Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/3iTLrd1miyhhjz7da8Dq8EnnxxA.roa
File: 3iTLrd1miyhhjz7da8Dq8EnnxxA.roa (raw, json)
Hash identifier: AGX3VbLEHCc7CrEjbwE1AeLTM0tICnEglG1c1o2qfOc=
Subject key identifier: DE:24:CB:AD:DD:66:8B:28:61:8F:3E:DD:6B:C0:EA:F0:49:E7:C7:10
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0191420C3FE6ED0B34B5E3AF0D1011F0C0D7
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/3iTLrd1miyhhjz7da8Dq8EnnxxA.roa
Signing time: Sun 11 Aug 2024 15:26:24 +0000
ROA not before: Sun 11 Aug 2024 15:26:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215569
IP address blocks: 2a07:2486:4010::/44 maxlen: 48
2a07:2486:401f::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Aug 2024 15:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:42:0c:3f:e6:ed:0b:34:b5:e3:af:0d:10:11:f0:c0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Aug 11 15:26:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de24cbaddd668b28618f3edd6bc0eaf049e7c710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:c6:3c:3e:d1:df:59:a9:7b:31:ce:00:fa:
f4:1f:24:10:0d:11:47:e1:01:ab:81:85:63:96:e6:
3d:36:2e:16:f3:58:d4:cd:a6:df:26:ee:0d:22:35:
9e:a7:4f:8f:39:4c:20:7c:2f:a7:fb:b2:ae:34:d2:
e0:af:55:95:a8:e9:83:7b:a8:10:9a:97:49:19:11:
2c:b6:be:75:a9:e7:bc:1f:fc:7c:a5:a2:53:87:36:
57:83:41:08:df:92:e3:fa:83:c3:a7:40:77:a5:4f:
6a:ee:61:e6:b7:1f:f9:a9:2f:39:c1:bb:b1:9f:50:
af:a5:48:03:3e:d6:19:59:4f:00:8c:06:41:6a:bf:
ed:91:cf:22:ed:f1:28:f3:ca:8d:32:9b:fa:ca:1d:
11:a4:39:81:f1:c6:73:fa:d8:72:a2:88:f0:22:ab:
2c:15:8d:00:9d:e1:90:24:d8:b5:78:50:e3:ee:4e:
3d:d3:ee:5a:24:00:bd:eb:d7:a8:62:53:f5:06:c0:
4b:9d:21:65:c7:19:05:6d:7e:79:6e:ef:c9:19:74:
5e:37:09:aa:53:82:47:52:e4:fe:58:7f:b8:2b:46:
ba:97:0b:98:e0:f1:64:70:d6:b3:ca:3e:a9:cb:53:
a3:b5:87:1c:f1:fb:3f:27:ad:e4:47:a6:b8:8b:9c:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:24:CB:AD:DD:66:8B:28:61:8F:3E:DD:6B:C0:EA:F0:49:E7:C7:10
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/3iTLrd1miyhhjz7da8Dq8EnnxxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:4010::/44
Signature Algorithm: sha256WithRSAEncryption
28:ca:2f:38:2e:ec:35:7c:05:85:05:33:bb:2a:e7:f8:5a:ad:
6d:d8:38:3c:33:b5:b7:0a:b2:dd:f7:d4:be:b0:66:ce:8d:1b:
72:7d:fb:b1:e4:80:a7:3a:7d:de:33:21:fc:a2:81:7f:ac:11:
78:b9:80:8f:34:2b:44:b7:b9:19:87:eb:37:83:34:2d:ca:00:
66:b3:31:39:1f:58:d9:2a:0b:79:17:1f:c7:2f:f0:e5:ab:de:
c4:69:4c:24:82:a7:5f:72:be:73:af:3d:d1:05:1e:2b:2d:d5:
ba:47:eb:27:9d:31:b6:69:78:6d:e3:17:a6:32:16:67:5b:a7:
81:5d:e2:f3:7a:50:bf:34:cc:f1:32:45:fd:59:dd:f1:d5:28:
98:bc:f2:5b:c6:19:82:09:80:26:da:59:9a:64:aa:ba:65:a2:
a4:55:cf:72:83:0a:dc:d7:d8:fd:7a:62:e6:66:9a:54:20:ed:
d9:b6:6b:32:a9:38:87:50:41:fc:47:44:5d:29:06:b9:ce:4d:
6f:6e:1f:c6:13:8e:d2:14:8b:d0:72:39:73:67:31:3f:3f:73:
50:f4:1b:70:2d:c2:dc:1f:e3:46:61:b6:c8:f7:6c:d5:cd:62:
28:ea:cb:39:75:88:24:07:f4:53:7e:44:50:d3:48:bc:15:75:
3b:b3:4c:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZFCDD/m7Qs0teOvDRAR8MDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwODExMTUyNjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI0Y2JhZGRkNjY4YjI4NjE4ZjNlZGQ2YmMwZWFmMDQ5ZTdjNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28zGPD7R31mpezHOAPr0HyQQDRFH
4QGrgYVjluY9Ni4W81jUzabfJu4NIjWep0+POUwgfC+n+7KuNNLgr1WVqOmDe6gQ
mpdJGREstr51qee8H/x8paJThzZXg0EI35Lj+oPDp0B3pU9q7mHmtx/5qS85wbux
n1CvpUgDPtYZWU8AjAZBar/tkc8i7fEo88qNMpv6yh0RpDmB8cZz+thyoojwIqss
FY0AneGQJNi1eFDj7k490+5aJAC969eoYlP1BsBLnSFlxxkFbX55bu/JGXReNwmq
U4JHUuT+WH+4K0a6lwuY4PFkcNazyj6py1OjtYcc8fs/J63kR6a4i5wRPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN4ky63dZosoYY8+3WvA6vBJ58cQMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvM2lUTHJkMW1peWhoano3ZGE4RHE4RW5ueHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgckhkAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoyi84Luw1fAWFBTO7Kuf4Wq1t2Dg8M7W3CrLd
99S+sGbOjRtyffux5ICnOn3eMyH8ooF/rBF4uYCPNCtEt7kZh+s3gzQtygBmszE5
H1jZKgt5Fx/HL/Dlq97EaUwkgqdfcr5zrz3RBR4rLdW6R+snnTG2aXht4xemMhZn
W6eBXeLzelC/NMzxMkX9Wd3x1SiYvPJbxhmCCYAm2lmaZKq6ZaKkVc9ygwrc19j9
emLmZppUIO3ZtmsyqTiHUEH8R0RdKQa5zk1vbh/GE47SFIvQcjlzZzE/P3NQ9Btw
LcLcH+NGYbbI92zVzWIo6ss5dYgkB/RTfkRQ00i8FXU7s0wl
-----END CERTIFICATE-----
Generated at Sun Aug 11 18:51:05 2024 by rpki-client on console-fra.rpki-client.org