Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/hIob5To274fAjehq0AwMGr3UEqc.roa
File: hIob5To274fAjehq0AwMGr3UEqc.roa (raw, json)
Hash identifier: hw+Q/TxC5+ykZBYqAmyf+tysb/cdlyf6YfnhtNq3SA8=
Subject key identifier: 84:8A:1B:E5:3A:36:EF:87:C0:8D:E8:6A:D0:0C:0C:1A:BD:D4:12:A7
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01916E45A13716F0D63C17D73AB79C6F3A74
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/hIob5To274fAjehq0AwMGr3UEqc.roa
Signing time: Tue 20 Aug 2024 05:32:22 +0000
ROA not before: Tue 20 Aug 2024 05:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214341
IP address blocks: 2a01:e901:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Sep 2024 07:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:45:a1:37:16:f0:d6:3c:17:d7:3a:b7:9c:6f:3a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Aug 20 05:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=848a1be53a36ef87c08de86ad00c0c1abdd412a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:93:36:49:6a:dd:8b:05:0f:f4:9b:b8:82:
f3:10:33:c6:00:11:d1:24:18:db:d0:59:38:be:02:
69:5e:c2:fd:95:7a:c2:3b:7f:f1:79:3c:2e:37:55:
f1:51:d6:92:fd:38:bb:3a:02:db:19:c0:83:2b:55:
bd:c2:5d:43:ba:6b:64:e0:82:6c:b3:6b:79:0d:e3:
3e:52:bb:e1:29:4d:0e:a4:b3:93:c2:ee:b1:99:bb:
fa:ce:60:f5:20:91:06:7a:7d:52:f8:e2:cc:62:76:
1b:7c:67:8d:85:2b:4b:c6:e4:be:a7:1a:62:87:05:
42:da:55:9a:2d:d0:b2:6e:2f:af:10:cc:0a:d0:7f:
a4:97:9e:c7:47:5e:9d:c7:db:3c:58:ea:43:2f:c5:
08:1e:9f:5b:74:df:04:4a:e7:21:83:53:c0:64:e2:
60:c0:a8:3e:74:a7:eb:f3:53:eb:a4:a7:8f:7f:cb:
40:fd:38:e8:f2:9f:a9:50:f5:68:bf:e6:34:ec:b5:
e3:eb:02:ad:6c:e6:c8:1d:e8:94:b5:6c:cb:97:05:
f5:23:ca:eb:b0:7f:c0:c4:d2:ab:3a:21:28:76:f3:
07:56:59:ce:05:d4:74:51:4d:df:18:69:8e:ec:d3:
cd:d2:e0:35:57:b1:19:52:d4:0b:68:64:3c:be:c3:
bf:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8A:1B:E5:3A:36:EF:87:C0:8D:E8:6A:D0:0C:0C:1A:BD:D4:12:A7
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/hIob5To274fAjehq0AwMGr3UEqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10::/48
Signature Algorithm: sha256WithRSAEncryption
68:5a:de:b7:41:c5:25:13:cb:22:99:6b:d2:64:86:a3:61:b0:
b4:4b:6b:07:d5:92:1c:b2:9a:9f:90:66:a8:55:cb:89:da:2e:
31:af:f8:0e:c4:a7:41:58:74:16:39:8a:c4:ec:6e:21:ba:78:
54:5c:92:33:3e:18:30:9b:5b:f2:e3:a4:0c:98:63:8e:01:e9:
b5:95:78:f4:9f:82:98:a7:e0:6c:1d:d7:3d:2e:d9:fd:c0:0f:
8b:44:60:6b:f7:70:b2:8c:28:a5:2a:14:c7:11:67:18:bc:b3:
ec:d4:1a:33:bc:9b:5d:87:63:3f:95:f1:05:98:cf:4d:95:19:
c8:84:2e:d3:43:a0:16:59:a4:99:1d:7d:07:1b:33:8c:cd:b2:
47:63:6e:06:42:77:ba:e9:d3:e3:d7:4d:f0:2b:6a:62:7e:a2:
7d:87:0a:09:44:ab:ca:fd:f4:b4:08:56:fe:61:b2:18:f9:78:
97:f9:68:bb:ae:84:07:90:9d:9b:21:3f:a3:52:f3:0f:9e:22:
c2:4b:7d:20:a5:13:62:4e:a3:bc:79:e3:a9:60:0d:de:5e:5f:
87:c8:97:23:dd:4e:d4:23:84:88:1c:e0:f1:89:39:4d:38:0a:
ba:ab:82:d4:97:da:eb:e0:6f:f4:1f:0f:89:7c:3b:11:45:75:
93:10:40:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZFuRaE3FvDWPBfXOrecbzp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQwODIwMDUzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhhMWJlNTNhMzZlZjg3YzA4ZGU4NmFkMDBjMGMxYWJkZDQxMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrWTNklq3YsFD/SbuILzEDPGABHR
JBjb0Fk4vgJpXsL9lXrCO3/xeTwuN1XxUdaS/Ti7OgLbGcCDK1W9wl1Dumtk4IJs
s2t5DeM+UrvhKU0OpLOTwu6xmbv6zmD1IJEGen1S+OLMYnYbfGeNhStLxuS+pxpi
hwVC2lWaLdCybi+vEMwK0H+kl57HR16dx9s8WOpDL8UIHp9bdN8ESuchg1PAZOJg
wKg+dKfr81PrpKePf8tA/Tjo8p+pUPVov+Y07LXj6wKtbObIHeiUtWzLlwX1I8rr
sH/AxNKrOiEodvMHVlnOBdR0UU3fGGmO7NPN0uA1V7EZUtQLaGQ8vsO/fwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISKG+U6Nu+HwI3oatAMDBq91BKnMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvaElvYjVUbzI3NGZBamVocTBBd01HcjNVRXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHpAQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBoWt63QcUlE8simWvSZIajYbC0S2sH1ZIcspqf
kGaoVcuJ2i4xr/gOxKdBWHQWOYrE7G4hunhUXJIzPhgwm1vy46QMmGOOAem1lXj0
n4KYp+BsHdc9Ltn9wA+LRGBr93CyjCilKhTHEWcYvLPs1BozvJtdh2M/lfEFmM9N
lRnIhC7TQ6AWWaSZHX0HGzOMzbJHY24GQne66dPj103wK2pifqJ9hwoJRKvK/fS0
CFb+YbIY+XiX+Wi7roQHkJ2bIT+jUvMPniLCS30gpRNiTqO8eeOpYA3eXl+HyJcj
3U7UI4SIHODxiTlNOAq6q4LUl9rr4G/0Hw+JfDsRRXWTEECO
-----END CERTIFICATE-----
Generated at Sun Sep 22 09:34:01 2024 by rpki-client on console-fra.rpki-client.org