Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/AyrlrU9FCfjE122RXxJWU6t9VcI.roa
File: AyrlrU9FCfjE122RXxJWU6t9VcI.roa (raw, json)
Hash identifier: fnUCkOcwBrSEYqVKQsy+oDc1CrWILr36yq+YRD87zQU=
Subject key identifier: 03:2A:E5:AD:4F:45:09:F8:C4:D7:6D:91:5F:12:56:53:AB:7D:55:C2
Certificate issuer: /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial: 018CC3490C2EF7D57A31E203CF4D36918199
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/AyrlrU9FCfjE122RXxJWU6t9VcI.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 2001:678:a90::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jun 2024 04:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0c:2e:f7:d5:7a:31:e2:03:cf:4d:36:91:81:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=032ae5ad4f4509f8c4d76d915f125653ab7d55c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:67:e1:1d:f3:e2:c7:fa:45:7b:40:54:99:
a2:ec:9a:25:29:42:b7:34:fd:35:c3:30:af:48:b9:
e9:37:8e:8c:64:ed:b1:7c:cc:a9:6a:21:45:28:b2:
f3:b2:2e:57:4e:4d:cc:56:9f:01:b7:f0:38:34:3e:
12:df:e6:6e:e8:7f:46:8c:75:0d:0b:dd:3f:8a:c0:
53:7d:df:2b:73:28:56:a8:bf:e3:a9:89:15:ad:1e:
6f:e6:65:83:df:49:38:a1:3f:91:3b:92:e5:31:be:
50:81:df:c5:85:dd:24:04:01:cc:5d:3a:f1:cb:9d:
23:0f:06:cb:40:7d:56:1f:44:c7:8f:78:f9:4d:7b:
78:99:97:31:4b:2c:b1:09:2f:d5:b2:0e:a1:fd:27:
0c:ca:68:cd:f4:f8:96:b0:05:f7:c0:74:07:24:a4:
c0:b2:a9:e5:a1:40:45:89:08:67:9d:62:10:10:a1:
47:9a:0a:00:3e:50:6a:58:0e:88:ea:b6:a6:42:f3:
c0:1d:f1:7a:d7:6d:58:54:88:43:75:a4:98:fd:2f:
3f:ba:0a:77:25:e4:23:ae:0f:c6:7f:5b:6a:a9:fd:
51:8f:a5:ec:c6:59:42:2c:e0:71:18:5b:62:31:56:
03:a8:62:ba:f9:71:c7:02:bf:30:a8:d1:64:57:03:
d0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2A:E5:AD:4F:45:09:F8:C4:D7:6D:91:5F:12:56:53:AB:7D:55:C2
X509v3 Authority Key Identifier:
keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/AyrlrU9FCfjE122RXxJWU6t9VcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a90::/48
Signature Algorithm: sha256WithRSAEncryption
78:66:4a:7f:c1:2d:32:0a:88:fb:58:46:42:89:0f:a8:2a:50:
aa:4c:bc:6d:00:31:8b:df:6b:c6:48:ef:da:b9:c9:37:ed:f0:
84:8d:db:13:e0:bd:d3:c0:be:98:28:3a:0d:b2:65:e8:9d:bf:
1d:e6:bc:72:00:b6:09:d6:84:71:b7:6b:9a:0b:00:39:75:2c:
e5:e3:13:79:bf:3c:66:4e:7a:31:a1:12:c1:eb:fd:f3:6e:fd:
b6:d9:35:5e:2c:75:0c:37:52:0f:2f:f9:55:2c:18:be:d5:04:
fc:7d:74:a4:b5:b0:ac:9c:7b:e4:5b:48:3d:78:30:92:ec:49:
d4:d4:ea:5b:0e:a6:0c:59:ee:05:2e:43:91:29:d0:5f:3d:86:
70:62:5c:84:6d:28:78:aa:c9:63:88:16:d5:6e:26:02:53:71:
fb:9f:e8:79:63:a8:d7:9a:af:df:49:c4:48:2e:c3:87:42:6e:
47:da:06:68:f3:92:0c:36:7d:95:85:63:53:51:a5:69:9f:53:
ef:9d:cf:87:ef:05:80:b9:02:11:8b:ed:5c:d1:1d:ae:d1:f9:
86:a7:40:0a:87:7d:ab:ff:a3:2a:6c:22:5e:64:30:d1:85:53:
ca:d1:62:07:2c:c9:8e:cb:90:3c:f3:35:9a:0d:de:ce:52:c4:
88:d6:35:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSQwu99V6MeIDz002kYGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjRlZTg4NTg0ZDZkZmQ5ZTNhYTliYzIwMWM1MGY0NGUz
NTNkOWMwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzJhZTVhZDRmNDUwOWY4YzRkNzZkOTE1ZjEyNTY1M2FiN2Q1NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIZn4R3z4sf6RXtAVJmi7JolKUK3
NP01wzCvSLnpN46MZO2xfMypaiFFKLLzsi5XTk3MVp8Bt/A4ND4S3+Zu6H9GjHUN
C90/isBTfd8rcyhWqL/jqYkVrR5v5mWD30k4oT+RO5LlMb5Qgd/Fhd0kBAHMXTrx
y50jDwbLQH1WH0THj3j5TXt4mZcxSyyxCS/Vsg6h/ScMymjN9PiWsAX3wHQHJKTA
sqnloUBFiQhnnWIQEKFHmgoAPlBqWA6I6ramQvPAHfF6121YVIhDdaSY/S8/ugp3
JeQjrg/Gf1tqqf1Rj6XsxllCLOBxGFtiMVYDqGK6+XHHAr8wqNFkVwPQiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAMq5a1PRQn4xNdtkV8SVlOrfVXCMB8GA1UdIwQY
MBaAFBj07ohYTW39njqpvCAcUPRONT2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMt
MGI5ODg1ODYzZWJmLzEvQXlybHJVOUZDZmpFMTIyUlh4SldVNnQ5VmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMtMGI5ODg1ODYzZWJm
LzEvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB4Zkp/wS0yCoj7WEZCiQ+oKlCqTLxtADGL32vG
SO/auck37fCEjdsT4L3TwL6YKDoNsmXonb8d5rxyALYJ1oRxt2uaCwA5dSzl4xN5
vzxmTnoxoRLB6/3zbv222TVeLHUMN1IPL/lVLBi+1QT8fXSktbCsnHvkW0g9eDCS
7EnU1OpbDqYMWe4FLkORKdBfPYZwYlyEbSh4qsljiBbVbiYCU3H7n+h5Y6jXmq/f
ScRILsOHQm5H2gZo85IMNn2VhWNTUaVpn1Pvnc+H7wWAuQIRi+1c0R2u0fmGp0AK
h32r/6MqbCJeZDDRhVPK0WIHLMmOy5A88zWaDd7OUsSI1jWb
-----END CERTIFICATE-----
Generated at Fri Jun 21 06:43:18 2024 by rpki-client on console-fra.rpki-client.org