Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/128Uyfg3w8YzcipSbwwFZO-yxTc.roa
File: 128Uyfg3w8YzcipSbwwFZO-yxTc.roa (raw, json)
Hash identifier: rAgPLwq2VNSbf3j5J35oUouavlxZq+OtDBeh2GXv1nQ=
Subject key identifier: D7:6F:14:C9:F8:37:C3:C6:33:72:2A:52:6F:0C:05:64:EF:B2:C5:37
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018FB057E992B27C60AE74F40C4CFC5700BF
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/128Uyfg3w8YzcipSbwwFZO-yxTc.roa
Signing time: Sat 25 May 2024 15:21:42 +0000
ROA not before: Sat 25 May 2024 15:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a06:b440::/29 maxlen: 29
2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
Validation: Failed, certificate revoked on Mon 03 Jun 2024 21:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b0:57:e9:92:b2:7c:60:ae:74:f4:0c:4c:fc:57:00:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 25 15:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d76f14c9f837c3c633722a526f0c0564efb2c537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:25:2d:fa:bb:33:50:9d:38:0c:4f:bd:c9:73:
97:8d:8c:5a:45:94:b5:47:60:65:e9:00:7c:43:0a:
43:b9:e1:c5:3a:52:64:95:4f:b2:28:4d:6e:fb:fd:
d1:9b:ac:44:92:e9:04:a9:36:b5:f8:41:e6:a9:37:
9b:94:5d:03:bf:c9:8e:6a:a9:1f:64:1f:f7:39:59:
8a:42:6b:4d:c4:7d:61:9a:29:f9:f0:c9:0f:e7:d1:
9f:0b:50:ea:55:a9:42:95:b5:30:86:65:7d:ca:38:
68:3c:39:8c:36:fb:1b:0b:2e:22:6f:61:0d:48:64:
ae:33:c2:5b:5c:ec:23:c0:cc:b2:0a:7a:6c:c0:1f:
11:7b:04:b9:b1:9c:9f:e8:b9:fe:b0:d5:e3:07:ae:
c6:f8:11:98:48:82:09:4f:e3:13:c7:88:7f:18:5c:
27:a7:ae:b6:58:f1:47:89:b6:d8:bf:1d:b3:b0:b6:
d6:07:0d:79:a1:69:9e:65:63:e2:71:35:13:e4:6f:
1b:5c:ac:38:4f:2a:5a:ac:d7:4e:39:c4:99:8e:22:
f6:44:9d:10:4a:bb:29:be:fc:28:cd:d9:31:d4:46:
f0:3b:7c:8f:25:63:ad:e9:fa:65:b0:22:19:b5:1c:
59:a2:80:37:63:97:7a:e1:1e:b9:3b:0e:a7:6f:d5:
b3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6F:14:C9:F8:37:C3:C6:33:72:2A:52:6F:0C:05:64:EF:B2:C5:37
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/128Uyfg3w8YzcipSbwwFZO-yxTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
Signature Algorithm: sha256WithRSAEncryption
a4:9b:16:8e:79:d4:52:3c:be:58:fe:58:e2:9b:55:7b:aa:a2:
64:de:8c:0a:2a:f3:09:c6:96:04:48:e1:e7:af:af:ce:09:f2:
95:60:2e:b8:38:97:29:cc:20:e2:a2:9b:ca:c7:8e:d5:4b:fc:
40:84:2b:ba:e5:74:b2:34:c4:0c:b0:81:72:59:7a:c1:20:a9:
b2:8c:aa:51:22:96:ce:8c:1f:69:e5:42:d2:17:d4:ab:46:d5:
00:18:36:5a:5f:d0:45:03:96:56:b3:c3:97:26:dc:1c:15:66:
6d:bb:86:2f:dd:77:d7:35:8c:00:9a:07:9f:61:23:27:78:e5:
2d:a4:17:8d:4c:e2:87:f5:93:28:5c:9c:2b:41:60:25:0c:8c:
05:16:0d:81:b2:c8:f1:8a:ab:30:64:4e:17:c4:fc:cf:73:e1:
99:25:9e:79:dd:57:e3:dc:09:77:5c:25:a1:f1:7d:32:38:64:
fe:f2:72:cc:e6:1d:4f:16:a1:a2:15:06:5d:8b:a6:d3:e4:cc:
b7:dd:8c:43:86:85:66:9d:62:d8:8d:ab:3b:6c:89:b0:77:d4:
af:ad:12:89:7b:38:bf:22:da:22:f5:3f:96:21:61:cf:18:28:
12:0e:48:8a:3a:ab:ae:89:c3:8e:26:0a:c2:10:d0:5a:9a:d7:
ed:67:97:93
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+wV+mSsnxgrnT0DEz8VwC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNTI1MTUyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzZmMTRjOWY4MzdjM2M2MzM3MjJhNTI2ZjBjMDU2NGVmYjJjNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iUt+rszUJ04DE+9yXOXjYxaRZS1
R2Bl6QB8QwpDueHFOlJklU+yKE1u+/3Rm6xEkukEqTa1+EHmqTeblF0Dv8mOaqkf
ZB/3OVmKQmtNxH1hmin58MkP59GfC1DqValClbUwhmV9yjhoPDmMNvsbCy4ib2EN
SGSuM8JbXOwjwMyyCnpswB8RewS5sZyf6Ln+sNXjB67G+BGYSIIJT+MTx4h/GFwn
p662WPFHibbYvx2zsLbWBw15oWmeZWPicTUT5G8bXKw4TyparNdOOcSZjiL2RJ0Q
Srspvvwozdkx1EbwO3yPJWOt6fplsCIZtRxZooA3Y5d64R65Ow6nb9WzTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNdvFMn4N8PGM3IqUm8MBWTvssU3MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMTI4VXlmZzN3OFl6Y2lwU2J3d0ZaTy15eFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKga0QAMF
AyoSZ0ADBQMqEo7AAwUDKhLMwAMFAyoS08ADBQMqEuJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCkmxaOedRSPL5Y/ljim1V7qqJk3owKKvMJxpYESOHnr6/OCfKVYC64OJcp
zCDiopvKx47VS/xAhCu65XSyNMQMsIFyWXrBIKmyjKpRIpbOjB9p5ULSF9SrRtUA
GDZaX9BFA5ZWs8OXJtwcFWZtu4Yv3XfXNYwAmgefYSMneOUtpBeNTOKH9ZMoXJwr
QWAlDIwFFg2BssjxiqswZE4XxPzPc+GZJZ553Vfj3Al3XCWh8X0yOGT+8nLM5h1P
FqGiFQZdi6bT5My33YxDhoVmnWLYjas7bImwd9SvrRKJezi/Itoi9T+WIWHPGCgS
DkiKOquuicOOJgrCENBamtftZ5eT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org