Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EXect1rPNrsSS_64GOak-dXbTvU.roa
File: EXect1rPNrsSS_64GOak-dXbTvU.roa (raw, json)
Hash identifier: UBTcdDY0OxbHHc3Y6Y2ESDoR3ATW85eJDT7tQPXQD7Q=
Subject key identifier: 11:77:9C:B7:5A:CF:36:BB:12:4B:FE:B8:18:E6:A4:F9:D5:DB:4E:F5
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A511CB006C29C10DE5340F1B3E443
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EXect1rPNrsSS_64GOak-dXbTvU.roa
Signing time: Tue 02 Jan 2024 12:33:40 +0000
ROA not before: Tue 02 Jan 2024 12:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200398
IP address blocks: 2a06:e881:9740::/42 maxlen: 48
2a06:e881:9720::/43 maxlen: 48
2a06:e881:9710::/44 maxlen: 48
2a06:e881:9780::/41 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Nov 2024 18:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:51:1c:b0:06:c2:9c:10:de:53:40:f1:b3:e4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11779cb75acf36bb124bfeb818e6a4f9d5db4ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:12:e7:42:90:54:ac:0f:09:89:4b:22:75:
ca:65:95:42:b5:31:53:6f:c4:98:da:35:1f:49:c0:
5f:52:97:d2:9c:73:b6:6c:e8:22:96:4b:e5:71:53:
07:41:19:e5:e4:1f:4d:65:4a:ce:31:f6:6e:a5:20:
3b:46:4e:e5:08:e9:3b:7a:b6:75:81:ce:d7:df:a8:
ce:b7:6b:dd:48:78:56:99:27:dc:97:ae:e3:14:e9:
14:22:b1:bb:ee:10:dd:7a:3f:d7:8e:14:bb:d6:04:
ad:2f:fe:5f:da:81:b9:d5:15:9c:c8:1b:a9:20:d8:
40:11:d3:e5:d3:f0:c2:26:05:1a:ca:b7:3e:e2:9e:
90:5d:35:db:8f:af:b6:23:c2:60:e7:97:2a:69:4b:
ad:52:fd:42:56:09:ae:2b:a2:e8:d5:6a:1a:70:fb:
c5:94:09:f3:16:24:e6:cc:ca:bc:60:39:83:98:87:
a8:94:f6:d2:14:89:d1:e0:7a:a4:98:d2:21:42:13:
c6:c5:fa:95:78:1e:e6:12:a6:5e:be:00:83:aa:f6:
59:a9:73:11:38:bb:65:3f:8c:5d:af:3c:d5:8c:e1:
c6:a2:37:6a:6e:e4:3f:22:a5:7d:f6:38:0b:68:b8:
f1:a0:31:21:67:86:86:2c:11:40:85:ca:7f:4d:10:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:77:9C:B7:5A:CF:36:BB:12:4B:FE:B8:18:E6:A4:F9:D5:DB:4E:F5
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EXect1rPNrsSS_64GOak-dXbTvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:9710::-2a06:e881:97ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:ce:ae:36:7a:f2:90:ec:ab:c0:fa:b7:19:45:39:9e:01:15:
a4:32:c1:f7:07:67:b9:7c:a4:5a:a9:b2:e6:e7:5f:74:75:89:
34:40:93:99:13:fb:39:2a:0c:d7:f3:e3:01:0e:71:ed:dd:89:
cc:55:b3:30:e3:b9:41:39:0f:f6:1c:cb:4b:76:7e:08:a6:4f:
90:f9:75:a4:54:72:5e:12:6a:3a:67:f8:eb:59:cb:5d:12:82:
e5:c6:fc:24:1e:59:3c:f2:f6:dd:f4:24:30:da:7b:eb:45:d4:
04:88:41:72:98:2e:51:7a:4b:27:f4:5f:0f:5d:4b:3e:42:02:
63:29:73:37:d5:0d:c9:83:5d:df:28:a8:26:ec:92:1a:a0:fe:
d6:e5:01:41:7f:58:74:1d:e4:7c:ee:31:05:a2:ba:1c:dc:af:
18:59:2e:e7:b7:b5:b1:6c:3c:57:73:31:4e:86:96:f8:60:da:
c9:ec:dd:db:ac:f9:c5:c9:6a:3b:d5:97:e2:8a:dc:39:d4:7e:
36:b3:a5:84:b6:c7:6d:10:e7:1c:14:fa:90:71:a3:05:f0:7b:
81:79:ba:be:b5:0e:e3:ac:61:62:78:38:ef:20:b8:5d:9a:e8:
b8:43:fa:ca:4b:da:b0:c2:28:21:66:81:fa:29:20:4a:48:00:
c9:c2:a9:ef
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzKKlEcsAbCnBDeU0Dxs+RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc3OWNiNzVhY2YzNmJiMTI0YmZlYjgxOGU2YTRmOWQ1ZGI0ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm8S50KQVKwPCYlLInXKZZVCtTFT
b8SY2jUfScBfUpfSnHO2bOgilkvlcVMHQRnl5B9NZUrOMfZupSA7Rk7lCOk7erZ1
gc7X36jOt2vdSHhWmSfcl67jFOkUIrG77hDdej/XjhS71gStL/5f2oG51RWcyBup
INhAEdPl0/DCJgUayrc+4p6QXTXbj6+2I8Jg55cqaUutUv1CVgmuK6Lo1WoacPvF
lAnzFiTmzMq8YDmDmIeolPbSFInR4HqkmNIhQhPGxfqVeB7mEqZevgCDqvZZqXMR
OLtlP4xdrzzVjOHGojdqbuQ/IqV99jgLaLjxoDEhZ4aGLBFAhcp/TRBVGwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFBF3nLdazza7Ekv+uBjmpPnV2071MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvRVhlY3QxclBOcnNTU182NEdPYWstZFhiVHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBwQqBuiB
lxADBgMqBuiBkDANBgkqhkiG9w0BAQsFAAOCAQEAC86uNnrykOyrwPq3GUU5ngEV
pDLB9wdnuXykWqmy5udfdHWJNECTmRP7OSoM1/PjAQ5x7d2JzFWzMOO5QTkP9hzL
S3Z+CKZPkPl1pFRyXhJqOmf461nLXRKC5cb8JB5ZPPL23fQkMNp760XUBIhBcpgu
UXpLJ/RfD11LPkICYylzN9UNyYNd3yioJuySGqD+1uUBQX9YdB3kfO4xBaK6HNyv
GFku57e1sWw8V3MxToaW+GDayezd26z5xclqO9WX4orcOdR+NrOlhLbHbRDnHBT6
kHGjBfB7gXm6vrUO46xhYng47yC4XZrouEP6ykvasMIoIWaB+ikgSkgAycKp7w==
-----END CERTIFICATE-----
Generated at Tue Nov 5 21:31:33 2024 by rpki-client on console-ams.rpki-client.org