Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/lD0AGIAH9bFjG3toSXXPQ7P5w04.roa
File: lD0AGIAH9bFjG3toSXXPQ7P5w04.roa (raw, json)
Hash identifier: pxg0IMZdUqx0oLTJaCl7Z9evSm5PIEEs6UWnQRfaGuk=
Subject key identifier: 94:3D:00:18:80:07:F5:B1:63:1B:7B:68:49:75:CF:43:B3:F9:C3:4E
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 019296CA473D245C9D4BA5530EDA4EC24DF8
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/lD0AGIAH9bFjG3toSXXPQ7P5w04.roa
Signing time: Wed 16 Oct 2024 19:24:51 +0000
ROA not before: Wed 16 Oct 2024 19:24:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2486:333::/48 maxlen: 48
2a07:2486:4010::/44 maxlen: 44
2a07:2486:4010::/48 maxlen: 48
2a07:2486:401f::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:ca:47:3d:24:5c:9d:4b:a5:53:0e:da:4e:c2:4d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 16 19:24:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=943d00188007f5b1631b7b684975cf43b3f9c34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:62:1d:4e:a7:15:90:93:8a:0d:a8:61:6b:43:
61:6e:6d:98:50:81:81:99:88:f7:7d:20:8c:50:02:
fc:c7:89:98:2f:a2:59:f6:8c:c6:05:3a:6b:cd:3f:
6f:1b:50:18:d8:53:59:19:4e:cf:62:21:82:ff:bf:
fe:0e:cd:8d:cc:a6:9f:f3:d4:20:f6:8e:34:01:7e:
6f:1d:9e:63:bd:47:4c:2d:f4:a2:e6:c1:25:9f:6b:
c1:b6:23:45:a3:a4:e3:e4:2d:59:a8:c7:53:22:b4:
20:64:7f:45:48:9f:ec:4e:ad:27:1d:a3:56:7f:cd:
10:d9:76:37:47:81:fd:33:c0:73:f7:65:ea:81:de:
23:a3:e1:67:98:26:53:61:f6:22:0d:31:2c:b2:fb:
7d:0d:35:67:8b:ae:ea:ef:83:38:0c:84:ab:70:af:
be:33:0c:00:7a:5f:7f:44:5c:af:24:c3:ec:0f:57:
d4:d9:a2:41:e2:2e:01:49:2d:0f:e2:04:57:20:b9:
ad:c4:8f:f6:5a:a3:0d:86:08:1f:bd:97:c8:0a:07:
10:b6:0a:5c:9f:aa:b4:16:2e:71:be:d1:19:66:b2:
39:bf:d5:19:62:d8:28:58:69:24:85:c8:9f:ef:44:
10:f1:ef:20:9e:92:79:60:27:20:f9:a3:e7:87:f1:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3D:00:18:80:07:F5:B1:63:1B:7B:68:49:75:CF:43:B3:F9:C3:4E
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/lD0AGIAH9bFjG3toSXXPQ7P5w04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2486:333::/48
2a07:2486:4010::/44
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
26:24:07:67:fb:a9:10:02:5b:9f:f2:95:a2:77:3e:63:39:b5:
73:65:45:8d:c0:bc:f4:16:35:5c:e5:8e:81:0f:39:42:9a:43:
a5:20:f0:fa:4f:f7:23:3f:72:1a:2e:8e:64:8b:1b:a4:02:3a:
5f:55:36:70:25:41:ae:ed:bc:e8:68:5f:9b:65:fa:43:90:67:
f1:b6:d3:f7:6e:bb:08:8e:db:22:0f:4d:93:66:2f:a1:83:c8:
60:75:bb:a7:37:d9:9f:db:05:93:35:7f:b0:0c:33:69:24:d5:
7d:07:a2:79:cf:1b:c7:40:f4:06:cd:53:e5:75:a4:39:a3:f3:
47:f1:ee:9e:60:78:20:76:20:a2:39:4b:21:40:4c:21:27:2b:
a8:41:6d:fe:06:a7:5c:29:3b:34:68:5c:eb:de:76:b6:37:91:
71:2f:4c:2c:b4:6b:01:62:97:a7:73:be:c3:29:af:b3:e9:e4:
1d:cd:a7:d3:4a:37:70:bd:1f:7a:c5:fc:7e:63:c3:82:e6:29:
b3:e6:8a:3b:72:9e:be:4e:ab:d3:31:05:2e:ce:02:e3:6b:dd:
08:7b:9e:e6:42:a8:c3:45:31:ed:d0:02:b5:7c:45:7c:f4:87:
19:c8:45:f9:0d:c0:da:48:58:1c:30:d7:5f:8a:c2:5d:fa:83:
18:b9:18:57
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZKWykc9JFydS6VTDtpOwk34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDE2MTkyNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNkMDAxODgwMDdmNWIxNjMxYjdiNjg0OTc1Y2Y0M2IzZjljMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWIdTqcVkJOKDahha0Nhbm2YUIGB
mYj3fSCMUAL8x4mYL6JZ9ozGBTprzT9vG1AY2FNZGU7PYiGC/7/+Ds2NzKaf89Qg
9o40AX5vHZ5jvUdMLfSi5sEln2vBtiNFo6Tj5C1ZqMdTIrQgZH9FSJ/sTq0nHaNW
f80Q2XY3R4H9M8Bz92Xqgd4jo+FnmCZTYfYiDTEssvt9DTVni67q74M4DISrcK++
MwwAel9/RFyvJMPsD1fU2aJB4i4BSS0P4gRXILmtxI/2WqMNhggfvZfICgcQtgpc
n6q0Fi5xvtEZZrI5v9UZYtgoWGkkhcif70QQ8e8gnpJ5YCcg+aPnh/E2WQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJQ9ABiAB/WxYxt7aEl1z0Oz+cNOMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvbEQwQUdJQUg5YkZqRzN0b1NYWFBRN1A1dzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcBKgckhgAA
AwcAKgckhgMzAwcEKgckhkAQAwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAJiQH
Z/upEAJbn/KVonc+Yzm1c2VFjcC89BY1XOWOgQ85QppDpSDw+k/3Iz9yGi6OZIsb
pAI6X1U2cCVBru286Ghfm2X6Q5Bn8bbT9267CI7bIg9Nk2YvoYPIYHW7pzfZn9sF
kzV/sAwzaSTVfQeiec8bx0D0Bs1T5XWkOaPzR/HunmB4IHYgojlLIUBMIScrqEFt
/ganXCk7NGhc6952tjeRcS9MLLRrAWKXp3O+wymvs+nkHc2n00o3cL0fesX8fmPD
guYps+aKO3Kevk6r0zEFLs4C42vdCHue5kKow0Ux7dACtXxFfPSHGchF+Q3A2khY
HDDXX4rCXfqDGLkYVw==
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:02:56 2024 by rpki-client on console-ams.rpki-client.org