Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XN1-Ruud-9zW106I1RdLjJEfaBI.roa
File: XN1-Ruud-9zW106I1RdLjJEfaBI.roa (raw, json)
Hash identifier: RaixNg7z0Jy7HH50aG4UlmnX72YlTf2jopZNy6PRnjs=
Subject key identifier: 5C:DD:7E:46:EB:9D:FB:DC:D6:D7:4E:88:D5:17:4B:8C:91:1F:68:12
Certificate issuer: /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial: 01927DD177470EE8EDEDA4D5F0BF53C76FC7
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XN1-Ruud-9zW106I1RdLjJEfaBI.roa
Signing time: Fri 11 Oct 2024 23:02:12 +0000
ROA not before: Fri 11 Oct 2024 23:02:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0c:7b83::/32 maxlen: 32
2a0c:7b87::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:d1:77:47:0e:e8:ed:ed:a4:d5:f0:bf:53:c7:6f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Validity
Not Before: Oct 11 23:02:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cdd7e46eb9dfbdcd6d74e88d5174b8c911f6812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:c5:04:63:26:89:da:d7:3c:9b:a4:2e:47:
ae:7b:d9:eb:46:c7:e8:01:d0:22:63:25:c9:34:a0:
fd:e3:85:5a:8e:b1:9c:36:2c:70:a6:18:64:54:4f:
a7:c9:49:f8:7a:66:dd:5c:d7:23:b9:48:47:10:3c:
52:db:d7:71:5c:5f:5c:8f:7c:e3:33:59:76:b4:db:
bd:66:c3:3b:5b:3d:fd:70:7b:c0:ba:dc:09:e0:3a:
30:9c:45:fa:d0:d1:e6:2d:52:23:2d:e1:b0:3a:a5:
a2:48:5c:56:ae:e2:24:d9:cf:d3:09:d9:dd:98:ac:
a1:d2:73:34:9c:76:ac:76:4c:ac:ac:7a:8c:f7:d3:
74:09:ab:90:59:e0:26:17:2f:ea:cf:9c:4b:b9:b6:
11:73:92:34:74:e3:79:16:27:05:d5:39:d7:e1:5c:
67:cb:4b:b7:2c:0e:0d:e7:59:da:2d:91:41:5c:da:
39:9a:33:60:a1:14:f1:6f:cd:b9:6a:22:54:91:f1:
37:6b:2e:31:26:44:d0:75:ef:b8:b0:ac:54:2b:4c:
08:d7:f3:71:84:76:ae:ae:f8:51:fc:2b:00:6f:42:
c0:1a:19:cc:c1:83:7f:4d:90:e9:03:1f:47:64:99:
fd:d3:70:d6:a6:66:33:97:cf:80:1d:2d:2e:b7:d6:
72:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DD:7E:46:EB:9D:FB:DC:D6:D7:4E:88:D5:17:4B:8C:91:1F:68:12
X509v3 Authority Key Identifier:
keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/XN1-Ruud-9zW106I1RdLjJEfaBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7b83::/32
2a0c:7b87::/32
Signature Algorithm: sha256WithRSAEncryption
1b:1b:bd:5f:8b:b5:05:39:19:9c:9a:12:bd:c1:5b:53:26:be:
3f:f2:94:3f:7c:fc:b2:7a:a6:38:d2:b1:ba:bd:11:37:d2:4d:
1b:6d:cc:b0:f4:b4:9d:e6:48:41:a8:b3:72:6c:82:2b:c6:f6:
b5:47:ed:b2:ab:6b:2f:e8:ca:5b:dc:01:29:cd:35:bf:a9:b5:
61:8f:03:a1:84:48:25:91:2b:4e:02:52:bd:de:84:ea:f1:52:
f7:11:1a:a1:22:c4:2b:a4:24:74:96:cb:ce:07:8a:b3:81:8c:
56:21:50:62:9f:92:27:48:f1:22:95:66:5c:91:02:88:29:16:
bd:23:ff:59:7d:e8:5b:b0:78:3b:c5:d9:70:01:06:f7:3e:df:
69:93:77:58:2c:10:83:a8:72:0f:39:54:29:55:52:f5:47:96:
3b:c0:b4:a7:c4:4a:08:d9:56:d4:53:dc:3a:f8:3e:1b:e4:de:
19:11:e9:d6:03:a4:9e:02:69:2e:6c:bb:41:7c:2e:4d:0f:db:
9f:fd:16:0d:13:7a:39:ae:f8:83:09:61:c2:f2:fa:2b:ad:09:
f1:37:de:0a:04:7c:fb:d7:e3:96:80:2a:88:46:53:ce:e8:f4:
67:4f:18:bf:9c:33:cc:9a:3f:7b:7f:87:d9:1b:58:42:9e:ff:
aa:89:cc:5b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ90XdHDujt7aTV8L9Tx2/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjQxMDExMjMwMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RkN2U0NmViOWRmYmRjZDZkNzRlODhkNTE3NGI4YzkxMWY2ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mvFBGMmidrXPJukLkeue9nrRsfo
AdAiYyXJNKD944VajrGcNixwphhkVE+nyUn4embdXNcjuUhHEDxS29dxXF9cj3zj
M1l2tNu9ZsM7Wz39cHvAutwJ4DownEX60NHmLVIjLeGwOqWiSFxWruIk2c/TCdnd
mKyh0nM0nHasdkysrHqM99N0CauQWeAmFy/qz5xLubYRc5I0dON5FicF1TnX4Vxn
y0u3LA4N51naLZFBXNo5mjNgoRTxb825aiJUkfE3ay4xJkTQde+4sKxUK0wI1/Nx
hHaurvhR/CsAb0LAGhnMwYN/TZDpAx9HZJn903DWpmYzl8+AHS0ut9ZySQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFzdfkbrnfvc1tdOiNUXS4yRH2gSMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvWE4xLVJ1dWQtOXpXMTA2STFSZExqSkVmYUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgx7gwMF
ACoMe4cwDQYJKoZIhvcNAQELBQADggEBABsbvV+LtQU5GZyaEr3BW1Mmvj/ylD98
/LJ6pjjSsbq9ETfSTRttzLD0tJ3mSEGos3JsgivG9rVH7bKray/oylvcASnNNb+p
tWGPA6GESCWRK04CUr3ehOrxUvcRGqEixCukJHSWy84HirOBjFYhUGKfkidI8SKV
ZlyRAogpFr0j/1l96FuweDvF2XABBvc+32mTd1gsEIOocg85VClVUvVHljvAtKfE
SgjZVtRT3Dr4Phvk3hkR6dYDpJ4CaS5su0F8Lk0P25/9Fg0Tejmu+IMJYcLy+iut
CfE33goEfPvX45aAKohGU87o9GdPGL+cM8yaP3t/h9kbWEKe/6qJzFs=
-----END CERTIFICATE-----
Generated at Fri Oct 25 13:41:49 2024 by rpki-client on console-fra.rpki-client.org