Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9Bg68ua639cj9sPYOppqWwauyFY.roa
File: 9Bg68ua639cj9sPYOppqWwauyFY.roa (raw, json)
Hash identifier: z1SBZXU/xN3/jXqBXA4N4zuH6Deq3dwHBj8qG/m2xog=
Subject key identifier: F4:18:3A:F2:E6:BA:DF:D7:23:F6:C3:D8:3A:9A:6A:5B:06:AE:C8:56
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01856FF96EA66C61B3803128F8415ABA576E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9Bg68ua639cj9sPYOppqWwauyFY.roa
Signing time: Mon 02 Jan 2023 00:54:55 +0000
ROA not before: Mon 02 Jan 2023 00:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12608
IP address blocks: 2a06:d904::/30 maxlen: 30
2a04:c104::/30 maxlen: 30
2a0b:ab00::/30 maxlen: 30
2a09:3b00::/30 maxlen: 30
2a04:c100::/30 maxlen: 30
2a0f:cf80::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 27 Jun 2023 07:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:6e:a6:6c:61:b3:80:31:28:f8:41:5a:ba:57:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 2 00:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4183af2e6badfd723f6c3d83a9a6a5b06aec856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:bd:89:87:36:20:91:fa:4e:7d:3f:eb:e9:
3e:d6:28:24:aa:08:24:fc:a8:5f:93:83:8a:3d:29:
c8:2f:da:27:91:69:b4:c1:b4:0e:3f:4d:ba:9f:b4:
99:1e:fa:1c:3a:8f:db:9a:aa:06:62:2b:08:73:b4:
3e:1f:9d:2d:f7:12:f0:e8:5e:ae:ee:58:dc:8e:9b:
d4:db:f0:3f:e4:96:a2:f7:9e:1b:d1:35:a8:9b:c2:
9a:9d:81:99:34:3b:49:b5:38:0f:a1:f1:18:35:ff:
1d:32:8d:85:14:b4:d1:5f:b2:b3:75:ba:0f:62:66:
5b:7b:58:97:40:05:dc:50:9c:95:18:58:6c:da:10:
f3:85:dc:07:bd:22:06:18:cc:a1:07:65:9f:4e:ba:
97:b3:6a:26:8d:a4:18:09:35:7e:9f:b4:9e:fb:74:
f3:6d:80:55:22:54:ac:0d:cd:b9:12:93:97:07:aa:
0d:45:22:c8:d3:80:90:f7:0f:4b:d8:ec:d3:6e:85:
ca:47:d3:69:23:4b:dc:82:33:4c:37:a1:01:82:88:
c7:48:0b:5e:a9:58:ed:dc:10:48:9f:33:a6:dc:1d:
10:bc:31:38:69:a9:1c:31:4c:0d:a2:a1:80:7b:9f:
fc:00:ea:3a:47:95:4c:3f:45:13:f0:95:26:cf:8f:
c0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:18:3A:F2:E6:BA:DF:D7:23:F6:C3:D8:3A:9A:6A:5B:06:AE:C8:56
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9Bg68ua639cj9sPYOppqWwauyFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c100::/29
2a06:d904::/30
2a09:3b00::/30
2a0b:ab00::/30
2a0f:cf80::/30
Signature Algorithm: sha256WithRSAEncryption
58:72:7e:e7:78:24:59:8c:bb:88:ef:82:18:0d:04:54:03:33:
ad:b8:4f:31:b5:c2:a1:13:8c:3f:51:74:0c:c1:d6:03:9c:6b:
e6:66:db:44:d6:ab:8c:02:98:63:07:72:7a:99:ab:66:7f:d7:
65:86:7c:6d:57:08:92:90:d5:8d:23:24:d6:d6:d0:91:ae:c4:
01:a2:34:bf:c0:52:ab:8d:48:a5:39:69:69:ac:31:a0:63:0e:
94:cd:7c:13:a8:d4:3a:7f:2a:b0:2c:83:d3:bb:10:f5:95:a0:
71:3b:4d:87:2d:f0:20:95:4e:63:c4:95:35:cb:f7:78:c0:94:
34:04:7f:1d:b6:5d:3e:d8:bc:54:e1:fb:48:81:81:2e:34:23:
77:03:59:97:23:41:27:c5:ff:e1:17:cb:b6:46:b5:0e:2e:48:
a6:7d:47:f3:09:2a:e3:14:1b:15:11:8c:74:61:89:7c:d6:9b:
12:b4:05:a0:ec:2b:a1:44:9f:b3:a7:09:cc:88:d7:c4:d7:bb:
76:72:12:cd:4c:73:1e:ba:43:8f:61:d7:dc:c6:5c:54:89:75:
87:ce:5a:f5:26:ee:2d:5d:f4:6d:b2:c0:f1:1b:42:3f:10:9b:
9c:6b:40:a5:36:0b:4f:e4:5b:5f:00:3d:86:b8:78:49:f5:d4:
01:d3:60:14
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVv+W6mbGGzgDEo+EFaulduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTAyMDA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE4M2FmMmU2YmFkZmQ3MjNmNmMzZDgzYTlhNmE1YjA2YWVjODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSm9iYc2IJH6Tn0/6+k+1igkqggk
/Khfk4OKPSnIL9onkWm0wbQOP026n7SZHvocOo/bmqoGYisIc7Q+H50t9xLw6F6u
7ljcjpvU2/A/5Jai954b0TWom8KanYGZNDtJtTgPofEYNf8dMo2FFLTRX7KzdboP
YmZbe1iXQAXcUJyVGFhs2hDzhdwHvSIGGMyhB2WfTrqXs2omjaQYCTV+n7Se+3Tz
bYBVIlSsDc25EpOXB6oNRSLI04CQ9w9L2OzTboXKR9NpI0vcgjNMN6EBgojHSAte
qVjt3BBInzOm3B0QvDE4aakcMUwNoqGAe5/8AOo6R5VMP0UT8JUmz4/AvwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPQYOvLmut/XI/bD2DqaalsGrshWMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvOUJnNjh1YTYzOWNqOXNQWU9wcHFXd2F1eUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgTBAAMF
AioG2QQDBQIqCTsAAwUCKgurAAMFAioPz4AwDQYJKoZIhvcNAQELBQADggEBAFhy
fud4JFmMu4jvghgNBFQDM624TzG1wqETjD9RdAzB1gOca+Zm20TWq4wCmGMHcnqZ
q2Z/12WGfG1XCJKQ1Y0jJNbW0JGuxAGiNL/AUquNSKU5aWmsMaBjDpTNfBOo1Dp/
KrAsg9O7EPWVoHE7TYct8CCVTmPElTXL93jAlDQEfx22XT7YvFTh+0iBgS40I3cD
WZcjQSfF/+EXy7ZGtQ4uSKZ9R/MJKuMUGxURjHRhiXzWmxK0BaDsK6FEn7OnCcyI
18TXu3ZyEs1Mcx66Q49h19zGXFSJdYfOWvUm7i1d9G2ywPEbQj8Qm5xrQKU2C0/k
W18APYa4eEn11AHTYBQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org