Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/dH-l4Xzaq-btHMeIWt6VqM5F0Vs.roa
File: dH-l4Xzaq-btHMeIWt6VqM5F0Vs.roa (raw, json)
Hash identifier: nH6mmoU+/FEHaRKGvv84snjIVv9EffjSDThembTHXx0=
Subject key identifier: 74:7F:A5:E1:7C:DA:AB:E6:ED:1C:C7:88:5A:DE:95:A8:CE:45:D1:5B
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01927195BDE435D0720539CC89A92C60D534
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/dH-l4Xzaq-btHMeIWt6VqM5F0Vs.roa
Signing time: Wed 09 Oct 2024 14:01:31 +0000
ROA not before: Wed 09 Oct 2024 14:01:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 2a04:c106::/32 maxlen: 32
2a0a:b43::/32 maxlen: 32
2a11:b85::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Oct 2024 10:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:71:95:bd:e4:35:d0:72:05:39:cc:89:a9:2c:60:d5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 9 14:01:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=747fa5e17cdaabe6ed1cc7885ade95a8ce45d15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:f7:9d:d3:62:8e:0b:5e:b7:46:f0:3c:7d:
6b:cd:23:8c:1f:37:1f:f7:f8:57:a9:4d:94:c2:a8:
a6:6c:9a:e5:98:b3:ec:fa:09:53:4a:e1:8b:72:ce:
3f:ed:60:bf:6a:1a:7c:b2:fe:37:ef:e4:28:75:04:
bb:f6:a3:9d:ed:4e:58:2f:9c:8a:f0:d9:4b:f8:fb:
da:12:0b:f0:97:5e:bd:40:9e:b5:a2:ea:b4:86:eb:
08:fb:b3:ca:13:92:2c:f9:79:54:df:b0:4e:9a:a9:
c0:75:1e:4c:0c:9c:9d:60:5f:22:8d:48:b8:af:b0:
9c:db:e2:7b:1b:c5:bb:e3:f6:1d:4f:7f:45:d1:3c:
58:39:35:55:8a:e8:80:32:5d:84:a1:f2:66:bc:27:
b8:63:c2:22:c1:48:4b:48:e2:c5:aa:4c:72:d3:21:
92:54:a4:74:9f:e7:f9:d6:bf:ed:35:e3:1d:db:2f:
87:be:b2:80:f6:1a:85:17:f9:ab:dc:f8:87:8d:a3:
9e:7e:35:e6:24:95:40:9e:ea:18:48:95:ac:e0:a8:
ba:29:ab:a4:27:28:e1:71:50:ff:35:0d:0e:dd:d3:
ac:0d:ce:b0:ad:02:b7:5f:3e:55:f8:d2:95:c7:a7:
b4:c1:6b:02:63:3e:f2:76:66:ad:98:38:2f:b4:25:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7F:A5:E1:7C:DA:AB:E6:ED:1C:C7:88:5A:DE:95:A8:CE:45:D1:5B
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/dH-l4Xzaq-btHMeIWt6VqM5F0Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c106::/32
2a0a:b43::/32
2a11:b85::/32
Signature Algorithm: sha256WithRSAEncryption
4a:8d:8c:df:ee:2a:c6:66:10:bc:87:4b:67:12:07:ed:53:dc:
f8:e5:a7:40:cc:24:91:7c:61:5a:c4:db:3f:7a:4f:48:f0:1a:
1b:ee:f0:14:82:9e:89:73:34:fe:29:6a:66:ae:22:fc:10:1d:
1d:95:3b:f7:58:04:e7:67:17:29:c5:ab:ca:36:33:c9:7b:46:
dd:a0:72:2f:a1:47:35:22:34:da:32:ca:19:18:42:ce:5a:91:
51:b5:d3:3d:f9:60:c9:e5:96:ba:ea:3d:4d:44:cf:5a:4e:6c:
11:21:52:6a:58:5c:75:a1:82:37:97:b7:c1:ac:95:05:79:1b:
6d:77:d6:b3:52:71:d2:41:50:fc:da:43:11:6f:70:ae:3c:a1:
2c:ac:24:2f:8b:31:ba:51:7e:22:9b:4c:43:87:c2:e3:cf:fc:
e8:0b:ae:f2:ed:c7:62:80:21:d5:76:cc:be:a8:6c:16:ad:a6:
55:e0:89:ac:19:54:5e:b4:49:42:fc:8f:8d:a4:bd:14:04:99:
cb:6c:9c:e1:ba:2e:80:eb:d8:f8:cd:00:5b:e3:17:e5:f7:33:
34:fd:18:69:5d:97:0e:19:84:c5:d3:ed:f4:5d:e7:95:84:a9:
42:56:4b:5c:74:47:6f:37:c4:b4:40:22:33:53:fc:b1:07:c8:
03:17:e4:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJxlb3kNdByBTnMiaksYNU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMDA5MTQwMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdmYTVlMTdjZGFhYmU2ZWQxY2M3ODg1YWRlOTVhOGNlNDVkMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf73ndNijgtet0bwPH1rzSOMHzcf
9/hXqU2UwqimbJrlmLPs+glTSuGLcs4/7WC/ahp8sv437+QodQS79qOd7U5YL5yK
8NlL+PvaEgvwl169QJ61ouq0husI+7PKE5Is+XlU37BOmqnAdR5MDJydYF8ijUi4
r7Cc2+J7G8W74/YdT39F0TxYOTVViuiAMl2EofJmvCe4Y8IiwUhLSOLFqkxy0yGS
VKR0n+f51r/tNeMd2y+HvrKA9hqFF/mr3PiHjaOefjXmJJVAnuoYSJWs4Ki6Kauk
JyjhcVD/NQ0O3dOsDc6wrQK3Xz5V+NKVx6e0wWsCYz7ydmatmDgvtCUrIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHR/peF82qvm7RzHiFrelajORdFbMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZEgtbDRYemFxLWJ0SE1lSVd0NlZxTTVGMFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgTBBgMF
ACoKC0MDBQAqEQuFMA0GCSqGSIb3DQEBCwUAA4IBAQBKjYzf7irGZhC8h0tnEgft
U9z45adAzCSRfGFaxNs/ek9I8Bob7vAUgp6JczT+KWpmriL8EB0dlTv3WATnZxcp
xavKNjPJe0bdoHIvoUc1IjTaMsoZGELOWpFRtdM9+WDJ5Za66j1NRM9aTmwRIVJq
WFx1oYI3l7fBrJUFeRttd9azUnHSQVD82kMRb3CuPKEsrCQvizG6UX4im0xDh8Lj
z/zoC67y7cdigCHVdsy+qGwWraZV4ImsGVRetElC/I+NpL0UBJnLbJzhui6A69j4
zQBb4xfl9zM0/RhpXZcOGYTF0+30XeeVhKlCVktcdEdvN8S0QCIzU/yxB8gDF+RG
-----END CERTIFICATE-----
Generated at Mon Oct 14 13:08:42 2024 by rpki-client on console-fra.rpki-client.org