Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sgeX36FT8j76YZx-4tr1WsQdYFs.roa
File: sgeX36FT8j76YZx-4tr1WsQdYFs.roa (raw, json)
Hash identifier: ZfBI8zagS5cN8iLjVnprLGDDMaR4GZ5Jn693crg3P+U=
Subject key identifier: B2:07:97:DF:A1:53:F2:3E:FA:61:9C:7E:E2:DA:F5:5A:C4:1D:60:5B
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B603ACB1C34D102508C19AB5480C2
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sgeX36FT8j76YZx-4tr1WsQdYFs.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a10:9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 22 Feb 2024 12:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:60:3a:cb:1c:34:d1:02:50:8c:19:ab:54:80:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20797dfa153f23efa619c7ee2daf55ac41d605b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:49:d7:84:62:a7:dd:0b:fb:a3:8f:30:cb:
f3:96:f9:28:4a:59:22:76:ea:9e:b1:85:cd:99:65:
c1:33:d7:3b:31:84:1b:0d:45:d6:8d:16:50:a9:cf:
7b:13:96:6f:64:5d:4a:99:bc:92:4f:17:a2:8e:ca:
01:c0:57:91:05:6d:2f:c5:74:01:ba:bb:3e:02:89:
79:71:29:83:26:65:6e:f6:d3:2e:d4:71:42:be:38:
61:9f:d7:d1:52:93:77:10:41:d5:4b:da:a9:b1:0b:
5f:47:8b:c9:fe:d0:ce:f7:ac:69:e5:c6:1b:df:b1:
dd:50:c8:06:f8:67:dd:28:20:e0:ab:43:78:1b:64:
85:8c:89:31:3b:2c:d9:71:16:b3:79:23:08:c3:37:
0a:ce:61:3a:4d:07:26:fb:6e:b4:8e:1c:0c:e9:6b:
a3:b9:6b:98:6a:d5:4f:17:56:df:7d:90:6e:a5:cc:
30:ec:9e:3b:13:98:c5:95:f9:16:2f:01:eb:03:b2:
46:0b:18:1f:8a:de:ad:36:b0:4e:8b:e8:51:25:44:
18:87:17:5d:74:4d:fd:0c:bb:99:b0:46:97:fa:73:
cc:03:4b:d1:0f:54:14:24:d1:2a:f2:6e:22:ee:a6:
95:e3:8e:e7:db:9e:05:d5:25:6c:37:5e:b9:8d:f0:
7d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:07:97:DF:A1:53:F2:3E:FA:61:9C:7E:E2:DA:F5:5A:C4:1D:60:5B
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sgeX36FT8j76YZx-4tr1WsQdYFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:b6:ea:f0:e4:cf:b7:3a:a3:da:e9:c8:b9:65:ef:dd:de:4e:
1a:44:20:05:80:09:43:fb:41:a1:e5:c6:70:da:52:96:bc:aa:
c1:85:a8:96:47:40:c1:b1:8d:db:23:08:bb:05:2c:a2:00:b8:
24:47:cc:92:d4:be:71:95:c1:ea:ea:21:3b:f8:27:ac:98:8c:
88:e6:ad:2b:c8:b5:81:6c:31:d2:e2:99:85:7f:d1:6b:79:c2:
d2:4a:1b:76:98:1a:1c:cd:91:fb:15:d0:1f:b5:15:0b:d9:18:
36:9a:5a:c4:0e:b3:c1:4e:19:14:6b:f2:2d:80:d5:a6:40:dc:
1b:e2:d6:89:a6:26:cc:ee:ee:e1:07:94:15:82:83:ae:02:1f:
ac:3e:38:53:a3:c1:35:9b:56:f9:9b:17:a5:20:a1:e7:88:f6:
1b:c4:e7:8d:64:21:64:f3:15:37:b1:d8:ef:dc:b4:f6:b4:30:
e8:f7:bb:e6:c1:e4:45:18:09:de:ac:14:f2:04:b6:51:64:ca:
8c:54:3e:f9:c3:6d:69:6a:56:77:36:07:ba:ae:90:c0:d9:1a:
06:72:2b:86:24:fb:2b:52:0e:ed:e6:34:bd:d8:04:d6:03:72:
e0:fc:db:a8:b1:c9:fb:2d:df:10:35:fd:88:44:a2:47:d9:fd:
72:54:2e:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGS2A6yxw00QJQjBmrVIDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA3OTdkZmExNTNmMjNlZmE2MTljN2VlMmRhZjU1YWM0MWQ2MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkVJ14Rip90L+6OPMMvzlvkoSlki
duqesYXNmWXBM9c7MYQbDUXWjRZQqc97E5ZvZF1KmbySTxeijsoBwFeRBW0vxXQB
urs+Aol5cSmDJmVu9tMu1HFCvjhhn9fRUpN3EEHVS9qpsQtfR4vJ/tDO96xp5cYb
37HdUMgG+GfdKCDgq0N4G2SFjIkxOyzZcRazeSMIwzcKzmE6TQcm+260jhwM6Wuj
uWuYatVPF1bffZBupcww7J47E5jFlfkWLwHrA7JGCxgfit6tNrBOi+hRJUQYhxdd
dE39DLuZsEaX+nPMA0vRD1QUJNEq8m4i7qaV447n254F1SVsN165jfB90QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLIHl9+hU/I++mGcfuLa9VrEHWBbMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvc2dlWDM2RlQ4ajc2WVp4LTR0cjFXc1FkWUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAJwDAN
BgkqhkiG9w0BAQsFAAOCAQEAebbq8OTPtzqj2unIuWXv3d5OGkQgBYAJQ/tBoeXG
cNpSlryqwYWolkdAwbGN2yMIuwUsogC4JEfMktS+cZXB6uohO/gnrJiMiOatK8i1
gWwx0uKZhX/Ra3nC0kobdpgaHM2R+xXQH7UVC9kYNppaxA6zwU4ZFGvyLYDVpkDc
G+LWiaYmzO7u4QeUFYKDrgIfrD44U6PBNZtW+ZsXpSCh54j2G8TnjWQhZPMVN7HY
79y09rQw6Pe75sHkRRgJ3qwU8gS2UWTKjFQ++cNtaWpWdzYHuq6QwNkaBnIrhiT7
K1IO7eY0vdgE1gNy4PzbqLHJ+y3fEDX9iESiR9n9clQuVg==
-----END CERTIFICATE-----
Generated at Thu Feb 22 15:54:51 2024 by rpki-client on console-ams.rpki-client.org