Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/pJgASk5WRNecIg_0vL7NQRSmpWQ.roa
File: pJgASk5WRNecIg_0vL7NQRSmpWQ.roa (raw, json)
Hash identifier: LQq6ZlGp2cKIf7MzZJ06qBhnTl2SdHLLHq4qgs1UilM=
Subject key identifier: A4:98:00:4A:4E:56:44:D7:9C:22:0F:F4:BC:BE:CD:41:14:A6:A5:64
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 0192E3F9566C0823438F111DBD4F06D4AC67
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/pJgASk5WRNecIg_0vL7NQRSmpWQ.roa
Signing time: Thu 31 Oct 2024 19:07:01 +0000
ROA not before: Thu 31 Oct 2024 19:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:f583::/32 maxlen: 32
2a0a:f587::/32 maxlen: 32
2a0e:fb40::/32 maxlen: 32
2a0e:fb44::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Nov 2024 12:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:f9:56:6c:08:23:43:8f:11:1d:bd:4f:06:d4:ac:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Oct 31 19:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a498004a4e5644d79c220ff4bcbecd4114a6a564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:97:04:d2:48:9b:45:71:e1:c4:24:a6:90:fd:
a9:65:14:46:a3:33:10:98:8a:a5:99:98:0c:b3:b6:
85:d9:f2:27:43:a8:d2:3d:93:dd:1a:da:01:f2:31:
55:ab:5f:00:08:fc:b6:29:ea:6c:c3:a6:af:e4:5b:
b7:ea:e9:ed:2b:fd:df:3f:d3:32:18:3d:ed:57:46:
d9:df:34:2d:62:23:ee:e2:d9:f2:99:1e:b1:9d:ec:
41:bc:f9:6a:2f:79:50:38:f8:96:ce:d3:71:07:7a:
6a:14:3b:28:33:f7:48:01:c0:b8:16:04:5b:a8:22:
3f:0a:a1:75:3a:98:7e:d6:ed:dd:2e:12:a5:25:17:
70:f3:03:88:1e:b9:f9:65:b8:e0:06:6b:c1:53:5e:
71:89:68:fa:3d:ef:d8:b1:35:c3:7b:66:34:65:29:
dc:ed:73:27:83:3d:5d:76:d4:c9:79:37:0a:82:4f:
23:d3:56:01:48:9d:d0:9f:1e:cc:30:1a:57:59:95:
d6:0c:b6:fb:c6:9d:d5:a2:15:3c:4d:93:79:2e:33:
e4:31:a6:d3:87:f2:80:70:3a:e8:bd:95:cd:00:e3:
c8:d1:b5:d0:c1:ca:0e:aa:75:7e:39:f9:2b:e7:f0:
ea:91:be:55:a2:96:05:a2:25:2e:a2:74:69:a0:01:
d3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:98:00:4A:4E:56:44:D7:9C:22:0F:F4:BC:BE:CD:41:14:A6:A5:64
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/pJgASk5WRNecIg_0vL7NQRSmpWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:f583::/32
2a0a:f587::/32
2a0e:fb40::/32
2a0e:fb44::/32
Signature Algorithm: sha256WithRSAEncryption
97:7d:af:60:b6:a1:4e:b7:1b:b0:6b:cb:2d:1a:c2:79:8f:31:
a2:0d:3a:10:1c:84:0c:b6:0f:d8:db:8c:7e:9d:c7:a0:b3:59:
9b:e4:c0:d1:45:82:8e:50:04:49:0c:96:a0:49:62:38:cc:47:
a6:df:47:a6:9e:05:c1:45:44:41:37:56:32:20:99:2a:9b:d0:
f2:24:dc:f3:06:66:5d:4f:d7:16:41:bd:7a:6e:64:68:4b:48:
b8:b0:1f:32:59:eb:62:69:c7:90:e6:ca:ef:e9:5b:67:97:af:
3f:47:b1:b0:bd:f0:4c:59:f5:00:39:2f:09:2c:b0:7d:87:21:
5e:39:f5:85:93:a1:85:bd:b5:17:ca:95:55:3b:ff:06:88:34:
e8:1a:5a:8c:a1:bd:f4:2c:79:d3:71:7b:0e:75:fc:65:55:83:
58:ac:89:39:8e:32:2d:4e:f0:98:c5:44:59:89:eb:a8:f7:92:
b3:a2:70:64:21:77:78:58:2b:4c:45:aa:08:11:0d:62:89:58:
af:5a:ed:47:85:be:c3:ea:c6:97:3b:70:85:9e:03:c3:21:67:
6b:f5:a9:46:f0:74:13:73:74:f8:02:85:ee:56:20:19:e7:8e:
18:47:f6:12:c7:38:96:f8:ca:23:7a:a0:15:8e:9b:7e:2e:3d:
49:80:4b:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZLj+VZsCCNDjxEdvU8G1KxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQxMDMxMTkwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk4MDA0YTRlNTY0NGQ3OWMyMjBmZjRiY2JlY2Q0MTE0YTZhNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppcE0kibRXHhxCSmkP2pZRRGozMQ
mIqlmZgMs7aF2fInQ6jSPZPdGtoB8jFVq18ACPy2Kepsw6av5Fu36untK/3fP9My
GD3tV0bZ3zQtYiPu4tnymR6xnexBvPlqL3lQOPiWztNxB3pqFDsoM/dIAcC4FgRb
qCI/CqF1Oph+1u3dLhKlJRdw8wOIHrn5ZbjgBmvBU15xiWj6Pe/YsTXDe2Y0ZSnc
7XMngz1ddtTJeTcKgk8j01YBSJ3Qnx7MMBpXWZXWDLb7xp3VohU8TZN5LjPkMabT
h/KAcDrovZXNAOPI0bXQwcoOqnV+Ofkr5/Dqkb5VopYFoiUuonRpoAHTUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKSYAEpOVkTXnCIP9Ly+zUEUpqVkMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvcEpnQVNrNVdSTmVjSWdfMHZMN05RUlNtcFdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgr1gwMF
ACoK9YcDBQAqDvtAAwUAKg77RDANBgkqhkiG9w0BAQsFAAOCAQEAl32vYLahTrcb
sGvLLRrCeY8xog06EByEDLYP2NuMfp3HoLNZm+TA0UWCjlAESQyWoEliOMxHpt9H
pp4FwUVEQTdWMiCZKpvQ8iTc8wZmXU/XFkG9em5kaEtIuLAfMlnrYmnHkObK7+lb
Z5evP0exsL3wTFn1ADkvCSywfYchXjn1hZOhhb21F8qVVTv/Bog06BpajKG99Cx5
03F7DnX8ZVWDWKyJOY4yLU7wmMVEWYnrqPeSs6JwZCF3eFgrTEWqCBENYolYr1rt
R4W+w+rGlztwhZ4DwyFna/WpRvB0E3N0+AKF7lYgGeeOGEf2Esc4lvjKI3qgFY6b
fi49SYBLmw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:46:51 2024 by rpki-client on console-fra.rpki-client.org