5TfDGkJV3XowrObXHDogtz3Ed9YX73BmswCSn
G1xatQN12J7juRUBt6m9MjkzwSbeM565BSraiKMvI/74YRiK6FKM+IZaE7Y6tplk
NTs=
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:07 2024 by rpki-client on console-fra.rpki-client.org