Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/00df6d6ayMQpBPiQr9QoXoQho5c.roa
File: 00df6d6ayMQpBPiQr9QoXoQho5c.roa (raw, json)
Hash identifier: eXTorLL/zA8Qp1cUL26dioT6+P4k9xzeAPedwbefVWI=
Subject key identifier: D3:47:5F:E9:DE:9A:C8:C4:29:04:F8:90:AF:D4:28:5E:84:21:A3:97
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018D37630134F60F0B3B15441B6C7C28C4C3
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/00df6d6ayMQpBPiQr9QoXoQho5c.roa
Signing time: Tue 23 Jan 2024 17:34:11 +0000
ROA not before: Tue 23 Jan 2024 17:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 2a11:f140::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Jan 2024 19:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:63:01:34:f6:0f:0b:3b:15:44:1b:6c:7c:28:c4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 23 17:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3475fe9de9ac8c42904f890afd4285e8421a397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:82:92:86:44:91:61:7f:f3:f2:d0:8b:5d:ad:
85:d1:53:23:e2:aa:8e:35:f3:96:56:5e:98:f4:17:
1c:b7:d0:47:34:ff:8b:c6:fc:1b:59:f2:88:7e:95:
7d:8d:ae:15:52:04:f2:73:b2:1b:56:bc:1f:c3:55:
72:2e:d3:a1:78:aa:94:85:24:27:2b:14:c0:7c:a1:
74:de:fe:6e:db:06:4b:e0:37:58:a3:2b:87:bd:3c:
ec:2a:ce:82:c9:54:34:01:6f:22:21:4a:73:fa:60:
d2:df:bf:8e:bc:15:c8:28:a8:61:c5:44:72:10:71:
7c:14:ab:25:49:92:fc:62:9e:d8:6e:4f:32:e5:70:
ab:57:38:11:d6:cb:e9:e8:53:1e:f9:9a:6e:c6:0d:
74:93:f7:cc:be:24:5b:e0:6d:91:81:27:69:56:fe:
18:d8:af:e8:8a:dc:54:08:f5:7b:eb:b1:77:30:50:
03:d1:96:d1:7b:49:ac:c9:84:9e:b1:f6:aa:d7:d1:
0a:f8:87:e5:b8:8e:98:74:0a:32:25:cd:fd:48:ed:
cc:25:93:6b:62:ee:6d:a2:48:38:f2:a3:65:fe:d7:
95:74:80:94:f1:55:af:5d:8f:30:b2:e2:63:32:c6:
42:28:99:e0:25:1b:b4:c8:41:bb:8e:c8:fa:89:57:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:47:5F:E9:DE:9A:C8:C4:29:04:F8:90:AF:D4:28:5E:84:21:A3:97
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/00df6d6ayMQpBPiQr9QoXoQho5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f140::/29
2a12:28c0::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
9f:22:ee:29:88:aa:61:6c:ca:4b:ef:81:ba:62:6a:b9:80:6d:
01:0f:9e:de:4c:7c:20:b7:bf:54:3b:35:f0:46:76:ef:30:5f:
3d:26:6c:7c:77:f8:f9:db:9a:c1:b8:44:ef:ee:9a:c3:50:c0:
30:c2:0f:27:c4:92:4d:a9:c1:80:40:a8:83:71:ef:55:fd:14:
9e:28:0e:4e:7b:e5:e5:97:6a:f4:ef:c1:81:62:82:31:0e:87:
60:d8:07:37:a1:f6:dd:55:19:65:7b:a8:0c:16:20:a4:35:58:
c0:fd:ab:e0:f8:08:7c:33:09:7c:6a:54:ff:9c:fb:8e:b2:76:
88:95:47:37:47:2f:f8:9f:85:40:53:26:68:93:98:4e:3e:9d:
b3:f8:d5:38:31:a1:e9:36:63:25:f3:b0:66:1f:1d:7c:4d:21:
fd:c0:cf:04:e2:b5:f9:3c:f0:75:5a:c6:9e:1b:0b:eb:e6:98:
8c:26:ac:af:8f:30:6d:bc:c5:17:b7:3f:8d:2a:47:18:6f:20:
28:a8:b6:84:02:87:ae:ee:12:b7:0a:62:df:30:64:e9:b2:52:
f5:7b:05:62:97:f1:53:b3:6d:4a:02:c2:84:e0:17:19:41:24:
0d:65:bf:d8:20:c8:11:bc:9b:29:87:29:63:98:77:d6:b9:2c:
53:96:ee:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY03YwE09g8LOxVEG2x8KMTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTIzMTczNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ3NWZlOWRlOWFjOGM0MjkwNGY4OTBhZmQ0Mjg1ZTg0MjFhMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIKShkSRYX/z8tCLXa2F0VMj4qqO
NfOWVl6Y9Bcct9BHNP+LxvwbWfKIfpV9ja4VUgTyc7IbVrwfw1VyLtOheKqUhSQn
KxTAfKF03v5u2wZL4DdYoyuHvTzsKs6CyVQ0AW8iIUpz+mDS37+OvBXIKKhhxURy
EHF8FKslSZL8Yp7Ybk8y5XCrVzgR1svp6FMe+Zpuxg10k/fMviRb4G2RgSdpVv4Y
2K/oitxUCPV767F3MFAD0ZbRe0msyYSesfaq19EK+IfluI6YdAoyJc39SO3MJZNr
Yu5tokg48qNl/teVdICU8VWvXY8wsuJjMsZCKJngJRu0yEG7jsj6iVen5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNNHX+nemsjEKQT4kK/UKF6EIaOXMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMDBkZjZkNmF5TVFwQlBpUXI5UW9Yb1FobzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhHxQAMF
AyoSKMADBQMqEmuAMA0GCSqGSIb3DQEBCwUAA4IBAQCfIu4piKphbMpL74G6Ymq5
gG0BD57eTHwgt79UOzXwRnbvMF89Jmx8d/j525rBuETv7prDUMAwwg8nxJJNqcGA
QKiDce9V/RSeKA5Oe+Xll2r078GBYoIxDodg2Ac3ofbdVRlle6gMFiCkNVjA/avg
+Ah8Mwl8alT/nPuOsnaIlUc3Ry/4n4VAUyZok5hOPp2z+NU4MaHpNmMl87BmHx18
TSH9wM8E4rX5PPB1WsaeGwvr5piMJqyvjzBtvMUXtz+NKkcYbyAoqLaEAoeu7hK3
CmLfMGTpslL1ewVil/FTs21KAsKE4BcZQSQNZb/YIMgRvJsphyljmHfWuSxTlu6i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org