Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CrJL8KINUkdN4VurI5HYkLJD3n0.roa
File: CrJL8KINUkdN4VurI5HYkLJD3n0.roa (raw, json)
Hash identifier: bHy8RlSzocGVDmCEcpDJaB+q2qpqB7Q/b26FZM8of+s=
Subject key identifier: 0A:B2:4B:F0:A2:0D:52:47:4D:E1:5B:AB:23:91:D8:90:B2:43:DE:7D
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018FEE06B38AE581003E2A8EDB21559D5A4B
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CrJL8KINUkdN4VurI5HYkLJD3n0.roa
Signing time: Thu 06 Jun 2024 14:49:27 +0000
ROA not before: Thu 06 Jun 2024 14:49:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a11:7240::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 32
2a14:c0::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 08 Jun 2024 06:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:06:b3:8a:e5:81:00:3e:2a:8e:db:21:55:9d:5a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jun 6 14:49:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ab24bf0a20d52474de15bab2391d890b243de7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:59:d5:56:e0:54:d1:f5:20:e7:c8:47:5a:
c9:66:f5:97:26:71:22:50:ed:78:15:13:1b:b1:32:
54:fd:26:b2:45:32:b3:8b:3a:3c:9f:33:7d:17:b7:
7b:61:a1:4d:8b:8f:de:9d:6b:3e:8b:db:85:42:43:
e0:b8:fb:e9:53:f2:a5:34:e5:3f:64:31:3d:24:bd:
2d:8d:68:3e:81:79:c4:8e:67:02:c3:d4:72:85:29:
9a:f4:39:d5:a5:cb:08:0e:2b:11:95:06:0e:2f:c4:
85:13:4a:9a:67:7e:bb:4e:4e:41:d9:e6:1b:fa:d1:
ee:07:17:34:ae:66:e1:82:dc:57:df:63:ee:95:70:
f1:3f:18:8e:25:fe:ca:5f:8b:2d:de:91:10:62:b5:
4a:8e:58:a6:78:ec:e9:d0:f8:7a:2d:1b:1d:1d:e7:
9b:e6:3d:7c:58:71:ce:14:03:07:60:b4:d7:20:3c:
89:17:b2:a2:c1:38:5a:8e:dc:2d:26:40:68:40:e6:
fe:7a:40:93:b7:10:07:ca:49:5f:b6:0f:4f:6d:25:
a9:11:2f:17:c2:57:19:9a:44:9a:a0:e7:36:b8:da:
fe:04:58:b2:87:4a:e6:08:7c:11:d2:a6:7c:68:18:
8c:d2:93:e6:0d:13:42:12:80:17:13:8c:ef:a4:af:
d1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B2:4B:F0:A2:0D:52:47:4D:E1:5B:AB:23:91:D8:90:B2:43:DE:7D
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/CrJL8KINUkdN4VurI5HYkLJD3n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7240::/29
2a11:dcc0::/29
2a14:c0::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
47:2e:e0:2f:3d:08:03:6e:9f:64:bf:a6:3f:21:03:97:45:ca:
5a:e5:13:d9:75:7e:71:1e:86:ce:db:b7:d8:4b:3c:38:23:42:
82:b8:80:fe:8e:33:ef:47:15:30:b2:f1:17:90:fa:88:3b:c1:
bd:b3:7e:8f:c1:99:ee:36:3a:de:5b:96:ae:d1:14:7f:fa:ab:
b4:89:84:ce:9d:7b:c8:66:a6:4b:6c:74:28:bb:71:2c:8b:c6:
08:89:6e:11:3f:dc:68:5e:00:c3:e0:63:70:d4:04:76:65:a0:
73:2f:e5:48:fe:a9:c3:92:4e:68:40:66:46:b0:a4:c6:78:6f:
d4:75:96:d4:c2:6f:5d:b1:62:2b:7c:66:14:07:da:b4:79:0a:
8b:fd:2a:c0:ac:84:33:89:ab:18:1d:4e:67:34:18:b7:01:b4:
b7:12:75:5b:0d:ba:10:20:ba:a1:eb:c1:96:51:7e:75:95:e9:
0c:14:d1:15:28:9a:62:94:fa:d6:4c:a4:06:ae:fd:2d:68:a0:
b7:f7:ca:a8:21:63:1e:13:71:e7:ce:74:84:b2:42:a5:e1:92:
7d:eb:53:24:52:02:61:52:9d:1a:84:bd:aa:b6:f7:05:23:35:
1c:e2:b2:a8:21:0b:ee:09:d6:76:97:5d:96:77:1a:81:58:0d:
9d:c2:28:7a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY/uBrOK5YEAPiqO2yFVnVpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjA2MTQ0OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIyNGJmMGEyMGQ1MjQ3NGRlMTViYWIyMzkxZDg5MGIyNDNkZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRdZ1VbgVNH1IOfIR1rJZvWXJnEi
UO14FRMbsTJU/SayRTKzizo8nzN9F7d7YaFNi4/enWs+i9uFQkPguPvpU/KlNOU/
ZDE9JL0tjWg+gXnEjmcCw9RyhSma9DnVpcsIDisRlQYOL8SFE0qaZ367Tk5B2eYb
+tHuBxc0rmbhgtxX32PulXDxPxiOJf7KX4st3pEQYrVKjlimeOzp0Ph6LRsdHeeb
5j18WHHOFAMHYLTXIDyJF7KiwThajtwtJkBoQOb+ekCTtxAHyklftg9PbSWpES8X
wlcZmkSaoOc2uNr+BFiyh0rmCHwR0qZ8aBiM0pPmDRNCEoAXE4zvpK/RsQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAqyS/CiDVJHTeFbqyOR2JCyQ959MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvQ3JKTDhLSU5Va2RONFZ1ckk1SFlrTEpEM24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhFyQAMF
AyoR3MADBQMqFADAAwUDKhQPQDANBgkqhkiG9w0BAQsFAAOCAQEARy7gLz0IA26f
ZL+mPyEDl0XKWuUT2XV+cR6Gztu32Es8OCNCgriA/o4z70cVMLLxF5D6iDvBvbN+
j8GZ7jY63luWrtEUf/qrtImEzp17yGamS2x0KLtxLIvGCIluET/caF4Aw+BjcNQE
dmWgcy/lSP6pw5JOaEBmRrCkxnhv1HWW1MJvXbFiK3xmFAfatHkKi/0qwKyEM4mr
GB1OZzQYtwG0txJ1Ww26ECC6oevBllF+dZXpDBTRFSiaYpT61kykBq79LWigt/fK
qCFjHhNx5850hLJCpeGSfetTJFICYVKdGoS9qrb3BSM1HOKyqCEL7gnWdpddlnca
gVgNncIoeg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:04:07 2024 by rpki-client on console-ams.rpki-client.org