Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/r15VAqn0pkIHjIz9ofJs3yjQAiI.roa
File: r15VAqn0pkIHjIz9ofJs3yjQAiI.roa (raw, json)
Hash identifier: 9Tf3Ves/6yNyhT2VQfSfzwMqbzAiOE2cPUr7MTH/g3A=
Subject key identifier: AF:5E:55:02:A9:F4:A6:42:07:8C:8C:FD:A1:F2:6C:DF:28:D0:02:22
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018B3C0987658E825145C83AED37E352C0FD
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/r15VAqn0pkIHjIz9ofJs3yjQAiI.roa
Signing time: Tue 17 Oct 2023 05:08:59 +0000
ROA not before: Tue 17 Oct 2023 05:08:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211027
IP address blocks: 2a09:3d00::/29 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a0d:5ec0::/29 maxlen: 36
2a11:780::/29 maxlen: 36
2a11:200:2000::/36 maxlen: 36
2a10:c340:7000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 31 Oct 2023 12:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:09:87:65:8e:82:51:45:c8:3a:ed:37:e3:52:c0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 17 05:08:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af5e5502a9f4a642078c8cfda1f26cdf28d00222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:50:9c:2b:5f:53:03:6b:4b:d6:a6:10:2d:35:
0b:7f:cc:06:99:2c:50:04:15:81:c3:61:60:1a:37:
04:55:da:13:4c:44:a9:03:70:80:cf:ed:ea:52:d8:
ee:44:69:98:24:8f:6e:63:8a:37:c6:4e:b8:3e:4b:
f5:40:cd:45:ba:12:49:06:0c:27:21:01:4f:3f:c8:
37:66:94:9d:5b:ce:ab:ad:06:6b:7f:bf:7b:7c:54:
4f:b5:c3:db:8b:fb:bb:25:d8:78:5e:3c:30:08:f0:
76:3f:e8:d9:4a:5c:cb:ed:ff:fa:be:43:0e:4d:5c:
dc:f8:42:e2:ed:8c:23:9a:92:35:85:25:3f:0e:8a:
35:4e:9b:98:d0:82:07:ed:54:54:69:8f:37:e2:ad:
7c:61:bd:c0:a2:56:24:71:5d:39:16:72:80:88:9e:
c1:03:e0:c2:8c:dc:85:a7:b6:fc:2d:92:ae:aa:a1:
bf:ec:50:ed:80:03:0c:e5:aa:a0:51:80:70:d2:94:
21:5a:e4:b6:49:bb:99:3f:e5:3a:58:6d:16:61:b1:
d3:f9:93:7f:2c:40:86:18:ae:b9:3a:fb:cb:08:8c:
1f:10:f2:75:15:3a:5e:79:d5:e2:76:27:92:80:bd:
2a:61:f9:93:4b:f3:8c:38:5d:26:6d:89:c6:89:75:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5E:55:02:A9:F4:A6:42:07:8C:8C:FD:A1:F2:6C:DF:28:D0:02:22
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/r15VAqn0pkIHjIz9ofJs3yjQAiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3d00::/29
2a09:b680::/29
2a0d:5ec0::/29
2a10:c340:7000::/36
2a11:200:2000::/36
2a11:780::/29
2a11:b80::/29
Signature Algorithm: sha256WithRSAEncryption
04:15:21:6e:c4:fc:49:e2:58:36:4e:57:dc:30:4e:80:11:44:
70:8e:fd:05:fd:ef:30:9f:93:75:55:3c:71:3d:43:48:a7:b9:
33:44:23:36:98:c4:bc:52:69:33:be:79:4d:dc:8b:85:bb:c7:
fd:6f:b9:65:5a:01:50:45:b3:51:91:59:f7:b6:48:95:8f:a7:
87:19:82:d2:c0:59:5a:68:da:16:d9:3b:93:cb:e8:1f:93:1b:
4a:dc:90:91:e9:7c:59:e1:e4:17:76:22:4b:29:2f:63:0e:b0:
52:b0:4b:f3:59:dd:a0:bd:e1:b3:6a:72:3d:79:de:c9:39:0a:
d4:58:68:94:2f:12:17:80:5a:65:68:da:7f:6f:26:5d:bf:1b:
99:ba:ac:db:cf:53:fd:39:6c:21:b7:59:2d:52:31:39:5c:1a:
78:2c:cc:30:c4:43:2b:bd:b2:0d:b9:dc:58:97:0b:ef:b4:d9:
53:78:32:f0:49:8a:f4:8d:c4:4e:fc:b7:de:8d:41:19:ad:a0:
04:10:f4:37:de:4f:50:27:dc:90:bf:42:3a:89:09:ae:f1:e9:
bf:3d:24:73:c4:85:6a:a4:b6:4c:ee:d8:2e:77:3a:e8:91:70:
93:24:5e:b2:f2:cc:43:df:66:ec:a1:84:d6:84:8c:f9:d1:74:
e3:6a:d3:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYs8CYdljoJRRcg67TfjUsD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDE3MDUwODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjVlNTUwMmE5ZjRhNjQyMDc4YzhjZmRhMWYyNmNkZjI4ZDAwMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VCcK19TA2tL1qYQLTULf8wGmSxQ
BBWBw2FgGjcEVdoTTESpA3CAz+3qUtjuRGmYJI9uY4o3xk64Pkv1QM1FuhJJBgwn
IQFPP8g3ZpSdW86rrQZrf797fFRPtcPbi/u7Jdh4XjwwCPB2P+jZSlzL7f/6vkMO
TVzc+ELi7YwjmpI1hSU/Doo1TpuY0IIH7VRUaY834q18Yb3AolYkcV05FnKAiJ7B
A+DCjNyFp7b8LZKuqqG/7FDtgAMM5aqgUYBw0pQhWuS2SbuZP+U6WG0WYbHT+ZN/
LECGGK65OvvLCIwfEPJ1FTpeedXidieSgL0qYfmTS/OMOF0mbYnGiXVRLwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFK9eVQKp9KZCB4yM/aHybN8o0AIiMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcjE1VkFxbjBwa0lIakl6OW9mSnMzeWpRQWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUDKgk9AAMF
AyoJtoADBQMqDV7AAwYEKhDDQHADBgQqEQIAIAMFAyoRB4ADBQMqEQuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAEFSFuxPxJ4lg2TlfcME6AEURwjv0F/e8wn5N1VTxxPUNI
p7kzRCM2mMS8UmkzvnlN3IuFu8f9b7llWgFQRbNRkVn3tkiVj6eHGYLSwFlaaNoW
2TuTy+gfkxtK3JCR6XxZ4eQXdiJLKS9jDrBSsEvzWd2gveGzanI9ed7JOQrUWGiU
LxIXgFplaNp/byZdvxuZuqzbz1P9OWwht1ktUjE5XBp4LMwwxEMrvbINudxYlwvv
tNlTeDLwSYr0jcRO/LfejUEZraAEEPQ33k9QJ9yQv0I6iQmu8em/PSRzxIVqpLZM
7tgudzrokXCTJF6y8sxD32bsoYTWhIz50XTjatOg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org