Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/9orXjbjs-j2UQjLF2kaMPqeVf-I.roa
File: 9orXjbjs-j2UQjLF2kaMPqeVf-I.roa (raw, json)
Hash identifier: iyk0xss1dZ/Lmh1V92ltR9djPBnZBWUDG6GjS83faaM=
Subject key identifier: F6:8A:D7:8D:B8:EC:FA:3D:94:42:32:C5:DA:46:8C:3E:A7:95:7F:E2
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018F061F0C2ECC3AF60745E2195423DA4475
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/9orXjbjs-j2UQjLF2kaMPqeVf-I.roa
Signing time: Mon 22 Apr 2024 14:04:09 +0000
ROA not before: Mon 22 Apr 2024 14:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:35:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:1f:0c:2e:cc:3a:f6:07:45:e2:19:54:23:da:44:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Apr 22 14:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f68ad78db8ecfa3d944232c5da468c3ea7957fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:63:df:d5:a2:bb:56:96:4b:ad:9e:53:2b:
5d:35:58:d5:4f:b9:c7:8a:1e:37:9e:03:41:46:0b:
0d:48:52:dd:a2:7e:8c:e5:33:b7:70:2c:af:0e:27:
79:15:c9:5e:fc:8c:0c:3b:c2:b4:5c:e0:f6:73:de:
ed:79:4d:f8:2b:c6:31:df:a4:dc:e0:cd:69:f0:33:
da:20:59:b3:5c:18:37:85:8e:2c:74:4c:51:22:0e:
ed:65:e0:bf:c6:6e:f0:f4:71:b9:ce:d4:61:5a:61:
4e:f3:c9:13:e0:ad:41:ca:0b:48:86:d8:0c:28:b5:
82:1f:db:c7:6f:39:88:04:6b:ae:c7:64:1e:90:48:
8e:1f:97:c7:6c:b1:9b:96:2e:6d:8b:05:0c:5c:64:
92:9d:03:41:27:66:37:d5:d4:a9:ef:6b:a1:81:34:
80:3c:13:cf:f4:6c:f5:ac:99:75:19:62:bd:6b:ed:
e5:16:da:4d:46:47:4b:d3:6a:1b:3b:53:35:08:14:
49:e2:0f:9b:37:5f:af:ca:2f:f2:cd:d6:37:05:29:
4c:5c:81:17:46:02:89:1f:63:4b:6e:49:b9:b4:84:
5b:59:0f:5e:ad:7a:e3:92:cc:e8:c9:fa:ad:31:75:
b4:4c:a6:b9:36:5f:35:1e:5a:ad:ad:a9:dc:70:83:
73:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8A:D7:8D:B8:EC:FA:3D:94:42:32:C5:DA:46:8C:3E:A7:95:7F:E2
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/9orXjbjs-j2UQjLF2kaMPqeVf-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::/32
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
36:41:e0:19:ea:fc:2e:54:96:6b:7b:33:47:82:75:3c:79:8e:
cb:56:29:f5:96:99:ad:44:70:5c:c4:95:aa:95:8b:10:94:e3:
6e:29:75:16:74:5b:41:cc:e5:f6:46:fc:f5:35:d2:ed:52:98:
99:f0:7b:de:84:0d:3c:81:05:3e:0b:ea:55:af:3e:d1:6e:a7:
7e:44:9c:55:4e:90:d3:a1:7c:49:61:84:8b:bf:00:eb:9a:44:
9f:e6:4f:30:ec:b9:52:cd:df:1c:20:90:83:12:a8:56:b6:15:
05:45:26:66:53:fa:a9:7e:51:42:9e:e4:73:e7:02:e2:2a:86:
17:5d:a9:b1:4b:f3:7f:6a:67:2c:ab:a0:d4:ef:88:a8:e0:fa:
0b:b4:73:21:7c:b9:04:b4:46:f5:f9:fc:79:f5:7f:ac:ca:3f:
06:5d:ca:96:14:42:28:2d:60:4e:96:95:db:c0:b3:a4:fb:16:
d5:0d:5b:a2:10:c2:93:c5:80:8e:ca:ae:b5:a0:2d:08:84:83:
ca:bc:f8:28:2f:86:d5:c6:f2:20:8d:0b:95:04:f6:de:cd:1b:
e1:50:a4:26:a7:60:76:a0:b4:15:42:5e:3b:67:e8:8a:d1:8f:
6e:4e:a1:c2:35:c2:be:7e:b1:e9:25:1f:b7:03:94:5b:c6:10:
2e:35:77:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8GHwwuzDr2B0XiGVQj2kR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwNDIyMTQwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhhZDc4ZGI4ZWNmYTNkOTQ0MjMyYzVkYTQ2OGMzZWE3OTU3ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNpj39Wiu1aWS62eUytdNVjVT7nH
ih43ngNBRgsNSFLdon6M5TO3cCyvDid5Fcle/IwMO8K0XOD2c97teU34K8Yx36Tc
4M1p8DPaIFmzXBg3hY4sdExRIg7tZeC/xm7w9HG5ztRhWmFO88kT4K1BygtIhtgM
KLWCH9vHbzmIBGuux2QekEiOH5fHbLGbli5tiwUMXGSSnQNBJ2Y31dSp72uhgTSA
PBPP9Gz1rJl1GWK9a+3lFtpNRkdL02obO1M1CBRJ4g+bN1+vyi/yzdY3BSlMXIEX
RgKJH2NLbkm5tIRbWQ9erXrjkszoyfqtMXW0TKa5Nl81HlqtranccINz+wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPaK14247Po9lEIyxdpGjD6nlX/iMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvOW9yWGpianMtajJVUWpMRjJrYU1QcWVWZi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg25wQMF
ACoNucUwDQYJKoZIhvcNAQELBQADggEBADZB4Bnq/C5Ulmt7M0eCdTx5jstWKfWW
ma1EcFzElaqVixCU424pdRZ0W0HM5fZG/PU10u1SmJnwe96EDTyBBT4L6lWvPtFu
p35EnFVOkNOhfElhhIu/AOuaRJ/mTzDsuVLN3xwgkIMSqFa2FQVFJmZT+ql+UUKe
5HPnAuIqhhddqbFL839qZyyroNTviKjg+gu0cyF8uQS0RvX5/Hn1f6zKPwZdypYU
QigtYE6WldvAs6T7FtUNW6IQwpPFgI7KrrWgLQiEg8q8+CgvhtXG8iCNC5UE9t7N
G+FQpCanYHagtBVCXjtn6IrRj25OocI1wr5+seklH7cDlFvGEC41d24=
-----END CERTIFICATE-----
Generated at Fri Oct 11 22:31:17 2024 by rpki-client on console-fra.rpki-client.org