Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/pagqcjCQpq7Lz4brRvg_LDoVkQ0.roa
File: pagqcjCQpq7Lz4brRvg_LDoVkQ0.roa (raw, json)
Hash identifier: SP++COwS+geERy/hBmBPAqcvOJkU4SKcBIebYec+riU=
Subject key identifier: A5:A8:2A:72:30:90:A6:AE:CB:CF:86:EB:46:F8:3F:2C:3A:15:91:0D
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018F061F0BB4A649E869BDF3BF93CA350C09
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/pagqcjCQpq7Lz4brRvg_LDoVkQ0.roa
Signing time: Mon 22 Apr 2024 14:04:08 +0000
ROA not before: Mon 22 Apr 2024 14:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0d:b9c1::/32 maxlen: 32
2a0d:b9c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:36:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:1f:0b:b4:a6:49:e8:69:bd:f3:bf:93:ca:35:0c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Apr 22 14:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a82a723090a6aecbcf86eb46f83f2c3a15910d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:be:99:fa:a3:64:a2:c2:f9:2f:ed:02:bc:79:
36:10:fa:53:58:6f:f3:fa:96:3d:45:1f:fc:a6:5e:
0f:3b:0b:9d:3c:bb:c9:b8:49:9d:37:a1:59:39:ec:
b0:4b:39:27:22:ab:44:ea:3b:bc:ae:9e:33:b4:02:
2e:96:cc:ca:96:67:20:4d:cd:90:94:9b:f1:66:9e:
57:f1:71:21:8e:60:f3:b7:87:c6:5b:1e:40:2e:8c:
e8:c9:56:f8:ad:a5:97:7b:76:ec:d4:6a:eb:2f:8d:
5e:7f:02:28:c2:77:20:cd:a0:5b:20:0e:c9:23:7e:
54:b2:66:3d:f6:25:52:f7:00:51:63:6d:e3:fc:37:
58:5e:98:0a:7e:76:ea:7a:48:d9:e0:e7:79:47:0f:
07:63:ed:4c:74:12:c0:d5:04:b6:9a:bc:5c:90:d3:
de:60:e0:7c:e1:6d:b8:d7:aa:9a:86:86:61:ea:e2:
32:18:bd:55:a0:8e:6d:84:a0:c1:0c:b1:09:aa:2b:
d4:d7:b8:22:92:10:57:9f:b4:60:9b:ae:c9:04:9c:
f0:b2:3a:eb:48:b8:ae:2a:20:ce:4b:84:ef:ff:2e:
16:a3:b4:92:4f:2d:5f:c1:32:4a:2b:e5:c5:1e:e3:
b7:8d:a9:09:e5:e8:23:68:53:2a:fd:cf:19:3c:8c:
71:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A8:2A:72:30:90:A6:AE:CB:CF:86:EB:46:F8:3F:2C:3A:15:91:0D
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/pagqcjCQpq7Lz4brRvg_LDoVkQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b9c1::/32
2a0d:b9c5::/32
Signature Algorithm: sha256WithRSAEncryption
80:55:44:b0:e5:c7:73:e4:20:0f:76:57:c9:e9:7e:26:76:cd:
ae:6b:47:31:b9:dd:72:fa:d3:1f:26:89:0d:55:2b:16:d2:37:
10:dc:66:11:90:7c:69:d8:3a:b1:e3:f7:20:30:75:6f:89:98:
52:d4:67:d9:97:e8:b8:42:4e:c2:7c:5b:b9:28:d3:6e:17:80:
b6:7b:ba:43:6a:02:47:53:97:5c:20:51:d4:ac:28:84:58:e3:
00:cd:1b:f0:4f:68:ae:90:15:04:34:5f:eb:00:d3:9c:d5:58:
29:45:42:7a:b9:5c:75:07:07:64:61:20:e4:b8:a2:1f:47:12:
7e:c5:c6:42:ac:21:b2:99:64:eb:59:e4:31:13:fb:45:ba:f8:
5f:eb:f0:10:a6:2c:de:bf:61:ca:d3:4d:65:12:02:98:1d:42:
a0:20:36:90:e4:8b:4c:9a:2e:9a:13:d7:d7:0f:9d:79:11:91:
47:ed:72:6e:aa:ac:7d:2e:fe:74:cd:4a:13:2a:05:b8:b3:0f:
b7:91:aa:67:dc:b5:2f:67:6c:11:90:03:88:75:bc:d9:39:54:
13:11:24:af:73:a0:5a:ab:d4:86:f3:fd:ab:ad:d5:5d:b5:9e:
04:3d:6c:1f:d6:2f:5e:9e:87:9e:ac:f5:0b:a0:d3:25:62:14:
f4:58:82:88
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8GHwu0pknoab3zv5PKNQwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjQwNDIyMTQwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE4MmE3MjMwOTBhNmFlY2JjZjg2ZWI0NmY4M2YyYzNhMTU5MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi76Z+qNkosL5L+0CvHk2EPpTWG/z
+pY9RR/8pl4POwudPLvJuEmdN6FZOeywSzknIqtE6ju8rp4ztAIulszKlmcgTc2Q
lJvxZp5X8XEhjmDzt4fGWx5ALozoyVb4raWXe3bs1GrrL41efwIowncgzaBbIA7J
I35UsmY99iVS9wBRY23j/DdYXpgKfnbqekjZ4Od5Rw8HY+1MdBLA1QS2mrxckNPe
YOB84W2416qahoZh6uIyGL1VoI5thKDBDLEJqivU17gikhBXn7Rgm67JBJzwsjrr
SLiuKiDOS4Tv/y4Wo7SSTy1fwTJKK+XFHuO3jakJ5egjaFMq/c8ZPIxx+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKWoKnIwkKauy8+G60b4Pyw6FZENMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvcGFncWNqQ1FwcTdMejRiclJ2Z19MRG9Wa1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg25wQMF
ACoNucUwDQYJKoZIhvcNAQELBQADggEBAIBVRLDlx3PkIA92V8npfiZ2za5rRzG5
3XL60x8miQ1VKxbSNxDcZhGQfGnYOrHj9yAwdW+JmFLUZ9mX6LhCTsJ8W7ko024X
gLZ7ukNqAkdTl1wgUdSsKIRY4wDNG/BPaK6QFQQ0X+sA05zVWClFQnq5XHUHB2Rh
IOS4oh9HEn7FxkKsIbKZZOtZ5DET+0W6+F/r8BCmLN6/YcrTTWUSApgdQqAgNpDk
i0yaLpoT19cPnXkRkUftcm6qrH0u/nTNShMqBbizD7eRqmfctS9nbBGQA4h1vNk5
VBMRJK9zoFqr1Ibz/aut1V21ngQ9bB/WL16eh56s9Qug0yViFPRYgog=
-----END CERTIFICATE-----
Generated at Fri Oct 11 22:31:17 2024 by rpki-client on console-fra.rpki-client.org