Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/aIbEYlyHMOk2fj0UN8FzMNIml5A.roa
File: aIbEYlyHMOk2fj0UN8FzMNIml5A.roa (raw, json)
Hash identifier: pmuCegHGo/Xp4Tc65DKou9WoqadmFCh7vWeOXgxSmCw=
Subject key identifier: 68:86:C4:62:5C:87:30:E9:36:7E:3D:14:37:C1:73:30:D2:26:97:90
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 019237B6F082E170D9460666ACE3E6248940
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/aIbEYlyHMOk2fj0UN8FzMNIml5A.roa
Signing time: Sat 28 Sep 2024 08:19:48 +0000
ROA not before: Sat 28 Sep 2024 08:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4bc7::/32 maxlen: 32
2a0e:8080::/32 maxlen: 32
2a0e:ccc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Oct 2024 14:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:37:b6:f0:82:e1:70:d9:46:06:66:ac:e3:e6:24:89:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Sep 28 08:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6886c4625c8730e9367e3d1437c17330d2269790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:26:50:ea:7f:21:23:b2:2c:94:69:de:30:93:
f1:3d:61:8e:cd:56:fc:a0:ea:5f:c0:83:0f:11:0f:
b2:03:a3:9c:8f:fb:ce:40:0f:6a:91:2a:12:2b:57:
99:54:8e:f6:56:97:de:03:f8:20:58:b4:f6:04:26:
3f:0a:b6:dc:aa:71:6e:30:c6:d8:a3:67:7e:6e:57:
c8:26:d2:c4:51:0e:37:01:6b:ca:69:3b:66:86:fa:
f9:84:dd:5d:25:bc:5d:66:41:cc:b2:05:37:26:8e:
14:f8:3a:b2:d6:39:32:25:4f:88:49:6f:76:6d:71:
9f:61:17:18:ee:9c:ec:eb:5d:b3:19:0e:7c:20:f1:
fe:f5:25:ec:a2:98:58:98:da:a7:1e:7a:f7:e1:d4:
fb:75:d0:6d:c4:88:01:ee:34:95:51:5e:4c:d8:11:
d0:3a:09:15:68:ac:02:d7:fb:f0:6a:f4:8b:8b:ca:
19:f5:b7:5f:8c:14:b9:3b:60:e9:a5:56:fb:38:9e:
9b:92:db:b3:f3:fe:0d:eb:06:ec:d2:35:a8:95:53:
e9:4a:16:61:b5:3b:53:03:37:bd:b1:7c:ec:cc:b7:
76:d8:fd:52:25:d9:60:b0:c8:fe:67:92:54:fe:c2:
4d:6a:3b:fb:57:90:b3:f5:c3:b5:6a:84:ec:3f:2a:
e6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:86:C4:62:5C:87:30:E9:36:7E:3D:14:37:C1:73:30:D2:26:97:90
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/aIbEYlyHMOk2fj0UN8FzMNIml5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4bc7::/32
2a0e:8080::/32
2a0e:ccc5::/32
Signature Algorithm: sha256WithRSAEncryption
04:0a:f7:90:f3:0e:e3:61:cd:0a:1c:d3:64:82:f4:4a:a6:db:
24:2b:a2:49:29:6c:84:cc:e1:d0:78:b2:b9:89:09:04:86:ea:
ad:b3:60:6b:95:26:e3:57:e5:0b:44:8d:a5:70:a2:04:ec:e0:
e6:85:28:f8:ec:2d:01:89:5f:ad:5f:2c:7b:91:6e:02:14:24:
c5:4a:32:7b:07:32:a2:70:69:61:de:16:4f:e7:51:f7:77:dd:
74:ba:6b:43:88:23:0d:db:a1:b4:d7:9f:e6:3a:53:5e:64:e6:
1b:bd:63:e3:a7:c3:cf:78:c5:8f:fa:73:b2:00:d2:4f:07:a4:
a2:13:bf:07:e1:99:1e:92:6f:db:b1:fa:7e:61:c4:e0:35:b0:
de:c1:03:de:c5:e0:8f:60:36:84:c9:ca:01:fd:7c:da:5c:bf:
3b:9f:e1:a4:6a:b4:cc:a3:91:20:0e:1c:da:82:39:5a:7d:04:
a3:51:4d:22:02:d8:dd:7f:27:9b:e8:48:b6:4c:7d:ad:32:24:
44:4b:7c:8e:32:dd:d6:4d:8f:9b:18:83:fd:ea:07:b1:0f:02:
89:0e:28:c6:ac:f4:2b:4c:5a:47:28:5a:5d:8e:c4:c3:67:29:
e7:87:b3:ab:1c:40:6a:8d:be:6a:93:18:3b:27:e5:2b:0e:a0:
53:93:be:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZI3tvCC4XDZRgZmrOPmJIlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwOTI4MDgxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg2YzQ2MjVjODczMGU5MzY3ZTNkMTQzN2MxNzMzMGQyMjY5NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yZQ6n8hI7IslGneMJPxPWGOzVb8
oOpfwIMPEQ+yA6Ocj/vOQA9qkSoSK1eZVI72VpfeA/ggWLT2BCY/CrbcqnFuMMbY
o2d+blfIJtLEUQ43AWvKaTtmhvr5hN1dJbxdZkHMsgU3Jo4U+Dqy1jkyJU+ISW92
bXGfYRcY7pzs612zGQ58IPH+9SXsophYmNqnHnr34dT7ddBtxIgB7jSVUV5M2BHQ
OgkVaKwC1/vwavSLi8oZ9bdfjBS5O2DppVb7OJ6bktuz8/4N6wbs0jWolVPpShZh
tTtTAze9sXzszLd22P1SJdlgsMj+Z5JU/sJNajv7V5Cz9cO1aoTsPyrmvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGiGxGJchzDpNn49FDfBczDSJpeQMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvYUliRVlseUhNT2syZmowVU44RnpNTkltbDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg5LxwMF
ACoOgIADBQAqDszFMA0GCSqGSIb3DQEBCwUAA4IBAQAECveQ8w7jYc0KHNNkgvRK
ptskK6JJKWyEzOHQeLK5iQkEhuqts2BrlSbjV+ULRI2lcKIE7ODmhSj47C0BiV+t
Xyx7kW4CFCTFSjJ7BzKicGlh3hZP51H3d910umtDiCMN26G015/mOlNeZOYbvWPj
p8PPeMWP+nOyANJPB6SiE78H4Zkekm/bsfp+YcTgNbDewQPexeCPYDaEycoB/Xza
XL87n+GkarTMo5EgDhzagjlafQSjUU0iAtjdfyeb6Ei2TH2tMiRES3yOMt3WTY+b
GIP96gexDwKJDijGrPQrTFpHKFpdjsTDZynnh7OrHEBqjb5qkxg7J+UrDqBTk76I
-----END CERTIFICATE-----
Generated at Mon Oct 7 19:10:56 2024 by rpki-client on console-ams.rpki-client.org