Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/EIOqO6i0-JpoouTYNpU2cZv_w5Y.roa
File: EIOqO6i0-JpoouTYNpU2cZv_w5Y.roa (raw, json)
Hash identifier: RPMGg9+I+30o8R+3Qn9cp79U2rguGE+TRi6n/eMv0gk=
Subject key identifier: 10:83:AA:3B:A8:B4:F8:9A:68:A2:E4:D8:36:95:36:71:9B:FF:C3:96
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CC2DB005D3ED2BEEA98F0B256F26AE64A
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/EIOqO6i0-JpoouTYNpU2cZv_w5Y.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205413
IP address blocks: 2a0f:5707:caca::/48 maxlen: 48
2a0f:5707:ca00::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 14:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:00:5d:3e:d2:be:ea:98:f0:b2:56:f2:6a:e6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1083aa3ba8b4f89a68a2e4d8369536719bffc396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:44:59:71:36:f2:03:74:4e:3b:fa:75:5e:3c:
b6:7a:e3:6a:5f:21:5e:7b:21:4f:ed:3a:a7:b2:55:
95:09:4b:a0:b4:b9:ed:ab:f4:0e:e6:76:59:3c:7a:
f5:5d:3c:d5:e8:db:37:a4:b6:01:5a:fc:ab:ab:ba:
9e:4e:fd:c5:62:30:b1:5a:d9:d8:ec:6d:fe:92:bb:
4c:29:6e:a2:0a:5c:45:03:32:a5:b9:3a:87:07:f1:
b8:aa:f2:cc:b9:26:63:20:29:9e:7b:6e:d3:6a:a4:
b7:5c:31:18:1e:fe:72:1b:90:3f:d4:e8:25:62:be:
14:ff:c3:6a:20:1b:c8:af:2f:a1:70:e4:6d:7f:8c:
2e:eb:55:f7:aa:30:b0:f1:0f:83:34:29:77:7a:a1:
56:22:9f:f2:e5:ae:c7:e4:55:f4:cd:4f:ac:fe:b8:
f1:65:ae:07:69:ad:96:88:4a:cc:25:67:48:12:35:
53:a7:bf:5e:70:7c:96:3d:10:03:71:a8:40:ac:50:
09:be:64:a0:b7:f8:83:94:7e:32:95:28:27:21:66:
74:74:81:1d:45:73:ad:1f:8e:b2:3b:df:24:79:d1:
c5:6c:b4:f4:1d:43:0a:ac:70:30:bf:e8:87:2a:b6:
2d:cb:48:31:a1:07:b7:06:d3:f3:78:81:49:7c:07:
fc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:83:AA:3B:A8:B4:F8:9A:68:A2:E4:D8:36:95:36:71:9B:FF:C3:96
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/EIOqO6i0-JpoouTYNpU2cZv_w5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ca00::/44
2a0f:5707:caca::/48
Signature Algorithm: sha256WithRSAEncryption
91:69:b4:be:a6:16:f8:f3:bf:ef:c3:7b:a1:41:9c:c4:70:7d:
5b:ef:5b:43:05:c0:f4:67:3e:01:6a:7e:cf:20:73:35:0b:f4:
82:a4:64:29:eb:ac:8d:f8:63:59:5f:33:b8:48:38:af:e2:c1:
9d:15:98:0f:6f:c1:58:41:8f:64:17:92:39:94:b7:b0:e0:dc:
a4:a2:91:60:32:82:64:66:a5:47:91:c5:8e:89:ed:e6:d8:64:
80:e0:4e:e6:af:93:e8:7f:d5:7c:e7:f5:01:fe:35:a2:46:16:
3d:48:44:f1:58:39:ff:bd:f8:94:4a:04:63:4a:94:d7:d8:6f:
bb:3b:38:66:f7:60:7c:55:b3:08:c4:a2:f2:7e:67:97:f7:0d:
b3:b3:2f:7f:23:23:8b:d2:1e:5a:71:1f:ce:95:aa:b4:52:fd:
17:9b:ee:51:aa:2f:0d:14:0e:96:11:25:3f:d2:7f:7a:53:db:
dc:dd:d7:bc:66:3a:65:05:3a:5a:ae:af:0d:9c:c2:e7:f1:39:
7e:44:b6:a1:76:bc:49:a7:12:91:7f:42:32:8f:8f:c0:1d:fd:
e2:69:65:3c:6b:27:39:aa:cf:7a:b0:3a:12:3a:ac:1c:23:26:
3e:43:09:c6:27:b0:ab:aa:5a:88:e8:74:01:0e:5d:41:3c:41:
20:dd:21:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2wBdPtK+6pjwslbyauZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgzYWEzYmE4YjRmODlhNjhhMmU0ZDgzNjk1MzY3MTliZmZjMzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0RZcTbyA3ROO/p1Xjy2euNqXyFe
eyFP7TqnslWVCUugtLntq/QO5nZZPHr1XTzV6Ns3pLYBWvyrq7qeTv3FYjCxWtnY
7G3+krtMKW6iClxFAzKluTqHB/G4qvLMuSZjICmee27TaqS3XDEYHv5yG5A/1Ogl
Yr4U/8NqIBvIry+hcORtf4wu61X3qjCw8Q+DNCl3eqFWIp/y5a7H5FX0zU+s/rjx
Za4Haa2WiErMJWdIEjVTp79ecHyWPRADcahArFAJvmSgt/iDlH4ylSgnIWZ0dIEd
RXOtH46yO98kedHFbLT0HUMKrHAwv+iHKrYty0gxoQe3BtPzeIFJfAf8owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBCDqjuotPiaaKLk2DaVNnGb/8OWMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvRUlPcU82aTAtSnBvb3VUWU5wVTJjWnZfdzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg9XB8oA
AwcAKg9XB8rKMA0GCSqGSIb3DQEBCwUAA4IBAQCRabS+phb487/vw3uhQZzEcH1b
71tDBcD0Zz4Ban7PIHM1C/SCpGQp66yN+GNZXzO4SDiv4sGdFZgPb8FYQY9kF5I5
lLew4NykopFgMoJkZqVHkcWOie3m2GSA4E7mr5Pof9V85/UB/jWiRhY9SETxWDn/
vfiUSgRjSpTX2G+7Ozhm92B8VbMIxKLyfmeX9w2zsy9/IyOL0h5acR/Olaq0Uv0X
m+5Rqi8NFA6WESU/0n96U9vc3de8ZjplBTparq8NnMLn8Tl+RLahdrxJpxKRf0Iy
j4/AHf3iaWU8ayc5qs96sDoSOqwcIyY+QwnGJ7CrqlqI6HQBDl1BPEEg3SFQ
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:32 2024 by rpki-client on console-ams.rpki-client.org