Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/3qK2I2TFimpq7r_fh66i5dwjR2E.roa
File: 3qK2I2TFimpq7r_fh66i5dwjR2E.roa (raw, json)
Hash identifier: LWJuRElRJBjKkSXsl85n9eF81Oqe/o42TcTZbF9WkwQ=
Subject key identifier: DE:A2:B6:23:64:C5:8A:6A:6A:EE:BF:DF:87:AE:A2:E5:DC:23:47:61
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01856FF9749FA5DC32A1DA56E7AFEB33D982
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/3qK2I2TFimpq7r_fh66i5dwjR2E.roa
Signing time: Mon 02 Jan 2023 00:54:57 +0000
ROA not before: Mon 02 Jan 2023 00:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210625
IP address blocks: 2a09:4e07:7000::/36 maxlen: 36
2a09:4e07:9000::/36 maxlen: 36
2a09:4e06::/32 maxlen: 32
2a0d:60c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:74:9f:a5:dc:32:a1:da:56:e7:af:eb:33:d9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 2 00:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea2b62364c58a6a6aeebfdf87aea2e5dc234761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:d6:d0:c8:fb:fb:17:bb:a1:c7:58:f2:6b:
8f:14:52:40:91:11:49:81:91:2c:09:df:3d:ab:d5:
38:b1:d7:93:6c:79:eb:89:1c:5f:ac:9a:5c:72:e9:
25:43:28:5b:bd:d2:bc:b9:7f:f2:18:f7:6e:7b:77:
a3:6c:81:fe:8f:31:b2:ea:1f:ac:a2:9f:3f:a1:6b:
ec:1f:7e:ab:a0:7d:0d:2e:18:24:3e:3d:f6:44:ca:
0f:4e:1e:e5:37:b9:ba:5d:ce:cc:e3:b3:7e:76:02:
85:41:de:5c:f1:57:95:e2:00:89:11:9a:34:56:0c:
67:79:f0:01:4e:5a:40:83:d4:a9:91:52:6b:e7:26:
c8:98:c8:85:87:32:11:5d:d3:42:2a:b8:3b:2c:61:
20:07:ab:ad:d1:17:b9:3c:00:bd:6c:0f:a3:6c:fb:
c1:6e:d0:63:8b:ba:c7:46:b1:8d:cb:35:56:bc:d7:
c1:db:f6:cc:1c:77:72:b4:0a:6c:2b:b1:e8:94:ee:
08:7d:09:34:e4:b5:ff:da:08:38:63:e7:e9:f8:47:
d9:dd:36:d1:b7:c3:d9:f2:ff:0a:41:74:21:0f:65:
ed:bc:34:3a:90:42:90:70:f9:e9:d0:69:94:01:3b:
1d:04:d6:fd:19:f1:73:fc:94:c4:b5:1f:53:da:e9:
8f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A2:B6:23:64:C5:8A:6A:6A:EE:BF:DF:87:AE:A2:E5:DC:23:47:61
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/3qK2I2TFimpq7r_fh66i5dwjR2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4e06::/32
2a09:4e07:7000::/36
2a09:4e07:9000::/36
2a0d:60c5::/32
Signature Algorithm: sha256WithRSAEncryption
11:e5:7e:4e:3b:45:f1:08:29:5d:08:cd:92:f2:85:52:17:c5:
da:d2:71:63:c8:8c:c4:aa:9c:3a:66:25:a5:1b:26:a5:0e:de:
eb:ad:0a:6c:46:ec:97:65:7e:d9:f9:33:9a:90:ab:4c:70:87:
bf:53:9f:fd:82:7e:0e:fa:8c:85:f9:58:f7:e2:b3:df:98:00:
ef:60:32:88:24:65:a0:ba:9e:be:53:28:39:3f:74:8e:a1:f6:
3c:76:b8:60:d7:00:33:64:69:e5:2b:cb:04:ae:f1:64:cf:00:
7a:fa:55:e1:25:d7:f9:64:9e:28:47:9e:60:f9:0e:c8:4d:0c:
b4:3f:f0:0a:25:b5:28:6a:09:04:2c:39:1d:e0:dc:1e:78:f0:
93:08:6a:96:6b:a3:01:e7:57:09:19:64:41:34:cc:28:28:12:
0d:73:03:b3:28:b0:52:ac:0b:05:32:8e:fe:a1:9d:96:4d:83:
fd:13:95:16:0b:7b:ae:eb:18:fc:6b:d2:85:db:b2:79:f5:d0:
4d:b9:6f:f0:b4:79:bd:e8:88:8f:9c:59:84:2a:12:c5:6d:ac:
2a:0c:ce:7b:bf:4c:ea:5a:97:eb:e6:82:4c:da:db:5e:6c:86:
f6:48:ec:52:7f:9b:42:8d:cc:3e:fd:34:58:bc:38:62:21:56:
b3:0c:54:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVv+XSfpdwyodpW56/rM9mCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTAyMDA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWEyYjYyMzY0YzU4YTZhNmFlZWJmZGY4N2FlYTJlNWRjMjM0NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwHW0Mj7+xe7ocdY8muPFFJAkRFJ
gZEsCd89q9U4sdeTbHnriRxfrJpccuklQyhbvdK8uX/yGPdue3ejbIH+jzGy6h+s
op8/oWvsH36roH0NLhgkPj32RMoPTh7lN7m6Xc7M47N+dgKFQd5c8VeV4gCJEZo0
VgxnefABTlpAg9SpkVJr5ybImMiFhzIRXdNCKrg7LGEgB6ut0Re5PAC9bA+jbPvB
btBji7rHRrGNyzVWvNfB2/bMHHdytApsK7HolO4IfQk05LX/2gg4Y+fp+EfZ3TbR
t8PZ8v8KQXQhD2XtvDQ6kEKQcPnp0GmUATsdBNb9GfFz/JTEtR9T2umPdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN6itiNkxYpqau6/34euouXcI0dhMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvM3FLMkkyVEZpbXBxN3JfZmg2Nmk1ZHdqUjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKglOBgMG
BCoJTgdwAwYEKglOB5ADBQAqDWDFMA0GCSqGSIb3DQEBCwUAA4IBAQAR5X5OO0Xx
CCldCM2S8oVSF8Xa0nFjyIzEqpw6ZiWlGyalDt7rrQpsRuyXZX7Z+TOakKtMcIe/
U5/9gn4O+oyF+Vj34rPfmADvYDKIJGWgup6+Uyg5P3SOofY8drhg1wAzZGnlK8sE
rvFkzwB6+lXhJdf5ZJ4oR55g+Q7ITQy0P/AKJbUoagkELDkd4NweePCTCGqWa6MB
51cJGWRBNMwoKBINcwOzKLBSrAsFMo7+oZ2WTYP9E5UWC3uu6xj8a9KF27J59dBN
uW/wtHm96IiPnFmEKhLFbawqDM57v0zqWpfr5oJM2ttebIb2SOxSf5tCjcw+/TRY
vDhiIVazDFQY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org