Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CEF3_ZBziqhjOW2ZS2Mr816kRvY.roa
File: CEF3_ZBziqhjOW2ZS2Mr816kRvY.roa (raw, json)
Hash identifier: ERBa7K+5T3jvnf16bvNLhI+spSVZaseIvbQuAp6wYl8=
Subject key identifier: 08:41:77:FD:90:73:8A:A8:63:39:6D:99:4B:63:2B:F3:5E:A4:46:F6
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0190BF9F1D5F5771521E9BB2113B7562A561
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CEF3_ZBziqhjOW2ZS2Mr816kRvY.roa
Signing time: Wed 17 Jul 2024 07:36:34 +0000
ROA not before: Wed 17 Jul 2024 07:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214967
IP address blocks: 2a0e:7780::/29 maxlen: 32
2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jul 2024 09:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:9f:1d:5f:57:71:52:1e:9b:b2:11:3b:75:62:a5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 17 07:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=084177fd90738aa863396d994b632bf35ea446f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e1:af:78:45:b1:ec:1f:20:95:70:7d:40:bc:
2a:cb:0f:2c:95:d2:f3:9b:f4:fa:57:dc:45:23:4b:
c0:b5:e9:1e:6c:25:db:7f:f5:8f:3f:d4:e1:03:8d:
81:f6:20:af:6a:b2:ea:4e:be:a0:9e:72:f0:6e:4b:
73:9d:ca:5c:3e:05:50:91:0e:5a:77:0f:9e:bf:b6:
69:2b:21:9b:ef:7e:91:b3:e1:f4:64:77:57:05:dd:
7c:2f:db:f0:3a:27:c8:30:a9:45:e0:6b:1f:aa:a7:
e4:f7:2d:39:4f:fd:61:86:4b:7c:8c:6c:95:a7:1e:
9c:a2:22:e9:84:26:2d:18:d9:2f:e5:fb:33:ac:8c:
c5:49:de:d7:a7:42:e6:d6:bb:58:8f:37:a7:66:93:
75:bf:08:58:f4:96:bf:d0:95:bd:08:ab:22:6d:69:
db:aa:99:ea:db:e3:35:ae:68:42:d1:55:da:d6:ea:
dc:47:bb:95:6b:e8:b0:e0:ed:6a:23:fb:e4:76:c5:
49:f4:8e:96:c6:52:35:2a:31:2c:06:7c:2c:3f:0a:
a0:2e:d4:bd:04:05:b7:ca:bd:2b:9a:77:8a:63:51:
4e:87:7b:40:f0:27:78:7b:aa:64:5e:a3:cd:4a:3d:
84:b8:3b:5f:c7:71:04:05:90:a2:0e:7b:98:d2:5a:
74:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:41:77:FD:90:73:8A:A8:63:39:6D:99:4B:63:2B:F3:5E:A4:46:F6
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CEF3_ZBziqhjOW2ZS2Mr816kRvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7780::/29
2a12:ec0::/29
2a12:1900::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:10:d1:b2:99:2b:f1:8d:3b:ba:b9:b5:1a:90:9e:79:13:8b:
3d:64:f9:7e:6b:dd:95:00:e0:84:88:07:db:8c:24:41:74:f7:
5c:d7:f5:70:75:b0:a2:76:8d:79:2f:fb:e0:bd:df:f0:be:04:
52:bb:d9:7c:24:6b:fe:f0:35:ff:ad:7b:7f:2c:92:74:98:7b:
bc:64:e3:de:07:1b:cd:27:79:51:17:67:74:08:6d:b6:c5:4d:
ba:10:35:45:05:c4:1b:85:99:36:44:06:34:8d:80:c4:b2:c5:
bc:8f:e4:ee:ef:9b:b8:a8:7b:12:cd:79:54:e8:ec:f6:dd:3b:
73:30:5d:b4:68:f2:02:20:d2:f8:8b:f7:a2:c4:5d:41:0a:91:
0d:bd:f1:c6:6e:59:0b:bb:76:e1:a3:f5:0a:e5:dc:68:df:db:
d5:86:5e:69:f5:d3:79:7c:b9:92:81:15:e5:e0:be:7a:59:68:
bc:df:14:fd:a2:6a:43:33:07:46:44:5a:42:47:17:c9:db:55:
d0:ce:ce:45:29:71:a9:f5:33:57:80:26:6d:7e:0b:65:48:c6:
61:c6:b1:35:e8:a7:5b:ba:d8:b1:88:a2:f7:e8:11:7d:0a:f5:
e1:6e:c7:88:9d:04:b4:be:43:a4:02:f5:b9:c2:d7:ea:2e:89:
7b:2f:5a:7a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZC/nx1fV3FSHpuyETt1YqVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNzE3MDczNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQxNzdmZDkwNzM4YWE4NjMzOTZkOTk0YjYzMmJmMzVlYTQ0NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+GveEWx7B8glXB9QLwqyw8sldLz
m/T6V9xFI0vAtekebCXbf/WPP9ThA42B9iCvarLqTr6gnnLwbktzncpcPgVQkQ5a
dw+ev7ZpKyGb736Rs+H0ZHdXBd18L9vwOifIMKlF4Gsfqqfk9y05T/1hhkt8jGyV
px6coiLphCYtGNkv5fszrIzFSd7Xp0Lm1rtYjzenZpN1vwhY9Ja/0JW9CKsibWnb
qpnq2+M1rmhC0VXa1urcR7uVa+iw4O1qI/vkdsVJ9I6WxlI1KjEsBnwsPwqgLtS9
BAW3yr0rmneKY1FOh3tA8Cd4e6pkXqPNSj2EuDtfx3EEBZCiDnuY0lp0LQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAhBd/2Qc4qoYzltmUtjK/NepEb2MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvQ0VGM19aQnppcWhqT1cyWlMyTXI4MTZrUnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg53gAMF
AyoSDsADBQMqEhkAAwUDKhLwwDANBgkqhkiG9w0BAQsFAAOCAQEADhDRspkr8Y07
urm1GpCeeROLPWT5fmvdlQDghIgH24wkQXT3XNf1cHWwonaNeS/74L3f8L4EUrvZ
fCRr/vA1/617fyySdJh7vGTj3gcbzSd5URdndAhttsVNuhA1RQXEG4WZNkQGNI2A
xLLFvI/k7u+buKh7Es15VOjs9t07czBdtGjyAiDS+Iv3osRdQQqRDb3xxm5ZC7t2
4aP1CuXcaN/b1YZeafXTeXy5koEV5eC+ellovN8U/aJqQzMHRkRaQkcXydtV0M7O
RSlxqfUzV4AmbX4LZUjGYcaxNeinW7rYsYii9+gRfQr14W7HiJ0EtL5DpAL1ucLX
6i6Jey9aeg==
-----END CERTIFICATE-----
Generated at Wed Jul 17 11:14:43 2024 by rpki-client on console-ams.rpki-client.org