Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9GLI49_tAPwXVj60C_tEoHa694s.roa
File: 9GLI49_tAPwXVj60C_tEoHa694s.roa (raw, json)
Hash identifier: Xq0Yn4jDBcLdf3WNMUlHW1ko4uB17Vyg5D+v3eydRE8=
Subject key identifier: F4:62:C8:E3:DF:ED:00:FC:17:56:3E:B4:0B:FB:44:A0:76:BA:F7:8B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018BAD63756927D5B58CAA87EF2543AFE50B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9GLI49_tAPwXVj60C_tEoHa694s.roa
Signing time: Wed 08 Nov 2023 05:24:18 +0000
ROA not before: Wed 08 Nov 2023 05:24:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 32
2a0f:e385::/32 maxlen: 32
2a0f:e384::/32 maxlen: 32
2a0f:2740::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Nov 2023 09:03:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:63:75:69:27:d5:b5:8c:aa:87:ef:25:43:af:e5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 8 05:24:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f462c8e3dfed00fc17563eb40bfb44a076baf78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ab:09:81:04:4c:85:02:f1:0c:54:48:1e:7e:
e5:1a:c3:85:7d:86:b3:e1:49:9e:ef:ae:31:ec:3b:
62:26:62:85:23:14:b3:88:d1:6a:9f:a7:06:f1:50:
f6:b8:59:a8:68:5c:42:83:f3:3b:8d:eb:42:d2:ec:
a2:61:d6:e3:2e:91:ec:78:48:9e:4f:1d:46:12:72:
1c:0d:ed:87:f8:88:ef:17:da:5e:e4:a4:31:28:ad:
f7:ef:da:9f:23:a7:14:13:15:96:72:c5:07:08:c1:
7e:a9:11:99:86:d5:d5:a6:bb:b5:50:df:72:a4:77:
59:dd:06:4d:7e:db:7d:03:9c:9e:92:93:f3:01:81:
93:e6:43:5b:1a:32:52:a0:9b:fb:c1:6f:04:b3:08:
9c:35:b1:c9:dd:c2:e4:c3:29:f1:3a:25:30:6a:c3:
a3:39:a5:d2:2f:ba:e6:03:ab:21:db:4c:75:36:48:
7e:a3:cc:20:12:94:3f:ca:7b:64:e8:44:98:55:29:
bb:2d:6c:43:e2:9f:94:1d:6c:0f:18:ab:47:4b:a3:
c3:3f:00:e3:c0:36:c8:a9:d7:5b:0f:4a:bf:77:f6:
69:18:ac:af:a6:5d:c7:25:13:75:bc:df:cb:00:97:
21:c6:72:9d:36:8d:cf:8c:59:fe:a0:10:c8:ff:9c:
81:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:62:C8:E3:DF:ED:00:FC:17:56:3E:B4:0B:FB:44:A0:76:BA:F7:8B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9GLI49_tAPwXVj60C_tEoHa694s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:df:af:dd:8c:59:77:d6:ed:20:02:1f:20:b5:92:5d:a8:c0:
66:b1:0b:79:e9:1c:f8:1f:9a:26:76:31:e4:86:6c:cd:01:1e:
d7:77:51:c0:1e:18:7b:2e:7d:99:08:4e:b0:a8:1e:f2:72:97:
62:e4:6f:48:a1:51:d2:31:cb:f7:de:3b:c5:be:c7:0c:34:ff:
ee:d4:8f:f3:59:3b:80:59:0d:51:40:bb:42:b4:b3:3f:a3:ed:
03:39:75:33:bd:4f:cd:1e:c9:68:be:0c:44:dd:08:69:49:6b:
27:b1:77:e5:2a:13:cf:f5:63:cc:be:22:f0:74:ca:ff:fd:e0:
10:6a:74:07:1f:38:40:95:12:3c:21:0e:96:12:b7:24:da:5d:
49:71:7c:c6:00:34:11:1e:9e:86:af:e8:08:06:a2:c4:f6:8d:
5f:4c:82:08:29:87:85:d5:27:a6:80:24:61:d3:00:6d:b0:01:
49:b8:db:b1:52:17:6c:3d:cd:d3:13:c3:8d:cb:0d:28:52:f6:
ba:57:ca:b2:7a:e4:60:56:a7:38:cc:0a:d1:bd:d5:1e:c7:c8:
8e:81:6c:0b:83:55:7a:10:3d:bd:c4:79:47:3e:fc:e5:d1:ba:
78:89:36:41:50:76:d1:2c:e7:26:7d:b2:43:b0:51:e6:58:6d:
6b:6d:7a:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYutY3VpJ9W1jKqH7yVDr+ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTA4MDUyNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYyYzhlM2RmZWQwMGZjMTc1NjNlYjQwYmZiNDRhMDc2YmFmNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKsJgQRMhQLxDFRIHn7lGsOFfYaz
4Ume764x7DtiJmKFIxSziNFqn6cG8VD2uFmoaFxCg/M7jetC0uyiYdbjLpHseEie
Tx1GEnIcDe2H+IjvF9pe5KQxKK3379qfI6cUExWWcsUHCMF+qRGZhtXVpru1UN9y
pHdZ3QZNftt9A5yekpPzAYGT5kNbGjJSoJv7wW8EswicNbHJ3cLkwynxOiUwasOj
OaXSL7rmA6sh20x1Nkh+o8wgEpQ/yntk6ESYVSm7LWxD4p+UHWwPGKtHS6PDPwDj
wDbIqddbD0q/d/ZpGKyvpl3HJRN1vN/LAJchxnKdNo3PjFn+oBDI/5yBvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPRiyOPf7QD8F1Y+tAv7RKB2uveLMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOUdMSTQ5X3RBUHdYVmo2MENfdEVvSGE2OTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUDKg8nQDAO
AwUAKg/jgwMFASoP44QwDQYJKoZIhvcNAQELBQADggEBADzfr92MWXfW7SACHyC1
kl2owGaxC3npHPgfmiZ2MeSGbM0BHtd3UcAeGHsufZkITrCoHvJyl2Lkb0ihUdIx
y/feO8W+xww0/+7Uj/NZO4BZDVFAu0K0sz+j7QM5dTO9T80eyWi+DETdCGlJayex
d+UqE8/1Y8y+IvB0yv/94BBqdAcfOECVEjwhDpYStyTaXUlxfMYANBEenoav6AgG
osT2jV9Mgggph4XVJ6aAJGHTAG2wAUm427FSF2w9zdMTw43LDShS9rpXyrJ65GBW
pzjMCtG91R7HyI6BbAuDVXoQPb3EeUc+/OXRuniJNkFQdtEs5yZ9skOwUeZYbWtt
eko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org