Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AnqZ2C_qZ5LtpaLiDvENGhNSwU4.roa
File: AnqZ2C_qZ5LtpaLiDvENGhNSwU4.roa (raw, json)
Hash identifier: J8Oqjrui0rY07fbyYsHz9PRbALgQ5JeHOZt5wxLwKPI=
Subject key identifier: 02:7A:99:D8:2F:EA:67:92:ED:A5:A2:E2:0E:F1:0D:1A:13:52:C1:4E
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01928A9D36E6E2A72A9B029A8FF7D6D268D7
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AnqZ2C_qZ5LtpaLiDvENGhNSwU4.roa
Signing time: Mon 14 Oct 2024 10:40:11 +0000
ROA not before: Mon 14 Oct 2024 10:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 2a04:c106::/32 maxlen: 32
2a0a:b43::/32 maxlen: 32
2a10:d8c0::/32 maxlen: 32
2a11:b85::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Nov 2024 17:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:9d:36:e6:e2:a7:2a:9b:02:9a:8f:f7:d6:d2:68:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 14 10:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=027a99d82fea6792eda5a2e20ef10d1a1352c14e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:3e:17:77:59:e1:e7:9f:83:24:d6:9b:f4:
a6:76:70:12:04:1d:71:bf:2d:15:23:12:8d:0e:9a:
c8:e7:4d:b5:8a:86:03:d7:e1:e1:f6:9c:08:ba:b6:
62:0c:80:89:5f:7f:25:4f:0a:67:78:df:a2:77:8a:
91:9d:d0:7d:ed:b1:db:d6:6e:2b:5d:aa:e7:79:7e:
d8:e6:0f:06:1a:b5:1d:30:75:12:12:c2:4e:52:91:
3a:88:43:79:21:c0:b1:e4:6f:db:a4:14:64:77:ca:
25:68:fd:f5:03:d9:92:c4:17:93:2a:66:1b:d1:2f:
ca:0a:03:f4:1f:d0:78:62:66:07:ab:0c:ba:54:ca:
8c:89:92:4d:91:85:e3:63:37:49:58:d1:2b:e2:c1:
b7:56:20:34:a0:c8:79:b5:cd:24:bc:c0:9f:d7:49:
06:58:72:48:d0:43:5f:89:8d:a3:b0:df:ff:53:7c:
94:42:f7:ef:da:01:ef:26:8d:20:49:ad:ad:cd:cd:
4d:58:81:16:31:72:ce:42:e5:ea:31:3c:ea:26:6d:
4c:f4:b9:9e:10:ea:e0:90:97:1b:b5:6f:59:f1:6c:
34:5c:71:78:d1:a1:3f:52:d8:94:97:f1:d5:ce:b9:
2b:44:85:0a:96:47:17:cd:7c:fe:e8:c5:a4:5f:c6:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7A:99:D8:2F:EA:67:92:ED:A5:A2:E2:0E:F1:0D:1A:13:52:C1:4E
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/AnqZ2C_qZ5LtpaLiDvENGhNSwU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c106::/32
2a0a:b43::/32
2a10:d8c0::/32
2a11:b85::/32
Signature Algorithm: sha256WithRSAEncryption
b6:a6:7d:05:fd:13:6d:7e:56:82:1e:42:0e:f8:9a:14:2a:8b:
d6:1f:53:f4:d5:0f:85:66:e1:7a:47:a9:45:11:76:49:a5:ca:
35:8d:cf:1a:87:f2:db:90:72:81:1c:ea:55:f4:a9:97:f9:2b:
f0:6d:2b:f0:39:7f:5b:85:3c:ac:c5:87:2e:cc:87:20:f7:e1:
8a:ff:b2:a5:aa:35:01:91:3b:19:b5:86:cc:c3:67:50:41:6f:
c5:d7:2e:3c:98:87:40:56:0b:8c:59:82:84:d8:9b:e6:cf:86:
4a:26:b8:ff:c6:f9:53:dd:b7:19:a1:4c:ac:78:84:08:25:8e:
71:0e:f4:5a:e3:39:39:8c:c9:bf:a8:5b:c1:21:83:f8:e2:56:
aa:36:75:59:f2:71:0f:d2:37:d5:14:bc:7a:89:c5:d0:6a:16:
ea:bd:7c:98:70:a9:cf:13:ba:dd:b9:a4:38:2f:5e:b8:cf:8d:
81:cd:c2:dd:b2:1d:39:30:20:11:e9:e9:f4:4c:4f:60:86:66:
98:23:7a:cb:9d:9f:ca:3c:b8:5c:6d:f0:85:7d:f8:c7:67:a7:
15:8b:49:b7:5e:b7:b1:7d:b4:72:94:6c:c7:03:22:2b:7c:b3:
9a:7a:d5:e7:02:9c:40:65:04:4b:c7:4f:61:2e:6e:1b:53:0e:
93:eb:b7:07
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZKKnTbm4qcqmwKaj/fW0mjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMDE0MTA0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjdhOTlkODJmZWE2NzkyZWRhNWEyZTIwZWYxMGQxYTEzNTJjMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7w+F3dZ4eefgyTWm/SmdnASBB1x
vy0VIxKNDprI5021ioYD1+Hh9pwIurZiDICJX38lTwpneN+id4qRndB97bHb1m4r
XarneX7Y5g8GGrUdMHUSEsJOUpE6iEN5IcCx5G/bpBRkd8olaP31A9mSxBeTKmYb
0S/KCgP0H9B4YmYHqwy6VMqMiZJNkYXjYzdJWNEr4sG3ViA0oMh5tc0kvMCf10kG
WHJI0ENfiY2jsN//U3yUQvfv2gHvJo0gSa2tzc1NWIEWMXLOQuXqMTzqJm1M9Lme
EOrgkJcbtW9Z8Ww0XHF40aE/UtiUl/HVzrkrRIUKlkcXzXz+6MWkX8YYcQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAJ6mdgv6meS7aWi4g7xDRoTUsFOMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQW5xWjJDX3FaNUx0cGFMaUR2RU5HaE5Td1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgTBBgMF
ACoKC0MDBQAqENjAAwUAKhELhTANBgkqhkiG9w0BAQsFAAOCAQEAtqZ9Bf0TbX5W
gh5CDviaFCqL1h9T9NUPhWbhekepRRF2SaXKNY3PGofy25BygRzqVfSpl/kr8G0r
8Dl/W4U8rMWHLsyHIPfhiv+ypao1AZE7GbWGzMNnUEFvxdcuPJiHQFYLjFmChNib
5s+GSia4/8b5U923GaFMrHiECCWOcQ70WuM5OYzJv6hbwSGD+OJWqjZ1WfJxD9I3
1RS8eonF0GoW6r18mHCpzxO63bmkOC9euM+Ngc3C3bIdOTAgEenp9ExPYIZmmCN6
y52fyjy4XG3whX34x2enFYtJt163sX20cpRsxwMiK3yzmnrV5wKcQGUES8dPYS5u
G1MOk+u3Bw==
-----END CERTIFICATE-----
Generated at Mon Nov 18 20:59:20 2024 by rpki-client on console-fra.rpki-client.org