Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/0Hhtl2m1RhVZ9DQ_lqVJjj0miNo.roa
File: 0Hhtl2m1RhVZ9DQ_lqVJjj0miNo.roa (raw, json)
Hash identifier: HU+XJ8E2eZAfh9c0jvvfKD4/IBv0LaTuuolAN9Ng2c8=
Subject key identifier: D0:78:6D:97:69:B5:46:15:59:F4:34:3F:96:A5:49:8E:3D:26:88:DA
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 018CC5002AA5901BFCED7A5484508299B32B
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/0Hhtl2m1RhVZ9DQ_lqVJjj0miNo.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212580
IP address blocks: 2a11:e487:1::/48 maxlen: 48
2a11:e487:fc01::/48 maxlen: 48
2a11:e487:2::/48 maxlen: 48
2a11:e487:beef::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 20:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2a:a5:90:1b:fc:ed:7a:54:84:50:82:99:b3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0786d9769b5461559f4343f96a5498e3d2688da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:7a:99:5f:6f:2a:3a:72:ea:88:33:0a:c0:
aa:60:eb:c5:d0:17:dd:e0:28:29:93:ed:67:cb:43:
17:df:b5:71:de:f8:9d:c1:87:9e:93:fd:3d:b9:68:
8d:92:d6:99:87:9b:55:19:69:40:5d:02:33:0a:e4:
97:46:43:e1:f5:68:da:4f:2a:96:ee:03:b9:5b:87:
0d:67:dd:b9:78:f3:19:f0:df:10:16:0f:6d:b7:12:
58:4f:2b:62:ae:6c:eb:cf:76:b1:f9:06:0e:09:1f:
04:34:c2:f4:b2:fe:e0:46:f3:d8:5b:7b:a2:2f:e4:
68:a8:4c:21:f6:1b:c9:c7:fb:8f:1d:5e:9c:fb:ae:
7f:50:fb:6a:aa:14:9b:86:0d:43:6a:4b:e6:a4:f6:
c2:57:ae:a0:98:f3:b7:a0:ff:57:cf:86:74:46:71:
7c:3f:f7:8b:6a:8e:46:5e:d6:f0:8f:81:ab:15:33:
c0:af:00:b4:2a:43:b4:fc:27:41:84:cb:e1:96:2b:
9c:a8:60:f8:de:c1:b7:4d:76:f9:16:2a:55:24:54:
b5:3d:fe:69:94:e2:fc:7f:10:2a:64:9f:8d:7b:7d:
06:bf:0b:77:cd:ab:6a:df:f9:bd:ab:11:cf:e8:50:
17:a5:93:c7:83:14:c5:78:bb:0b:20:8f:fe:6a:c5:
88:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:78:6D:97:69:B5:46:15:59:F4:34:3F:96:A5:49:8E:3D:26:88:DA
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/0Hhtl2m1RhVZ9DQ_lqVJjj0miNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e487:1::-2a11:e487:2:ffff:ffff:ffff:ffff:ffff
2a11:e487:beef::/48
2a11:e487:fc01::/48
Signature Algorithm: sha256WithRSAEncryption
40:d7:5a:97:f0:68:32:a7:e7:46:24:f9:61:0a:4b:69:b8:61:
cf:3d:83:d7:3c:d0:f5:54:3b:71:64:21:95:a7:1d:fd:ce:86:
10:d1:f6:b7:bb:9f:17:ff:db:70:7a:f2:8e:ab:fe:b0:18:d0:
8c:eb:3f:78:cb:6f:42:28:69:77:ce:a0:36:49:3f:d3:99:6e:
1d:0d:68:ef:b7:f7:93:9c:f1:e6:1b:76:92:42:96:67:f7:fe:
03:f8:29:25:72:2b:a2:b5:eb:27:cd:e0:42:f0:0c:40:4b:b1:
74:53:9e:7d:ce:9e:d7:7c:d8:f4:c3:c7:7d:bd:81:ea:27:b9:
71:04:5b:25:f6:8b:d9:55:d5:a8:74:8d:19:2c:42:d9:66:1b:
54:9c:0c:a2:4c:40:48:c1:0d:82:f7:0c:03:51:74:b8:e4:1a:
fd:35:5f:9d:e9:c0:74:68:76:41:fc:37:05:ab:9d:e0:99:33:
16:af:5b:c4:d9:85:11:78:a5:ed:3a:0f:2d:71:70:f4:22:f0:
9d:f6:bd:0e:c0:d6:75:5a:99:cc:cb:0e:d8:fc:fa:30:5c:76:
ee:4b:50:9c:48:0d:65:68:ab:7e:f4:9b:93:dd:6f:4a:63:6d:
69:06:a0:5e:3a:ee:8d:19:65:8d:09:86:91:a0:db:3e:3e:fa:
d4:b1:7d:cf
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzFACqlkBv87XpUhFCCmbMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc4NmQ5NzY5YjU0NjE1NTlmNDM0M2Y5NmE1NDk4ZTNkMjY4OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYh6mV9vKjpy6ogzCsCqYOvF0Bfd
4Cgpk+1ny0MX37Vx3vidwYeek/09uWiNktaZh5tVGWlAXQIzCuSXRkPh9WjaTyqW
7gO5W4cNZ925ePMZ8N8QFg9ttxJYTytirmzrz3ax+QYOCR8ENML0sv7gRvPYW3ui
L+RoqEwh9hvJx/uPHV6c+65/UPtqqhSbhg1DakvmpPbCV66gmPO3oP9Xz4Z0RnF8
P/eLao5GXtbwj4GrFTPArwC0KkO0/CdBhMvhliucqGD43sG3TXb5FipVJFS1Pf5p
lOL8fxAqZJ+Ne30Gvwt3zatq3/m9qxHP6FAXpZPHgxTFeLsLII/+asWIyQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNB4bZdptUYVWfQ0P5alSY49JojaMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvMEhodGwybTFSaFZaOURRX2xxVkpqajBtaU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwAqEeSH
AAEDBwAqEeSHAAIDBwAqEeSHvu8DBwAqEeSH/AEwDQYJKoZIhvcNAQELBQADggEB
AEDXWpfwaDKn50Yk+WEKS2m4Yc89g9c80PVUO3FkIZWnHf3OhhDR9re7nxf/23B6
8o6r/rAY0IzrP3jLb0IoaXfOoDZJP9OZbh0NaO+395Oc8eYbdpJClmf3/gP4KSVy
K6K16yfN4ELwDEBLsXRTnn3Ontd82PTDx329geonuXEEWyX2i9lV1ah0jRksQtlm
G1ScDKJMQEjBDYL3DANRdLjkGv01X53pwHRodkH8NwWrneCZMxavW8TZhRF4pe06
Dy1xcPQi8J32vQ7A1nVamczLDtj8+jBcdu5LUJxIDWVoq370m5Pdb0pjbWkGoF46
7o0ZZY0JhpGg2z4++tSxfc8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org