Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/9KbsrgCKUXweCbFIt_esgRlohSo.roa
File: 9KbsrgCKUXweCbFIt_esgRlohSo.roa (raw, json)
Hash identifier: muuVl/KFbT5p0b9l3d+cDITcwDQhlxO31QimBkO+Sss=
Subject key identifier: F4:A6:EC:AE:00:8A:51:7C:1E:09:B1:48:B7:F7:AC:81:19:68:85:2A
Certificate issuer: /CN=4f6148965f7affeb58609615e6ad4e3eea8cebca
Certificate serial: 018DF5801501C50E75F7AC3F319FCBEF7B04
Authority key identifier: 4F:61:48:96:5F:7A:FF:EB:58:60:96:15:E6:AD:4E:3E:EA:8C:EB:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T2FIll96_-tYYJYV5q1OPuqM68o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/9KbsrgCKUXweCbFIt_esgRlohSo.roa
Signing time: Thu 29 Feb 2024 15:33:48 +0000
ROA not before: Thu 29 Feb 2024 15:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215404
IP address blocks: 2a14:dc0:100::/40 maxlen: 48
2a14:dc0:1337::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Mar 2024 16:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:80:15:01:c5:0e:75:f7:ac:3f:31:9f:cb:ef:7b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f6148965f7affeb58609615e6ad4e3eea8cebca
Validity
Not Before: Feb 29 15:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4a6ecae008a517c1e09b148b7f7ac811968852a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:94:a5:cc:d0:eb:97:d9:d6:9c:64:65:43:17:
6a:bc:24:9b:18:ec:52:b9:b7:96:59:56:03:64:5b:
0e:f9:8a:84:e8:ef:a0:01:ce:41:44:ad:6c:6f:1d:
72:80:31:bd:6b:02:d9:cd:e6:c0:b8:89:b5:79:b2:
4f:36:40:1e:b2:df:8e:42:49:46:dd:ef:30:6c:e6:
36:98:5b:e2:ca:56:f8:10:e4:c5:43:36:25:59:f2:
51:02:af:a6:ac:79:a0:b8:1e:bc:05:f1:6e:18:19:
a7:59:89:53:b9:7e:b6:f5:cd:f0:36:27:7d:f3:38:
71:01:35:27:8a:c8:6c:c7:31:1b:01:b1:f0:81:d7:
5a:33:90:c6:f1:39:78:a4:b1:a9:ee:d5:d1:13:9a:
69:da:40:9f:1e:47:c1:94:19:22:ad:dd:f5:21:1e:
e2:94:8c:ca:da:6b:77:6f:0a:83:ed:c5:31:b9:09:
4c:68:d1:c2:47:0d:5d:c6:37:9d:e9:5e:7a:3f:b4:
fd:c6:ea:f9:51:5f:df:ea:6f:b0:e7:3b:90:59:32:
60:b2:ed:05:af:5b:4d:27:10:aa:64:0a:81:53:b0:
75:6a:5c:0d:21:93:6f:63:62:7b:08:33:e9:92:41:
1e:de:35:52:ac:9f:97:01:74:2d:dd:a8:1c:73:46:
a0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A6:EC:AE:00:8A:51:7C:1E:09:B1:48:B7:F7:AC:81:19:68:85:2A
X509v3 Authority Key Identifier:
keyid:4F:61:48:96:5F:7A:FF:EB:58:60:96:15:E6:AD:4E:3E:EA:8C:EB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2FIll96_-tYYJYV5q1OPuqM68o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/9KbsrgCKUXweCbFIt_esgRlohSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/a135b2-791e-41da-afd7-da1c4175802b/1/T2FIll96_-tYYJYV5q1OPuqM68o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:dc0:100::/40
2a14:dc0:1337::/48
Signature Algorithm: sha256WithRSAEncryption
30:5a:18:84:58:f5:7c:2e:c0:1a:18:2b:cc:fd:6f:4f:aa:4e:
ee:e6:32:47:10:fa:f2:1d:44:03:d6:e6:dc:b1:27:e9:11:8d:
35:c1:3e:6b:55:d0:97:b0:09:f0:9e:75:ac:5f:20:11:39:46:
af:bf:ee:10:74:91:ce:9c:c4:8f:0c:b5:f7:2c:a9:a6:a0:87:
2b:07:cb:55:a4:3c:dd:c7:0b:dd:d2:f3:22:97:81:e2:eb:de:
89:23:19:3a:d3:7d:0b:07:2c:e4:da:6d:9f:6c:41:58:30:8a:
54:40:82:13:ec:ad:9f:cb:56:57:36:0a:46:35:5e:9d:0f:5e:
ba:47:21:c0:52:57:f0:9e:d2:e4:c2:57:34:27:08:c5:17:9b:
6e:1e:36:e4:b6:92:00:1d:8e:05:9a:89:b9:84:4b:83:d5:0f:
cd:80:9f:df:2a:75:8c:c2:88:45:ee:68:9b:49:bf:09:47:eb:
bc:b0:38:67:72:21:a9:b6:66:c2:72:9f:fd:1c:68:0c:e2:95:
c2:9b:81:50:a6:de:7d:28:50:a3:98:b5:a7:4c:eb:4c:3d:5a:
a4:3f:cc:44:90:0b:c9:d7:b7:25:e2:56:e1:24:3a:07:09:3d:
c4:09:53:49:36:48:38:88:1e:e4:81:0d:9f:a1:c1:bf:e4:a2:
55:cb:f6:89
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY31gBUBxQ5196w/MZ/L73sEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjE0ODk2NWY3YWZmZWI1ODYwOTYxNWU2YWQ0ZTNlZWE4
Y2ViY2EwHhcNMjQwMjI5MTUzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE2ZWNhZTAwOGE1MTdjMWUwOWIxNDhiN2Y3YWM4MTE5Njg4NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZSlzNDrl9nWnGRlQxdqvCSbGOxS
ubeWWVYDZFsO+YqE6O+gAc5BRK1sbx1ygDG9awLZzebAuIm1ebJPNkAest+OQklG
3e8wbOY2mFviylb4EOTFQzYlWfJRAq+mrHmguB68BfFuGBmnWYlTuX629c3wNid9
8zhxATUnishsxzEbAbHwgddaM5DG8Tl4pLGp7tXRE5pp2kCfHkfBlBkird31IR7i
lIzK2mt3bwqD7cUxuQlMaNHCRw1dxjed6V56P7T9xur5UV/f6m+w5zuQWTJgsu0F
r1tNJxCqZAqBU7B1alwNIZNvY2J7CDPpkkEe3jVSrJ+XAXQt3agcc0agGQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPSm7K4AilF8HgmxSLf3rIEZaIUqMB8GA1UdIwQY
MBaAFE9hSJZfev/rWGCWFeatTj7qjOvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJGSWxsOTZfLXRZWUpZVjVxMU9QdXFNNjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hMTM1YjItNzkxZS00MWRhLWFmZDct
ZGExYzQxNzU4MDJiLzEvOUtic3JnQ0tVWHdlQ2JGSXRfZXNnUmxvaFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hMTM1YjItNzkxZS00MWRhLWFmZDctZGExYzQxNzU4MDJi
LzEvVDJGSWxsOTZfLXRZWUpZVjVxMU9QdXFNNjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhQNwAED
BwAqFA3AEzcwDQYJKoZIhvcNAQELBQADggEBADBaGIRY9XwuwBoYK8z9b0+qTu7m
MkcQ+vIdRAPW5tyxJ+kRjTXBPmtV0JewCfCedaxfIBE5Rq+/7hB0kc6cxI8Mtfcs
qaaghysHy1WkPN3HC93S8yKXgeLr3okjGTrTfQsHLOTabZ9sQVgwilRAghPsrZ/L
Vlc2CkY1Xp0PXrpHIcBSV/Ce0uTCVzQnCMUXm24eNuS2kgAdjgWaibmES4PVD82A
n98qdYzCiEXuaJtJvwlH67ywOGdyIam2ZsJyn/0caAzilcKbgVCm3n0oUKOYtadM
60w9WqQ/zESQC8nXtyXiVuEkOgcJPcQJU0k2SDiIHuSBDZ+hwb/kolXL9ok=
-----END CERTIFICATE-----
Generated at Mon Mar 11 20:24:03 2024 by rpki-client on console-fra.rpki-client.org