Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/XAV9ktUFVi4s_iRti9KBC_lMxe4.roa
File: XAV9ktUFVi4s_iRti9KBC_lMxe4.roa (raw, json)
Hash identifier: wAQeBhnsUzAbSVW8/EkKeVvNOSAsAQ7x6ZAQAQ8tcFI=
Subject key identifier: 5C:05:7D:92:D5:05:56:2E:2C:FE:24:6D:8B:D2:81:0B:F9:4C:C5:EE
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 01927DCCE2AD9DABFBC242EEF3F68E285115
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/XAV9ktUFVi4s_iRti9KBC_lMxe4.roa
Signing time: Fri 11 Oct 2024 22:57:12 +0000
ROA not before: Fri 11 Oct 2024 22:57:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:cc:e2:ad:9d:ab:fb:c2:42:ee:f3:f6:8e:28:51:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 11 22:57:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c057d92d505562e2cfe246d8bd2810bf94cc5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7f:0c:76:90:c3:1a:81:b5:49:32:82:2e:7c:
0f:85:3f:cc:ae:d3:ce:9a:2c:60:70:12:07:6c:aa:
35:c3:42:54:d1:e1:82:05:1b:88:67:3c:ce:63:7b:
66:fe:93:57:3b:1b:28:1e:d6:17:8f:db:74:e0:61:
c0:fe:25:3e:a9:58:b3:17:0d:d3:3d:53:80:29:9c:
2f:c7:cc:70:15:95:67:07:a7:63:d1:b8:fb:0b:3a:
8c:47:fd:04:d7:65:c1:d9:a5:e5:44:de:32:76:7b:
a9:28:47:95:e4:99:69:e6:aa:82:45:84:96:e6:ab:
34:11:4a:01:83:e7:06:eb:16:f8:06:91:46:ca:ac:
f9:0c:63:47:74:64:3b:e9:eb:89:43:42:02:9e:f4:
ed:b2:66:f9:1c:73:08:3d:c4:22:8f:6c:7d:d1:4f:
21:fe:0e:27:59:21:30:c8:78:c9:5e:91:a2:fc:f1:
e5:b9:74:ac:fb:3e:6e:74:2a:40:37:bf:24:f5:89:
a0:81:34:5b:21:e1:28:59:7e:a8:5d:52:b5:96:f8:
81:bb:37:e2:02:c8:9e:e7:00:8b:15:b4:6e:a6:b7:
9b:90:3d:a0:49:9f:05:a3:ee:47:5d:ac:7b:ff:b6:
35:30:4c:f6:08:e8:a6:45:95:04:90:6f:3a:78:d6:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:7D:92:D5:05:56:2E:2C:FE:24:6D:8B:D2:81:0B:F9:4C:C5:EE
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/XAV9ktUFVi4s_iRti9KBC_lMxe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::/32
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
40:58:e9:df:fc:52:ce:9e:28:6d:b7:18:a4:70:b4:82:85:a4:
78:6b:22:c2:e0:a8:20:bf:83:6b:49:a2:ed:fe:d6:70:04:28:
c5:c9:b7:7a:ed:58:43:83:a0:40:6b:4d:68:96:04:5d:f6:cc:
36:64:ec:a3:71:15:28:a3:e5:35:86:55:0c:d0:99:e6:07:de:
e4:75:6b:0e:55:91:2a:61:80:33:5e:d9:aa:60:b8:39:62:6c:
98:e1:c3:e8:6f:a0:f2:d6:e4:7c:ea:46:ab:f4:ae:a9:c3:fe:
39:02:25:d0:6f:e9:b2:44:1e:4a:42:02:aa:b3:9b:d3:d7:ee:
05:48:07:cd:42:ed:44:33:86:ea:20:ac:6a:22:11:3c:fb:82:
d4:d5:f6:11:af:97:53:23:2b:58:5a:77:92:83:52:32:a7:90:
7d:b7:bf:cc:d5:86:f0:c8:37:4c:37:3f:4f:63:11:93:02:a6:
25:3f:a0:6b:df:e2:d8:e3:43:f9:34:61:71:46:d7:16:84:03:
4d:80:89:04:68:5b:f7:b0:3b:52:eb:27:26:a2:5e:39:c1:3d:
1d:31:69:97:5a:f1:13:58:8e:48:5c:b3:39:54:9e:56:32:6a:
ff:82:eb:fa:be:84:e6:f3:3b:b2:ef:02:fa:d3:bb:44:c7:ef:
90:64:f8:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9zOKtnav7wkLu8/aOKFEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQxMDExMjI1NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1N2Q5MmQ1MDU1NjJlMmNmZTI0NmQ4YmQyODEwYmY5NGNjNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH8MdpDDGoG1STKCLnwPhT/MrtPO
mixgcBIHbKo1w0JU0eGCBRuIZzzOY3tm/pNXOxsoHtYXj9t04GHA/iU+qVizFw3T
PVOAKZwvx8xwFZVnB6dj0bj7CzqMR/0E12XB2aXlRN4ydnupKEeV5Jlp5qqCRYSW
5qs0EUoBg+cG6xb4BpFGyqz5DGNHdGQ76euJQ0ICnvTtsmb5HHMIPcQij2x90U8h
/g4nWSEwyHjJXpGi/PHluXSs+z5udCpAN78k9YmggTRbIeEoWX6oXVK1lviBuzfi
Asie5wCLFbRuprebkD2gSZ8Fo+5HXax7/7Y1MEz2COimRZUEkG86eNZgYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFwFfZLVBVYuLP4kbYvSgQv5TMXuMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvWEFWOWt0VUZWaTRzX2lSdGk5S0JDX2xNeGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg25wQMF
ACoNucUwDQYJKoZIhvcNAQELBQADggEBAEBY6d/8Us6eKG23GKRwtIKFpHhrIsLg
qCC/g2tJou3+1nAEKMXJt3rtWEODoEBrTWiWBF32zDZk7KNxFSij5TWGVQzQmeYH
3uR1aw5VkSphgDNe2apguDlibJjhw+hvoPLW5HzqRqv0rqnD/jkCJdBv6bJEHkpC
Aqqzm9PX7gVIB81C7UQzhuogrGoiETz7gtTV9hGvl1MjK1had5KDUjKnkH23v8zV
hvDIN0w3P09jEZMCpiU/oGvf4tjjQ/k0YXFG1xaEA02AiQRoW/ewO1LrJyaiXjnB
PR0xaZda8RNYjkhcszlUnlYyav+C6/q+hObzO7LvAvrTu0TH75Bk+FI=
-----END CERTIFICATE-----
Generated at Wed Nov 13 13:01:07 2024 by rpki-client on console-fra.rpki-client.org