Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/n4GwUYLGpu6NcfZOALg7M5bN_YQ.roa
File: n4GwUYLGpu6NcfZOALg7M5bN_YQ.roa (raw, json)
Hash identifier: hK872XPnzCdC53NBBVCKWdNXeYTG+gy8zJtYveAnHhU=
Subject key identifier: 9F:81:B0:51:82:C6:A6:EE:8D:71:F6:4E:00:B8:3B:33:96:CD:FD:84
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FAF2ECEDA5F9CF3CD36940D54A6AE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/n4GwUYLGpu6NcfZOALg7M5bN_YQ.roa
Signing time: Tue 02 Jan 2024 04:30:11 +0000
ROA not before: Tue 02 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0f:e383::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:af:2e:ce:da:5f:9c:f3:cd:36:94:0d:54:a6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f81b05182c6a6ee8d71f64e00b83b3396cdfd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:88:27:cf:8e:b5:d1:22:6e:f0:d4:0b:c0:e6:
09:15:7b:4d:a8:d6:bd:40:6b:eb:5d:36:ce:f0:75:
c2:80:63:c9:ef:ca:df:ee:ca:69:b5:c8:f7:14:40:
a7:f1:db:55:6f:60:d9:6b:ba:1e:73:14:f0:2b:96:
8d:cc:2a:a3:17:8f:53:da:89:61:df:ba:23:a6:08:
b4:b2:51:53:9a:2b:13:72:0a:49:b1:0c:d8:a5:15:
c3:0b:55:0f:60:a9:0d:15:41:09:e8:34:c6:e8:b8:
aa:16:61:4d:3f:84:b7:85:96:f9:fb:86:67:47:3f:
dd:6f:46:78:93:c2:3c:1d:f2:c7:91:fa:9d:f2:1c:
09:63:f2:eb:be:f0:f7:ba:c9:29:97:47:8f:9b:41:
10:d3:c8:03:a7:ce:0a:2e:de:c1:9e:fd:1b:05:42:
ff:91:af:39:25:63:92:60:b3:23:11:af:eb:09:e1:
08:b2:b0:81:7d:76:99:53:23:75:ac:ab:b5:66:64:
6a:05:ce:e5:37:e3:71:74:64:39:2b:3f:6c:62:21:
7c:56:6d:29:ec:e1:f7:04:d8:15:28:96:0b:6c:ce:
a7:36:af:cd:83:6b:6c:c0:13:21:03:7e:65:c1:f7:
85:e8:97:39:79:f4:d9:0b:89:33:fa:f5:0c:5f:a6:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:81:B0:51:82:C6:A6:EE:8D:71:F6:4E:00:B8:3B:33:96:CD:FD:84
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/n4GwUYLGpu6NcfZOALg7M5bN_YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
69:14:58:ae:62:b2:2e:cd:04:3e:a9:7a:d2:79:62:92:4b:ae:
30:05:c2:c2:ed:f5:ac:a8:f9:90:43:a6:c3:43:44:d6:ae:b9:
bc:16:74:8f:c2:43:0b:9e:76:69:58:fa:b9:d2:ba:c8:36:46:
13:56:2f:c0:e9:f3:80:93:ce:73:d7:e7:02:35:c7:9c:5c:60:
1a:36:87:43:6b:b3:43:6a:cd:4d:ba:0b:c2:6b:f3:c7:75:1e:
15:83:3e:42:c6:a6:d0:38:0b:17:f1:5b:1b:68:4e:26:96:0c:
8a:fc:fb:97:81:c0:c4:f7:0f:a7:18:13:58:9e:eb:c1:01:85:
e0:49:dd:1e:be:f1:0b:bb:19:41:e2:e1:a8:ee:34:9c:c5:c3:
ae:bb:64:50:35:d8:72:64:54:26:14:4e:27:f5:41:28:60:a8:
7c:d0:0a:ec:99:d9:e5:c7:a0:00:19:6a:d1:e8:f1:45:47:14:
a2:1d:78:94:a6:cb:50:b4:55:5c:2a:33:5a:da:b5:87:26:2b:
8f:b9:47:41:7e:d5:be:81:52:26:87:3a:68:ce:3a:a9:58:bf:
4f:87:8a:d6:2c:5a:c6:a1:e2:37:6b:7f:ae:ce:c2:3f:97:91:
8c:81:a3:b6:41:4d:95:59:7b:de:3e:0e:84:96:ab:7e:ed:cf:
5d:30:8b:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb68uztpfnPPNNpQNVKauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgxYjA1MTgyYzZhNmVlOGQ3MWY2NGUwMGI4M2IzMzk2Y2RmZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4gnz4610SJu8NQLwOYJFXtNqNa9
QGvrXTbO8HXCgGPJ78rf7spptcj3FECn8dtVb2DZa7oecxTwK5aNzCqjF49T2olh
37ojpgi0slFTmisTcgpJsQzYpRXDC1UPYKkNFUEJ6DTG6LiqFmFNP4S3hZb5+4Zn
Rz/db0Z4k8I8HfLHkfqd8hwJY/LrvvD3uskpl0ePm0EQ08gDp84KLt7Bnv0bBUL/
ka85JWOSYLMjEa/rCeEIsrCBfXaZUyN1rKu1ZmRqBc7lN+NxdGQ5Kz9sYiF8Vm0p
7OH3BNgVKJYLbM6nNq/Ng2tswBMhA35lwfeF6Jc5efTZC4kz+vUMX6YI+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ+BsFGCxqbujXH2TgC4OzOWzf2EMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbjRHd1VZTEdwdTZOY2ZaT0FMZzdNNWJOX1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUDKg8nQDAO
AwUAKg/jgwMFASoP44QDBQAqD+OHMA0GCSqGSIb3DQEBCwUAA4IBAQBpFFiuYrIu
zQQ+qXrSeWKSS64wBcLC7fWsqPmQQ6bDQ0TWrrm8FnSPwkMLnnZpWPq50rrINkYT
Vi/A6fOAk85z1+cCNcecXGAaNodDa7NDas1NugvCa/PHdR4Vgz5CxqbQOAsX8Vsb
aE4mlgyK/PuXgcDE9w+nGBNYnuvBAYXgSd0evvELuxlB4uGo7jScxcOuu2RQNdhy
ZFQmFE4n9UEoYKh80Arsmdnlx6AAGWrR6PFFRxSiHXiUpstQtFVcKjNa2rWHJiuP
uUdBftW+gVImhzpozjqpWL9Ph4rWLFrGoeI3a3+uzsI/l5GMgaO2QU2VWXvePg6E
lqt+7c9dMIt7
-----END CERTIFICATE-----
Generated at Tue Aug 27 08:25:31 2024 by rpki-client on console-ams.rpki-client.org