Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2SPAmjaOTlpZ8vqqeDuBJweot9g.roa
File: 2SPAmjaOTlpZ8vqqeDuBJweot9g.roa (raw, json)
Hash identifier: BVLrfpm2pFB4AP6DQwdtUn/jc+pyCt+YQqfqUxxF+Rs=
Subject key identifier: D9:23:C0:9A:36:8E:4E:5A:59:F2:FA:AA:78:3B:81:27:07:A8:B7:D8
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018D8A5FE00A78C1E9D179226F85DF1750FB
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2SPAmjaOTlpZ8vqqeDuBJweot9g.roa
Signing time: Thu 08 Feb 2024 20:19:15 +0000
ROA not before: Thu 08 Feb 2024 20:19:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a11:f140::/29 maxlen: 32
2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 11 Feb 2024 18:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:5f:e0:0a:78:c1:e9:d1:79:22:6f:85:df:17:50:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 8 20:19:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d923c09a368e4e5a59f2faaa783b812707a8b7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:50:c2:3f:85:6b:39:01:b2:20:f1:7f:5f:6e:
25:b3:f2:a4:e9:25:a6:bb:88:4e:b9:09:82:59:50:
87:6c:7b:2d:7d:73:30:11:a4:ab:5e:bb:36:da:2c:
e9:9b:cf:df:83:e7:d1:5f:c3:7f:1c:bd:cb:af:7c:
56:77:3a:fc:b5:11:09:ca:65:8c:1a:cd:2d:ca:82:
77:da:9e:eb:25:2a:78:db:12:c5:08:8e:01:22:60:
99:0f:19:ed:82:ca:d0:e9:13:a3:fc:fa:d9:14:b9:
7f:cb:c8:0d:49:39:8b:1d:08:ad:3f:72:11:3e:8d:
89:ef:fe:37:7f:81:a8:1e:73:cc:df:de:89:5e:0e:
6a:e1:87:44:c0:95:25:de:c4:2d:69:12:a9:f4:fb:
eb:14:b4:6a:bd:3a:47:59:6b:92:1f:e6:0a:fb:9c:
81:ec:77:83:bc:50:f6:ee:fa:b3:41:85:69:02:96:
ef:f2:37:76:11:7a:30:29:ee:54:6b:b7:7f:58:b6:
da:6d:af:13:98:71:f0:d2:e7:d7:2a:d5:db:1f:50:
58:44:c6:f6:33:e0:4d:ad:74:97:1f:df:84:74:32:
e7:02:4c:fa:52:39:a7:87:ba:c7:33:11:f0:a4:8f:
ab:f4:a6:a3:76:36:b8:c9:94:d7:4e:30:20:9d:89:
97:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:23:C0:9A:36:8E:4E:5A:59:F2:FA:AA:78:3B:81:27:07:A8:B7:D8
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/2SPAmjaOTlpZ8vqqeDuBJweot9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
Signature Algorithm: sha256WithRSAEncryption
27:67:67:b3:1b:4c:4e:db:9c:17:79:05:a8:52:9c:24:c2:e4:
11:9b:fa:4b:ef:87:d5:80:9f:f3:50:10:cf:0d:3c:97:87:67:
27:a4:27:9a:d6:9d:4c:4a:fc:cd:0d:b0:4b:ff:46:3a:b1:35:
ae:ce:43:15:0e:01:5e:2b:f3:ba:b9:e4:c0:3a:27:29:b8:05:
4c:bc:28:50:86:c5:e4:93:96:e7:59:66:e0:50:72:b2:40:2d:
9f:36:96:fd:00:78:6e:77:d5:bf:5a:e9:1a:1b:3a:1e:c2:82:
2e:9b:e3:49:d3:f9:02:15:84:24:87:f1:7b:46:b6:4e:8f:6a:
85:5c:b6:d4:0a:72:d7:b2:72:09:5c:44:bc:4a:4f:e7:19:b2:
33:92:df:1b:10:70:7e:30:d7:a9:d8:2e:3f:24:c0:bd:bc:a2:
13:b0:49:7c:1f:b6:6a:8e:b4:88:6e:ea:ba:80:74:cc:13:93:
c4:6d:c3:38:8c:5d:f8:69:75:2f:57:6d:87:46:4c:61:8c:92:
e2:2f:ff:35:53:11:2a:4c:59:91:c6:9c:4d:59:e2:b5:14:b1:
d2:f3:ee:28:eb:b0:a0:04:7c:4d:e2:31:8a:7f:98:e0:48:41:
c2:07:4e:eb:e1:d3:7a:8c:9c:fb:21:2f:b9:1e:9e:fb:7e:c7:
fe:9c:3c:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2KX+AKeMHp0Xkib4XfF1D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjA4MjAxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIzYzA5YTM2OGU0ZTVhNTlmMmZhYWE3ODNiODEyNzA3YThiN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolDCP4VrOQGyIPF/X24ls/Kk6SWm
u4hOuQmCWVCHbHstfXMwEaSrXrs22izpm8/fg+fRX8N/HL3Lr3xWdzr8tREJymWM
Gs0tyoJ32p7rJSp42xLFCI4BImCZDxntgsrQ6ROj/PrZFLl/y8gNSTmLHQitP3IR
Po2J7/43f4GoHnPM396JXg5q4YdEwJUl3sQtaRKp9PvrFLRqvTpHWWuSH+YK+5yB
7HeDvFD27vqzQYVpApbv8jd2EXowKe5Ua7d/WLbaba8TmHHw0ufXKtXbH1BYRMb2
M+BNrXSXH9+EdDLnAkz6Ujmnh7rHMxHwpI+r9Kajdja4yZTXTjAgnYmXfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNkjwJo2jk5aWfL6qng7gScHqLfYMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvMlNQQW1qYU9UbHBaOHZxcWVEdUJKd2VvdDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhHxQAMF
AyoSDsADBQMqEhkAMA0GCSqGSIb3DQEBCwUAA4IBAQAnZ2ezG0xO25wXeQWoUpwk
wuQRm/pL74fVgJ/zUBDPDTyXh2cnpCea1p1MSvzNDbBL/0Y6sTWuzkMVDgFeK/O6
ueTAOicpuAVMvChQhsXkk5bnWWbgUHKyQC2fNpb9AHhud9W/WukaGzoewoIum+NJ
0/kCFYQkh/F7RrZOj2qFXLbUCnLXsnIJXES8Sk/nGbIzkt8bEHB+MNep2C4/JMC9
vKITsEl8H7ZqjrSIbuq6gHTME5PEbcM4jF34aXUvV22HRkxhjJLiL/81UxEqTFmR
xpxNWeK1FLHS8+4o67CgBHxN4jGKf5jgSEHCB07r4dN6jJz7IS+5Hp77fsf+nDxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org