Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PKosUr_uVxJ3lHj2YD8P2-ZYj_Y.roa
File: PKosUr_uVxJ3lHj2YD8P2-ZYj_Y.roa (raw, json)
Hash identifier: Pko2cU3+S3M0MYFB1u78E2XVl20eogC4nowXKRTcINo=
Subject key identifier: 3C:AA:2C:52:BF:EE:57:12:77:94:78:F6:60:3F:0F:DB:E6:58:8F:F6
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01927D4BCBDAD0E22DDFF202156AC4E0799A
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PKosUr_uVxJ3lHj2YD8P2-ZYj_Y.roa
Signing time: Fri 11 Oct 2024 20:36:12 +0000
ROA not before: Fri 11 Oct 2024 20:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c2::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 22:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4b:cb:da:d0:e2:2d:df:f2:02:15:6a:c4:e0:79:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 11 20:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3caa2c52bfee5712779478f6603f0fdbe6588ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:85:e3:44:89:b0:b8:5a:ec:31:b3:98:95:ff:
08:8b:16:7d:3f:07:2f:8f:71:47:b1:58:ba:d5:a5:
1f:07:4f:6c:f2:ae:12:c5:10:a4:e0:64:6d:54:dd:
17:86:90:f6:5a:9c:c8:35:f9:8b:16:08:f9:27:c0:
1f:f4:46:f8:3a:74:c8:f5:eb:32:48:50:23:a8:fa:
5c:61:0e:31:6d:e5:f7:ee:42:1e:49:05:82:a7:08:
a6:fd:6e:5a:39:99:ac:b2:d5:9a:a6:64:9d:f1:b8:
c3:d8:ae:b1:fd:c6:b7:d7:1e:f9:bf:ff:44:1e:e6:
35:d9:69:ce:6c:10:45:a8:d7:e9:0f:a3:33:12:42:
40:09:87:bc:61:30:a8:f9:a1:07:0e:26:b8:ab:ac:
95:90:7a:4c:a9:f2:a0:f1:04:34:5a:4d:f5:f4:21:
b8:e6:63:35:b2:5f:fc:6b:b2:4f:fb:1b:88:eb:e5:
b7:01:18:65:6a:ab:d6:3b:10:f9:8a:29:52:a8:84:
27:05:68:42:56:65:f6:a1:d0:af:f3:76:4d:ee:df:
84:92:c7:7a:c2:3c:63:6f:51:94:fa:b9:83:cd:b4:
a2:41:0b:e1:f0:18:75:95:84:28:bf:26:8a:84:8e:
5a:3b:73:38:5e:a7:df:4b:24:b8:9e:6b:b5:3e:90:
62:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:AA:2C:52:BF:EE:57:12:77:94:78:F6:60:3F:0F:DB:E6:58:8F:F6
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PKosUr_uVxJ3lHj2YD8P2-ZYj_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::-2a0d:b9c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
4d:08:f3:a3:15:81:1c:65:64:81:d6:c0:75:fc:f8:13:89:61:
6c:9e:06:44:e7:0d:5d:2b:41:ae:b8:38:db:4d:18:92:a7:49:
f4:fe:e4:df:fb:69:a0:00:68:a2:72:b4:82:13:9a:8e:a4:28:
50:3c:bb:cb:84:71:3e:ec:d1:65:ac:72:45:58:ea:c1:49:ed:
c9:13:6f:8c:cb:f0:47:45:51:0d:f2:99:c0:cf:2f:df:59:1e:
9c:57:6e:ea:b1:48:f2:1b:e6:9a:58:37:43:93:10:43:ee:68:
9b:83:bc:18:72:bc:42:0c:2f:f9:6b:52:54:d7:ce:93:c9:11:
bb:32:18:26:33:2c:57:50:9d:5b:0a:50:2e:e8:b1:a6:4b:22:
14:05:f1:92:9b:f3:e0:8f:9d:80:1f:b5:8b:6a:7a:c3:fe:b7:
47:2e:67:1a:44:a5:04:10:fb:12:53:b2:36:45:38:74:9a:4b:
75:de:9e:d0:9f:dd:df:0f:75:c7:9c:a8:21:cc:32:12:54:52:
01:6e:ac:1e:aa:ce:88:63:85:1c:1d:a7:f6:f7:e2:0e:09:4f:
2d:26:0e:1b:d5:ee:4b:00:d5:27:4c:3f:63:2f:68:46:a2:36:
9a:ee:1a:f8:e2:2a:2b:a3:85:f3:d2:01:50:ea:23:29:eb:3d:
7b:09:27:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJ9S8va0OIt3/ICFWrE4HmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQxMDExMjAzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2FhMmM1MmJmZWU1NzEyNzc5NDc4ZjY2MDNmMGZkYmU2NTg4ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/YXjRImwuFrsMbOYlf8IixZ9Pwcv
j3FHsVi61aUfB09s8q4SxRCk4GRtVN0XhpD2WpzINfmLFgj5J8Af9Eb4OnTI9esy
SFAjqPpcYQ4xbeX37kIeSQWCpwim/W5aOZmsstWapmSd8bjD2K6x/ca31x75v/9E
HuY12WnObBBFqNfpD6MzEkJACYe8YTCo+aEHDia4q6yVkHpMqfKg8QQ0Wk319CG4
5mM1sl/8a7JP+xuI6+W3ARhlaqvWOxD5iilSqIQnBWhCVmX2odCv83ZN7t+Eksd6
wjxjb1GU+rmDzbSiQQvh8Bh1lYQovyaKhI5aO3M4XqffSyS4nmu1PpBivQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDyqLFK/7lcSd5R49mA/D9vmWI/2MB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvUEtvc1VyX3VWeEozbEhqMllEOFAyLVpZal9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqDbnB
AwUAKg25wgMFACoNucUwDQYJKoZIhvcNAQELBQADggEBAE0I86MVgRxlZIHWwHX8
+BOJYWyeBkTnDV0rQa64ONtNGJKnSfT+5N/7aaAAaKJytIITmo6kKFA8u8uEcT7s
0WWsckVY6sFJ7ckTb4zL8EdFUQ3ymcDPL99ZHpxXbuqxSPIb5ppYN0OTEEPuaJuD
vBhyvEIML/lrUlTXzpPJEbsyGCYzLFdQnVsKUC7osaZLIhQF8ZKb8+CPnYAftYtq
esP+t0cuZxpEpQQQ+xJTsjZFOHSaS3XentCf3d8PdcecqCHMMhJUUgFurB6qzohj
hRwdp/b34g4JTy0mDhvV7ksA1SdMP2MvaEaiNpruGvjiKiujhfPSAVDqIynrPXsJ
J3k=
-----END CERTIFICATE-----
Generated at Sat Oct 12 00:06:04 2024 by rpki-client on console-fra.rpki-client.org