Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/XMlTkLhiRjufDldpiL7KfS7mdng.roa
File: XMlTkLhiRjufDldpiL7KfS7mdng.roa (raw, json)
Hash identifier: MBi20hLMGcZK48SnoJok/IWc5zAzS8LHyCGOZ/Ts3mg=
Subject key identifier: 5C:C9:53:90:B8:62:46:3B:9F:0E:57:69:88:BE:CA:7D:2E:E6:76:78
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 018CC3495EFB4490FA93291F1C2E370CC910
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/XMlTkLhiRjufDldpiL7KfS7mdng.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207976
IP address blocks: 2a09:9f47::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 13 Apr 2024 16:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5e:fb:44:90:fa:93:29:1f:1c:2e:37:0c:c9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cc95390b862463b9f0e576988beca7d2ee67678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:93:b3:0a:92:a2:58:ba:fb:1b:0d:e1:e2:0a:
a8:a3:13:d1:ee:60:3f:38:14:bb:8b:37:79:ac:72:
7c:53:29:d7:82:c6:c0:dd:d4:c3:b3:51:28:83:87:
7a:94:a6:c4:e0:dd:5e:c9:b2:54:cf:e2:7e:df:e4:
07:35:cd:d3:9d:6e:2a:5f:94:ce:8b:a2:98:8e:e3:
a5:d1:00:8e:8b:1c:f0:9a:da:ba:3f:04:ef:ba:76:
30:e4:76:12:41:03:8a:7d:83:ec:23:56:a0:c6:71:
20:75:e2:ca:c7:f3:83:78:46:8f:d4:ab:d1:b9:81:
f9:b9:4d:cb:d5:7f:b7:5c:57:f8:b7:7a:01:3b:6b:
67:5f:18:06:e9:d8:8e:12:76:2e:b7:06:e6:7a:3a:
aa:19:2a:e9:44:8e:86:7a:4c:ba:41:74:8e:0d:b5:
29:62:6c:7e:41:4d:d2:16:e1:ff:66:e2:52:5b:d1:
e9:e5:40:1b:89:40:2d:11:43:4b:95:11:e3:6c:ad:
86:e3:58:a2:ed:6a:c2:44:98:02:3f:6d:6a:f0:5b:
12:4b:e5:1f:d2:d7:f7:30:35:09:7f:4a:4a:dd:a1:
1a:bc:5f:3e:4b:5a:c4:82:01:ac:68:18:86:5f:13:
eb:95:48:71:43:6c:3c:8b:96:bb:c8:8f:cf:a2:cc:
14:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C9:53:90:B8:62:46:3B:9F:0E:57:69:88:BE:CA:7D:2E:E6:76:78
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/XMlTkLhiRjufDldpiL7KfS7mdng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9f47::/32
Signature Algorithm: sha256WithRSAEncryption
02:76:25:06:13:b2:05:50:a5:cc:4e:17:c5:8a:1f:86:63:cf:
46:82:87:15:97:a7:76:00:ac:94:c5:fa:db:c4:03:86:5e:9f:
69:a5:82:e1:f2:61:39:b6:a0:7d:95:c7:cf:ba:74:8c:5d:88:
37:2c:80:42:af:5a:8e:5f:ae:5d:fd:96:88:1e:90:20:cd:3b:
71:57:67:cc:c4:48:e2:79:2d:de:07:ca:e2:41:b8:d5:ac:be:
0f:43:9e:75:1d:fc:ee:55:b8:48:61:34:46:bb:67:14:f5:b1:
ad:e9:f5:e6:79:8a:62:0e:50:0a:be:cf:d7:60:7f:35:d5:18:
ca:0f:2b:e1:28:31:84:a0:46:d5:0a:9b:6a:3b:77:94:a7:95:
40:ff:b2:3a:a3:b8:4e:39:e6:2f:b8:c0:a6:30:19:3e:ac:cc:
3c:0b:85:43:47:39:7d:41:6a:fc:97:c2:a4:9c:b2:4b:05:34:
fb:24:09:69:04:13:d8:3c:13:49:05:19:bc:0e:53:4c:22:4d:
ca:f3:bf:8a:9d:0f:cb:0a:a5:a4:ae:2f:18:92:27:28:4d:52:
d1:19:35:1f:d7:79:fb:3b:23:bc:93:95:cb:79:71:09:0a:74:
c2:48:c8:4f:f9:cc:49:ff:99:d6:bd:ee:9e:9d:e7:81:da:98:
30:6b:28:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSV77RJD6kykfHC43DMkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M5NTM5MGI4NjI0NjNiOWYwZTU3Njk4OGJlY2E3ZDJlZTY3Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJOzCpKiWLr7Gw3h4gqooxPR7mA/
OBS7izd5rHJ8UynXgsbA3dTDs1Eog4d6lKbE4N1eybJUz+J+3+QHNc3TnW4qX5TO
i6KYjuOl0QCOixzwmtq6PwTvunYw5HYSQQOKfYPsI1agxnEgdeLKx/ODeEaP1KvR
uYH5uU3L1X+3XFf4t3oBO2tnXxgG6diOEnYutwbmejqqGSrpRI6Geky6QXSODbUp
Ymx+QU3SFuH/ZuJSW9Hp5UAbiUAtEUNLlRHjbK2G41ii7WrCRJgCP21q8FsSS+Uf
0tf3MDUJf0pK3aEavF8+S1rEggGsaBiGXxPrlUhxQ2w8i5a7yI/PoswURwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFzJU5C4YkY7nw5XaYi+yn0u5nZ4MB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvWE1sVGtMaGlSanVmRGxkcGlMN0tmUzdtZG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmfRzAN
BgkqhkiG9w0BAQsFAAOCAQEAAnYlBhOyBVClzE4XxYofhmPPRoKHFZendgCslMX6
28QDhl6faaWC4fJhObagfZXHz7p0jF2INyyAQq9ajl+uXf2WiB6QIM07cVdnzMRI
4nkt3gfK4kG41ay+D0OedR387lW4SGE0RrtnFPWxren15nmKYg5QCr7P12B/NdUY
yg8r4SgxhKBG1Qqbajt3lKeVQP+yOqO4TjnmL7jApjAZPqzMPAuFQ0c5fUFq/JfC
pJyySwU0+yQJaQQT2DwTSQUZvA5TTCJNyvO/ip0PywqlpK4vGJInKE1S0Rk1H9d5
+zsjvJOVy3lxCQp0wkjIT/nMSf+Z1r3unp3ngdqYMGsoMQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 19:10:14 2024 by rpki-client on console.sobornost.net