Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/B7b7v2RmXVDHiDjYtlDM161lng4.roa
File: B7b7v2RmXVDHiDjYtlDM161lng4.roa (raw, json)
Hash identifier: uZqxDvG/R+lcV1YKTjbflCZBpFTqonbshTqwOtpQ2+A=
Subject key identifier: 07:B6:FB:BF:64:66:5D:50:C7:88:38:D8:B6:50:CC:D7:AD:65:9E:0E
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01927DCCE31E5484AABA057EF88859573C19
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/B7b7v2RmXVDHiDjYtlDM161lng4.roa
Signing time: Fri 11 Oct 2024 22:57:12 +0000
ROA not before: Fri 11 Oct 2024 22:57:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:cc:e3:1e:54:84:aa:ba:05:7e:f8:88:59:57:3c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 11 22:57:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07b6fbbf64665d50c78838d8b650ccd7ad659e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:13:27:03:2e:79:04:4b:4f:b1:32:08:16:
70:a9:f2:9d:90:29:ab:7a:6b:a4:f4:a7:f4:cf:76:
28:6e:7c:01:46:2c:d9:01:00:6a:98:b7:98:62:55:
9e:5e:e2:6e:1f:8c:74:65:f6:4a:5a:9e:98:e6:3f:
0b:40:61:e3:87:f1:fb:ee:f5:a7:1f:f9:f2:88:ff:
2f:68:1f:2f:7c:9d:28:e5:de:ce:1b:51:0b:84:a2:
18:25:90:c1:71:4a:17:c5:a6:fe:87:92:6e:07:ca:
19:2b:f9:5a:45:a1:c0:27:13:51:84:ae:8d:f3:83:
eb:f0:b3:79:bb:d7:fd:60:e2:8b:bf:9f:3f:36:b5:
91:ee:73:b7:95:36:cb:1b:7f:8d:ec:f8:b1:22:8a:
e7:1b:51:25:b2:87:01:8e:30:9c:28:9b:12:6b:96:
61:91:ea:c6:d9:34:55:10:f5:30:38:65:82:64:9b:
85:81:20:fb:2a:78:3c:3c:47:17:a9:b3:8a:d4:c3:
d5:4e:34:09:6f:e0:19:a7:21:bf:fc:6f:b1:51:88:
3a:d7:ca:46:13:56:34:fe:65:5c:e4:1c:cd:2c:8d:
1a:7b:68:d1:04:24:d8:97:c5:7f:dc:81:33:1b:fd:
bf:c9:3a:53:a7:93:cd:74:88:93:6b:78:55:43:e0:
b8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B6:FB:BF:64:66:5D:50:C7:88:38:D8:B6:50:CC:D7:AD:65:9E:0E
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/B7b7v2RmXVDHiDjYtlDM161lng4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::/32
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
77:1a:09:de:30:de:87:fb:9a:6a:0d:dc:ab:db:9a:79:b3:a5:
83:62:d9:b9:fc:ff:d8:36:87:0f:71:2a:60:04:39:f8:5c:2c:
e6:79:46:54:05:56:2a:a8:44:59:6d:db:a3:c3:67:5f:32:e4:
79:ca:e1:98:3f:1d:e1:bb:f3:11:22:b2:3c:0e:73:18:9f:73:
20:c7:05:bd:0b:1d:80:71:51:ae:07:db:0d:a2:27:f4:64:55:
89:83:b1:4e:dd:62:16:e4:f8:86:8d:e4:4e:69:fb:cf:00:64:
ff:49:a5:a6:70:33:c7:b4:cd:57:21:54:53:54:33:64:6d:88:
ff:11:64:9f:f8:cc:58:c3:e9:f0:46:97:b1:9f:26:f8:e5:c4:
dc:76:9f:6d:f2:6f:43:b4:8d:b0:85:89:ff:61:f6:6a:41:f3:
3c:67:3b:73:9d:c5:9a:aa:02:94:9b:56:99:19:b1:96:6a:fd:
ab:7a:61:8d:15:c2:f3:fc:12:22:9c:a6:81:b9:35:cf:1f:ce:
6a:9b:bc:a3:9a:23:5c:5b:d9:18:25:7e:0c:f4:c6:af:6c:c0:
05:cc:b5:42:de:0b:16:56:19:a9:38:82:01:2a:92:75:ce:8e:
d1:70:94:b8:00:d4:70:3e:4d:60:12:2b:88:b1:f3:50:7d:06:
de:b5:36:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9zOMeVISqugV++IhZVzwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQxMDExMjI1NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2I2ZmJiZjY0NjY1ZDUwYzc4ODM4ZDhiNjUwY2NkN2FkNjU5ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf4TJwMueQRLT7EyCBZwqfKdkCmr
emuk9Kf0z3YobnwBRizZAQBqmLeYYlWeXuJuH4x0ZfZKWp6Y5j8LQGHjh/H77vWn
H/nyiP8vaB8vfJ0o5d7OG1ELhKIYJZDBcUoXxab+h5JuB8oZK/laRaHAJxNRhK6N
84Pr8LN5u9f9YOKLv58/NrWR7nO3lTbLG3+N7PixIornG1ElsocBjjCcKJsSa5Zh
kerG2TRVEPUwOGWCZJuFgSD7Kng8PEcXqbOK1MPVTjQJb+AZpyG//G+xUYg618pG
E1Y0/mVc5BzNLI0ae2jRBCTYl8V/3IEzG/2/yTpTp5PNdIiTa3hVQ+C4NwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAe2+79kZl1Qx4g42LZQzNetZZ4OMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvQjdiN3YyUm1YVkRIaURqWXRsRE0xNjFsbmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg25wQMF
ACoNucUwDQYJKoZIhvcNAQELBQADggEBAHcaCd4w3of7mmoN3KvbmnmzpYNi2bn8
/9g2hw9xKmAEOfhcLOZ5RlQFViqoRFlt26PDZ18y5HnK4Zg/HeG78xEisjwOcxif
cyDHBb0LHYBxUa4H2w2iJ/RkVYmDsU7dYhbk+IaN5E5p+88AZP9JpaZwM8e0zVch
VFNUM2RtiP8RZJ/4zFjD6fBGl7GfJvjlxNx2n23yb0O0jbCFif9h9mpB8zxnO3Od
xZqqApSbVpkZsZZq/at6YY0VwvP8EiKcpoG5Nc8fzmqbvKOaI1xb2Rglfgz0xq9s
wAXMtULeCxZWGak4ggEqknXOjtFwlLgA1HA+TWASK4ix81B9Bt61NuA=
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:49 2024 by rpki-client on console-fra.rpki-client.org