Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/wtWU8PPYhVVS-KWGc0U5sxEOdzU.roa
File: wtWU8PPYhVVS-KWGc0U5sxEOdzU.roa (raw, json)
Hash identifier: v7ILdbqkB1dUqHSogGgS66ChEUNtmTyr0rBVfUfskEs=
Subject key identifier: C2:D5:94:F0:F3:D8:85:55:52:F8:A5:86:73:45:39:B3:11:0E:77:35
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0192ADD47DA94AD1605A69C3AD395BCAE870
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/wtWU8PPYhVVS-KWGc0U5sxEOdzU.roa
Signing time: Mon 21 Oct 2024 06:47:17 +0000
ROA not before: Mon 21 Oct 2024 06:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13647
IP address blocks: 2a00:bc80::/32 maxlen: 32
2a0d:4240::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 08:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ad:d4:7d:a9:4a:d1:60:5a:69:c3:ad:39:5b:ca:e8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Oct 21 06:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2d594f0f3d8855552f8a586734539b3110e7735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5e:e2:5b:bb:42:4e:87:1c:ca:05:b9:dc:aa:
69:e3:77:8d:cd:a3:d8:39:f1:16:22:3d:42:34:08:
ea:69:42:0b:08:65:87:19:6d:14:1f:36:4d:29:9e:
05:64:79:50:83:ca:59:f4:0d:78:a6:1a:8c:72:44:
b0:bf:74:8f:bc:4c:13:5a:60:19:d4:0d:58:f9:ad:
04:de:20:2e:3d:85:40:38:da:af:5b:31:fe:34:9e:
b0:8e:0b:5e:d9:10:d0:1a:8d:ab:25:df:d8:f0:3b:
f0:08:92:f5:b5:57:c5:03:77:4f:fc:cd:5d:52:03:
6b:ad:57:7a:cc:0b:f7:42:23:17:eb:77:ec:92:47:
fe:e8:64:fc:a5:8e:b9:43:c8:50:87:77:b1:bb:65:
b2:9a:bb:6c:46:ef:61:9f:0d:90:5c:d2:6b:57:3c:
78:62:f2:3f:e7:ab:4d:69:21:93:97:09:3d:b0:02:
dd:0d:be:e8:aa:dc:ec:6f:fc:f1:79:5f:45:ac:cf:
25:28:97:57:00:69:40:85:4d:a6:ed:7a:d3:31:2f:
aa:5b:0d:a6:24:71:7d:f3:cc:a7:91:34:9d:45:f6:
11:0f:54:cc:f1:a2:d1:c3:ab:97:d4:b8:38:40:4f:
78:44:bc:a2:8e:7f:57:fc:66:99:7b:f6:8c:c9:06:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D5:94:F0:F3:D8:85:55:52:F8:A5:86:73:45:39:B3:11:0E:77:35
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/wtWU8PPYhVVS-KWGc0U5sxEOdzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:bc80::/32
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
70:71:9d:78:36:2c:57:2a:24:e0:31:0e:13:49:6f:c0:b2:b4:
84:ee:7d:24:5b:a1:22:1e:b9:02:5e:3c:7d:cf:61:23:53:24:
24:78:ce:0d:f8:38:1c:af:1b:c2:64:bb:2f:03:2d:46:bf:b6:
26:6d:e0:62:45:32:82:67:48:54:f8:78:8e:e3:57:03:b0:c6:
1d:57:2d:08:46:76:40:da:d7:03:24:47:71:b2:55:db:6e:17:
8d:e1:c3:09:35:22:08:dd:85:33:aa:62:88:c5:86:d0:01:4b:
c1:fc:11:34:0c:0a:6b:e3:83:ff:77:8c:33:79:9e:be:6f:74:
aa:e5:82:f7:f5:0e:99:64:7c:13:d3:b6:8e:89:ea:72:ed:79:
5d:c0:56:fc:c1:30:c9:e6:1a:af:ec:5d:1e:fb:ae:9c:c2:8d:
eb:e8:6f:1a:ef:f6:48:52:cb:29:f9:44:00:19:7a:c6:74:d7:
f0:bc:73:60:2a:be:67:b5:f4:5d:70:0b:93:14:53:f5:df:d8:
05:fb:75:d0:33:a8:44:ed:67:d9:05:be:0c:b4:44:4b:d8:54:
17:3e:d5:fd:68:ca:80:e7:d7:12:ed:a5:77:2c:1e:86:48:2d:
21:3a:24:d6:b1:f7:22:71:cb:17:fe:19:67:e4:7e:db:7a:0d:
02:23:ac:16
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZKt1H2pStFgWmnDrTlbyuhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQxMDIxMDY0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ1OTRmMGYzZDg4NTU1NTJmOGE1ODY3MzQ1MzliMzExMGU3NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l7iW7tCToccygW53Kpp43eNzaPY
OfEWIj1CNAjqaUILCGWHGW0UHzZNKZ4FZHlQg8pZ9A14phqMckSwv3SPvEwTWmAZ
1A1Y+a0E3iAuPYVAONqvWzH+NJ6wjgte2RDQGo2rJd/Y8DvwCJL1tVfFA3dP/M1d
UgNrrVd6zAv3QiMX63fskkf+6GT8pY65Q8hQh3exu2WymrtsRu9hnw2QXNJrVzx4
YvI/56tNaSGTlwk9sALdDb7oqtzsb/zxeV9FrM8lKJdXAGlAhU2m7XrTMS+qWw2m
JHF988ynkTSdRfYRD1TM8aLRw6uX1Lg4QE94RLyijn9X/GaZe/aMyQYVWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMLVlPDz2IVVUvilhnNFObMRDnc1MB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvd3RXVThQUFloVlZTLUtXR2MwVTVzeEVPZHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgC8gAMF
AyoNQkAwDQYJKoZIhvcNAQELBQADggEBAHBxnXg2LFcqJOAxDhNJb8CytITufSRb
oSIeuQJePH3PYSNTJCR4zg34OByvG8Jkuy8DLUa/tiZt4GJFMoJnSFT4eI7jVwOw
xh1XLQhGdkDa1wMkR3GyVdtuF43hwwk1IgjdhTOqYojFhtABS8H8ETQMCmvjg/93
jDN5nr5vdKrlgvf1DplkfBPTto6J6nLteV3AVvzBMMnmGq/sXR77rpzCjevobxrv
9khSyyn5RAAZesZ01/C8c2Aqvme19F1wC5MUU/Xf2AX7ddAzqETtZ9kFvgy0REvY
VBc+1f1oyoDn1xLtpXcsHoZILSE6JNax9yJxyxf+GWfkftt6DQIjrBY=
-----END CERTIFICATE-----
Generated at Mon Oct 21 11:47:02 2024 by rpki-client on console-fra.rpki-client.org