Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ry1NyPtNXRRq-c1ylh9RXpPei88.roa
File: ry1NyPtNXRRq-c1ylh9RXpPei88.roa (raw, json)
Hash identifier: A20dT11HYvSBqRF6gYsu5a69JqY/WMpnXbvipOu+egM=
Subject key identifier: AF:2D:4D:C8:FB:4D:5D:14:6A:F9:CD:72:96:1F:51:5E:93:DE:8B:CF
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0192958285004254D62812B09A708646A190
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ry1NyPtNXRRq-c1ylh9RXpPei88.roa
Signing time: Wed 16 Oct 2024 13:26:51 +0000
ROA not before: Wed 16 Oct 2024 13:26:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198923
IP address blocks: 2a07:2486:ef0::/44 maxlen: 44
2a07:2486:ef2::/48 maxlen: 48
2a07:2486:ef3::/48 maxlen: 48
2a07:2486:ef4::/48 maxlen: 48
2a07:2486:fd0::/44 maxlen: 44
2a07:2486:fda::/47 maxlen: 47
Validation: Failed, certificate revoked on Wed 23 Oct 2024 11:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:82:85:00:42:54:d6:28:12:b0:9a:70:86:46:a1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 16 13:26:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af2d4dc8fb4d5d146af9cd72961f515e93de8bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5a:e8:34:af:0f:d7:e2:eb:8e:af:ca:f2:79:
1b:4f:1e:82:3e:da:74:1a:a5:5a:ab:a8:79:57:e1:
eb:97:15:da:a6:9d:d9:66:63:54:40:c7:9b:89:8d:
38:d3:c7:0c:8e:74:ec:46:63:a3:a6:fb:8c:86:18:
60:73:0d:e5:52:61:44:bc:20:3f:86:0e:dd:7a:e9:
c8:05:c4:a2:9f:55:9b:39:3e:9a:7b:45:5a:1e:b5:
83:48:21:95:78:9f:48:57:fb:20:01:62:3a:ea:0e:
a7:38:1a:d1:83:1a:88:fe:ef:be:bb:f1:e4:c1:91:
15:38:20:85:56:30:7f:5f:63:d3:32:35:3a:29:d0:
30:67:24:9f:29:1d:eb:da:19:d3:3b:72:fb:e7:18:
4c:45:6a:21:64:d8:93:b8:36:fa:49:1e:eb:25:76:
5b:e7:2e:b4:92:b6:08:d6:00:ea:92:9d:0c:17:ce:
b0:88:ea:de:7d:84:9f:a6:f9:12:8f:c3:eb:d4:92:
bc:f6:6f:47:7d:66:cb:72:69:85:ef:40:81:a7:74:
d5:bc:96:f0:e8:7e:1b:5b:88:d2:2c:5d:5c:f0:fd:
f8:a4:0f:df:25:b3:1d:c4:05:25:5d:fc:ba:0b:41:
61:fe:ed:9c:fb:47:2a:e5:f6:ca:09:d0:5f:22:3e:
79:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2D:4D:C8:FB:4D:5D:14:6A:F9:CD:72:96:1F:51:5E:93:DE:8B:CF
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ry1NyPtNXRRq-c1ylh9RXpPei88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:ef0::/44
2a07:2486:fd0::/44
Signature Algorithm: sha256WithRSAEncryption
bd:f4:72:09:47:91:8b:ad:e0:40:af:75:a2:59:b2:f2:c4:4e:
62:16:e7:97:9b:f7:e7:5d:93:1b:05:fe:c9:45:06:0e:c8:05:
19:d2:1c:0d:22:1c:fc:3b:2a:59:d6:ea:23:7d:1f:dd:88:cd:
77:ca:cb:b6:e2:eb:e8:37:dd:a4:5e:49:3d:f6:5c:c7:2a:c9:
60:24:b6:70:4e:a0:6e:27:d5:fe:98:32:75:42:41:41:c3:9e:
41:84:13:8d:76:92:d6:65:b3:5f:d6:da:18:59:73:e9:b1:93:
26:fd:a8:bd:d6:74:4e:38:60:b6:fc:85:a2:73:5b:42:8a:4b:
04:72:59:61:f4:f2:76:05:53:f5:d1:e8:b8:cc:85:74:f5:ab:
46:87:7c:58:cd:54:0d:ef:9b:de:28:bf:46:d3:5d:0d:26:89:
08:9f:8d:6e:fc:76:75:5c:c8:d1:a0:73:a1:65:92:58:eb:e2:
91:a3:3f:e8:a5:86:a9:31:85:56:90:52:b2:48:ce:74:51:b0:
0a:0c:05:21:a5:2f:2d:60:20:a0:96:98:43:e1:52:77:79:19:
d7:08:21:d7:aa:75:1b:08:4c:ca:8d:9d:cf:be:07:ba:17:c8:
b9:9e:0f:56:d6:ac:78:57:1f:ec:f9:60:fa:b1:2f:ee:a1:36:
89:20:14:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKVgoUAQlTWKBKwmnCGRqGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDE2MTMyNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJkNGRjOGZiNGQ1ZDE0NmFmOWNkNzI5NjFmNTE1ZTkzZGU4YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklroNK8P1+Lrjq/K8nkbTx6CPtp0
GqVaq6h5V+HrlxXapp3ZZmNUQMebiY0408cMjnTsRmOjpvuMhhhgcw3lUmFEvCA/
hg7deunIBcSin1WbOT6ae0VaHrWDSCGVeJ9IV/sgAWI66g6nOBrRgxqI/u++u/Hk
wZEVOCCFVjB/X2PTMjU6KdAwZySfKR3r2hnTO3L75xhMRWohZNiTuDb6SR7rJXZb
5y60krYI1gDqkp0MF86wiOrefYSfpvkSj8Pr1JK89m9HfWbLcmmF70CBp3TVvJbw
6H4bW4jSLF1c8P34pA/fJbMdxAUlXfy6C0Fh/u2c+0cq5fbKCdBfIj55CQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8tTcj7TV0UavnNcpYfUV6T3ovPMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvcnkxTnlQdE5YUlJxLWMxeWxoOVJYcFBlaTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgckhg7w
AwcEKgckhg/QMA0GCSqGSIb3DQEBCwUAA4IBAQC99HIJR5GLreBAr3WiWbLyxE5i
FueXm/fnXZMbBf7JRQYOyAUZ0hwNIhz8OypZ1uojfR/diM13ysu24uvoN92kXkk9
9lzHKslgJLZwTqBuJ9X+mDJ1QkFBw55BhBONdpLWZbNf1toYWXPpsZMm/ai91nRO
OGC2/IWic1tCiksEcllh9PJ2BVP10ei4zIV09atGh3xYzVQN75veKL9G010NJokI
n41u/HZ1XMjRoHOhZZJY6+KRoz/opYapMYVWkFKySM50UbAKDAUhpS8tYCCglphD
4VJ3eRnXCCHXqnUbCEzKjZ3Pvge6F8i5ng9W1qx4Vx/s+WD6sS/uoTaJIBSL
-----END CERTIFICATE-----
Generated at Wed Oct 23 16:02:56 2024 by rpki-client on console-ams.rpki-client.org