Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pd8NYfMgRg-0Lij3cmkeFvyyOaE.roa
File: Pd8NYfMgRg-0Lij3cmkeFvyyOaE.roa (raw, json)
Hash identifier: xD9NrYHidXLEJifrX/YGrstnJFQ3rL4lzOvPAxKCzr4=
Subject key identifier: 3D:DF:0D:61:F3:20:46:0F:B4:2E:28:F7:72:69:1E:16:FC:B2:39:A1
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019334171CB7BAF9F7065D39403D0633D07E
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pd8NYfMgRg-0Lij3cmkeFvyyOaE.roa
Signing time: Sat 16 Nov 2024 08:29:10 +0000
ROA not before: Sat 16 Nov 2024 08:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a09:3a80::/29 maxlen: 29
2a0e:f740::/29 maxlen: 29
2a12:3c0::/29 maxlen: 29
2a12:a880::/29 maxlen: 29
2a12:ed80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 17 Nov 2024 08:08:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:34:17:1c:b7:ba:f9:f7:06:5d:39:40:3d:06:33:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Nov 16 08:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ddf0d61f320460fb42e28f772691e16fcb239a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:79:42:36:f4:a9:ac:2b:c4:e8:a2:cf:cc:
91:97:bf:5b:1b:d2:49:94:bd:82:76:d2:89:df:a6:
6f:d6:cd:be:58:5e:ce:d0:e6:8e:32:b1:89:b5:36:
8c:0d:38:6e:78:02:82:65:a9:13:83:83:6a:ae:61:
85:00:b1:2c:2c:c6:cd:66:2b:df:03:2d:6f:a1:e2:
7d:70:a7:b9:ec:cc:cf:b7:4d:86:fa:eb:9b:e9:89:
01:73:41:e9:3c:05:fe:de:32:76:f2:60:c4:4f:15:
cf:ce:eb:4c:82:53:04:e1:9a:64:d8:56:5f:7c:f7:
53:85:1a:37:c7:88:ea:8b:0a:18:43:b8:a2:23:5c:
b6:58:8c:0a:89:dd:56:57:de:07:85:8b:29:38:79:
8e:33:5d:67:8e:ac:fe:21:29:c0:e7:d3:71:ad:23:
fc:33:0e:0f:30:50:a1:8c:e2:e3:c1:b5:7b:33:9e:
9d:67:1a:03:f1:7e:2b:fb:90:fb:af:a0:a8:f3:9f:
e7:09:c3:51:9e:ea:37:88:2d:cc:80:30:4b:37:95:
5c:a2:44:78:17:a6:8f:c6:20:29:1b:76:25:00:45:
9b:f2:2a:9e:a8:86:2c:70:46:34:97:a3:c9:d1:80:
4b:41:f5:13:ab:12:33:ee:d3:be:3f:7c:a3:ac:e9:
60:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DF:0D:61:F3:20:46:0F:B4:2E:28:F7:72:69:1E:16:FC:B2:39:A1
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pd8NYfMgRg-0Lij3cmkeFvyyOaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3a80::/29
2a0e:f740::/29
2a12:3c0::/29
2a12:a880::/29
2a12:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
65:dd:5a:14:fd:2c:ab:27:f0:24:a0:5c:de:67:11:2b:b6:a0:
53:00:f3:b7:72:43:2f:45:69:fe:f6:7f:46:3c:68:9c:c1:e3:
f2:81:8e:cb:c8:c3:db:53:3b:e4:43:0d:73:99:43:89:7e:4a:
d7:5b:55:ce:e1:ca:c6:47:ba:fc:8b:5f:5d:bd:dc:dd:2e:87:
92:aa:64:a5:06:8c:32:3c:fa:b9:52:7b:d9:22:00:b0:04:f0:
b8:c1:a0:97:10:3e:73:de:b7:e5:2f:a9:6d:99:78:35:e4:2a:
9f:75:59:de:02:11:50:39:b9:c0:5d:99:ba:4e:23:38:cf:87:
55:f6:68:ed:ad:58:26:ea:92:f4:be:07:93:a1:e9:f2:b7:32:
81:8c:65:a4:b1:d8:7f:13:2c:52:52:5d:ed:13:0d:f6:63:74:
33:79:64:5f:c9:72:c3:cf:90:ce:0f:87:aa:6b:aa:cd:8f:6f:
a2:8d:39:82:9f:3a:e3:c8:be:08:26:5e:5a:79:a1:16:8b:45:
dd:30:cb:89:e3:42:72:2d:59:da:15:3b:ba:ea:7e:e7:e1:a0:
d1:94:7c:2b:84:09:ac:57:9d:ba:5d:f7:76:04:8f:35:59:f7:
c1:6e:2e:f3:41:3b:a8:96:60:89:d7:79:46:54:40:7f:1a:b6:
95:c8:55:4a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZM0Fxy3uvn3Bl05QD0GM9B+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQxMTE2MDgyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGRmMGQ2MWYzMjA0NjBmYjQyZTI4Zjc3MjY5MWUxNmZjYjIzOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdd5Qjb0qawrxOiiz8yRl79bG9JJ
lL2CdtKJ36Zv1s2+WF7O0OaOMrGJtTaMDThueAKCZakTg4NqrmGFALEsLMbNZivf
Ay1voeJ9cKe57MzPt02G+uub6YkBc0HpPAX+3jJ28mDETxXPzutMglME4Zpk2FZf
fPdThRo3x4jqiwoYQ7iiI1y2WIwKid1WV94HhYspOHmOM11njqz+ISnA59NxrSP8
Mw4PMFChjOLjwbV7M56dZxoD8X4r+5D7r6Co85/nCcNRnuo3iC3MgDBLN5VcokR4
F6aPxiApG3YlAEWb8iqeqIYscEY0l6PJ0YBLQfUTqxIz7tO+P3yjrOlgOwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD3fDWHzIEYPtC4o93JpHhb8sjmhMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUGQ4TllmTWdSZy0wTGlqM2Nta2VGdnl5T2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgk6gAMF
AyoO90ADBQMqEgPAAwUDKhKogAMFAyoS7YAwDQYJKoZIhvcNAQELBQADggEBAGXd
WhT9LKsn8CSgXN5nESu2oFMA87dyQy9Faf72f0Y8aJzB4/KBjsvIw9tTO+RDDXOZ
Q4l+StdbVc7hysZHuvyLX1293N0uh5KqZKUGjDI8+rlSe9kiALAE8LjBoJcQPnPe
t+UvqW2ZeDXkKp91Wd4CEVA5ucBdmbpOIzjPh1X2aO2tWCbqkvS+B5Oh6fK3MoGM
ZaSx2H8TLFJSXe0TDfZjdDN5ZF/JcsPPkM4Ph6prqs2Pb6KNOYKfOuPIvggmXlp5
oRaLRd0wy4njQnItWdoVO7rqfufhoNGUfCuECaxXnbpd93YEjzVZ98FuLvNBO6iW
YInXeUZUQH8atpXIVUo=
-----END CERTIFICATE-----
Generated at Sun Nov 17 10:24:02 2024 by rpki-client on console-ams.rpki-client.org