Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/N2iHTkEPMSRRtH1d_PNC7tq_KRY.roa
File: N2iHTkEPMSRRtH1d_PNC7tq_KRY.roa (raw, json)
Hash identifier: 3EYoB/R0l/stWH8OiYOdIctHHzpRgttiK3w+deYn9/4=
Subject key identifier: 37:68:87:4E:41:0F:31:24:51:B4:7D:5D:FC:F3:42:EE:DA:BF:29:16
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 01925E1A3757E1FE9FC3588D539837B06029
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/N2iHTkEPMSRRtH1d_PNC7tq_KRY.roa
Signing time: Sat 05 Oct 2024 19:13:49 +0000
ROA not before: Sat 05 Oct 2024 19:13:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2486:4010::/44 maxlen: 44
2a07:2486:4010::/48 maxlen: 48
2a07:2486:401f::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 19:24:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:1a:37:57:e1:fe:9f:c3:58:8d:53:98:37:b0:60:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 5 19:13:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3768874e410f312451b47d5dfcf342eedabf2916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8f:7c:42:46:e3:10:d3:b4:3d:6e:92:d4:e0:
60:e6:90:9f:5b:8c:ff:08:00:5e:a1:dd:a9:10:bd:
d2:ac:85:6f:bd:c5:ea:18:ca:60:94:79:97:3f:b5:
fb:40:4b:db:fd:cd:be:24:a4:ae:c6:be:5f:58:67:
cf:6b:17:bc:c9:d7:4e:ac:4a:1a:f9:d3:ee:33:d3:
bd:92:3f:2a:3d:51:c4:56:e3:6b:ef:6e:c3:2b:da:
ea:28:ca:c3:0d:5a:e3:2a:82:88:2b:b1:f5:cb:44:
1d:84:4e:b0:b7:b0:e3:76:67:2e:85:89:2b:d2:f2:
89:31:56:38:e2:11:73:e0:4c:0a:62:56:bd:ef:28:
e5:94:56:c1:48:bb:df:d4:07:00:ac:17:48:fe:6f:
e6:82:7d:dc:16:b6:3a:ff:be:51:4b:a1:f4:5e:2a:
a0:3a:4b:5a:f0:4b:e2:b8:9a:7b:bc:8b:35:5d:1f:
52:91:7b:82:78:bf:e0:e6:91:34:9e:05:79:3b:ec:
32:c0:50:2a:82:8c:93:b1:b6:d8:a8:d5:f5:24:03:
25:4e:b3:ac:07:1e:67:f2:f4:28:d1:3b:21:94:67:
d5:a4:40:d8:16:69:37:f1:f8:1c:98:9f:ea:55:82:
31:9d:c9:0a:9a:9f:81:59:a8:c5:b6:e9:98:0d:81:
5a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:68:87:4E:41:0F:31:24:51:B4:7D:5D:FC:F3:42:EE:DA:BF:29:16
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/N2iHTkEPMSRRtH1d_PNC7tq_KRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2486:4010::/44
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
5b:cd:19:04:9a:fe:32:b4:5d:5f:22:54:80:8f:c9:1a:04:75:
53:50:3b:19:48:e6:f9:ad:12:00:b3:71:23:d7:0c:4c:d4:13:
a6:4d:bf:74:b7:60:63:eb:d7:09:c1:a0:9e:27:28:be:9f:f0:
7f:f5:a3:e3:41:61:d6:9a:28:4b:6e:d6:6c:dd:b4:9f:9b:ef:
d8:7c:4f:a8:49:26:21:1a:76:64:17:38:4f:c4:2c:f7:87:fd:
23:e0:78:d1:45:f8:dc:1e:6b:e9:e0:76:74:58:42:be:5b:d0:
cf:82:96:4e:53:78:13:a3:85:5a:98:d7:e1:b2:72:81:e6:2d:
76:f4:d6:3c:81:25:4c:8b:d7:c5:a1:fb:f5:2e:09:13:1f:38:
37:fb:66:c0:14:13:03:e7:a4:53:a6:c4:a3:e0:54:0b:02:f7:
4d:13:0d:79:38:77:a3:d1:e3:5c:94:bb:c3:50:4e:54:4b:63:
34:5e:87:9a:14:c5:fb:ee:78:23:54:03:7c:bf:2c:8f:be:f6:
40:4e:0e:c1:cb:e1:2a:9f:a2:e5:d5:9b:d0:04:32:d7:14:a2:
98:b8:7c:a0:73:2c:5c:c1:14:29:46:65:84:95:d6:59:8f:a2:
2a:c0:ca:3d:b1:8c:0e:ea:8e:98:8b:b4:93:8e:15:9b:06:6e:
22:e4:9e:69
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZJeGjdX4f6fw1iNU5g3sGApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDA1MTkxMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY4ODc0ZTQxMGYzMTI0NTFiNDdkNWRmY2YzNDJlZWRhYmYyOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko98QkbjENO0PW6S1OBg5pCfW4z/
CABeod2pEL3SrIVvvcXqGMpglHmXP7X7QEvb/c2+JKSuxr5fWGfPaxe8yddOrEoa
+dPuM9O9kj8qPVHEVuNr727DK9rqKMrDDVrjKoKIK7H1y0QdhE6wt7DjdmcuhYkr
0vKJMVY44hFz4EwKYla97yjllFbBSLvf1AcArBdI/m/mgn3cFrY6/75RS6H0Xiqg
Okta8EviuJp7vIs1XR9SkXuCeL/g5pE0ngV5O+wywFAqgoyTsbbYqNX1JAMlTrOs
Bx5n8vQo0TshlGfVpEDYFmk38fgcmJ/qVYIxnckKmp+BWajFtumYDYFaCwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFDdoh05BDzEkUbR9XfzzQu7avykWMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvTjJpSFRrRVBNU1JSdEgxZF9QTkM3dHFfS1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcBKgckhgAA
AwcEKgckhkAQAwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAW80ZBJr+MrRdXyJU
gI/JGgR1U1A7GUjm+a0SALNxI9cMTNQTpk2/dLdgY+vXCcGgnicovp/wf/Wj40Fh
1pooS27WbN20n5vv2HxPqEkmIRp2ZBc4T8Qs94f9I+B40UX43B5r6eB2dFhCvlvQ
z4KWTlN4E6OFWpjX4bJygeYtdvTWPIElTIvXxaH79S4JEx84N/tmwBQTA+ekU6bE
o+BUCwL3TRMNeTh3o9HjXJS7w1BOVEtjNF6HmhTF++54I1QDfL8sj772QE4Owcvh
Kp+i5dWb0AQy1xSimLh8oHMsXMEUKUZlhJXWWY+iKsDKPbGMDuqOmIu0k44VmwZu
IuSeaQ==
-----END CERTIFICATE-----
Generated at Wed Oct 16 21:03:38 2024 by rpki-client on console-fra.rpki-client.org