Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/FbfbqHc8yIuW10yvm87fhiQ6vZ0.roa
File: FbfbqHc8yIuW10yvm87fhiQ6vZ0.roa (raw, json)
Hash identifier: C+Q59fMzCR/yaUgXmydEJyT8dy+75bn5nGYUiv/LvOQ=
Subject key identifier: 15:B7:DB:A8:77:3C:C8:8B:96:D7:4C:AF:9B:CE:DF:86:24:3A:BD:9D
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018DAE024A7CDE0B50771C8D988F6660DB2E
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/FbfbqHc8yIuW10yvm87fhiQ6vZ0.roa
Signing time: Thu 15 Feb 2024 18:23:22 +0000
ROA not before: Thu 15 Feb 2024 18:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0a:e2c0::/29 maxlen: 32
2a0e:7780::/29 maxlen: 32
2a0f:e000::/29 maxlen: 32
2a11:dcc0::/29 maxlen: 29
2a12:6b80::/29 maxlen: 32
2a13:ba00::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 19 Feb 2024 13:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:02:4a:7c:de:0b:50:77:1c:8d:98:8f:66:60:db:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Feb 15 18:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b7dba8773cc88b96d74caf9bcedf86243abd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:dd:c6:94:29:8a:40:b3:9e:41:63:87:ef:
10:ed:53:96:08:58:e6:e4:18:e1:33:82:f6:6b:aa:
a2:e8:29:d0:dd:63:47:9f:50:f5:90:eb:17:f1:9d:
a5:4d:17:a0:6c:6c:bb:6c:24:cf:60:d9:d7:a5:9f:
6a:6a:e0:7c:a4:21:42:98:be:04:9a:41:9d:ed:75:
0d:13:a7:ac:93:2a:ab:51:05:eb:04:97:aa:f4:16:
84:ea:15:e5:3a:f9:34:a1:d8:b4:51:d0:50:19:89:
36:94:65:4e:dd:4e:a7:af:36:32:57:00:60:0f:50:
83:1d:4f:33:a5:21:c0:d0:0f:da:a7:a2:c6:4b:e3:
3c:f9:9f:8c:75:a0:d5:2a:3e:b8:52:74:3a:b2:0c:
62:2d:29:f0:f2:f7:40:15:d9:d2:cd:2f:cd:e2:c1:
da:b5:fe:f8:bc:82:51:60:49:ba:23:ba:ca:03:12:
52:55:25:5b:8e:0b:53:60:c4:dc:bf:20:47:cc:1a:
26:55:34:90:f6:4a:b8:88:cf:fd:67:b8:29:b8:89:
03:4d:e6:f8:31:ff:cd:c8:44:14:a6:88:e1:17:7f:
70:a0:94:f9:91:08:44:4b:5b:93:20:23:a7:87:d1:
36:03:34:9b:09:bd:dd:06:4b:9d:1b:d0:b6:0a:02:
38:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B7:DB:A8:77:3C:C8:8B:96:D7:4C:AF:9B:CE:DF:86:24:3A:BD:9D
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/FbfbqHc8yIuW10yvm87fhiQ6vZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:dcc0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
20:f8:78:e7:45:42:6e:05:c2:1b:1b:c5:95:81:7a:5d:e5:a9:
ee:9b:82:6d:b9:c1:a4:1a:a5:6c:73:e0:70:c1:12:1b:bf:24:
dd:03:56:dd:54:17:5f:6e:c0:a1:96:57:51:81:b4:33:bc:d6:
b0:26:c7:46:4e:52:48:b4:08:8e:81:03:71:dc:30:16:e6:d5:
a4:ae:ec:61:80:13:f0:ab:07:9d:10:13:ad:cc:e4:ea:7a:ec:
92:5f:cf:24:19:46:3c:f3:80:42:6a:7d:3a:ac:39:52:a0:d1:
34:ba:a8:b3:0b:2c:fc:49:06:e0:07:a8:97:a2:09:4e:ff:58:
ec:07:d3:fe:7b:ff:61:e9:71:d6:af:f1:08:df:d3:58:15:c6:
29:13:6a:55:30:be:ed:e3:c1:f0:12:cc:b0:de:11:ca:78:83:
6e:ea:7d:e0:27:71:e8:f3:8c:32:63:d7:04:97:98:6d:de:c1:
1c:97:6f:8d:58:17:d8:be:37:c4:3e:80:c3:85:ef:46:b9:62:
39:75:79:48:81:25:7d:e5:3c:2f:40:d3:fd:a7:bd:ae:91:70:
5b:b9:00:ea:2a:1d:8c:42:da:75:3d:4d:5a:1f:c1:ea:eb:ed:
26:bf:bc:17:e8:d0:15:fe:82:92:09:bd:0d:fe:8f:4e:3e:34:
71:ca:37:e4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2uAkp83gtQdxyNmI9mYNsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMjE1MTgyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWI3ZGJhODc3M2NjODhiOTZkNzRjYWY5YmNlZGY4NjI0M2FiZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHfdxpQpikCznkFjh+8Q7VOWCFjm
5BjhM4L2a6qi6CnQ3WNHn1D1kOsX8Z2lTRegbGy7bCTPYNnXpZ9qauB8pCFCmL4E
mkGd7XUNE6eskyqrUQXrBJeq9BaE6hXlOvk0odi0UdBQGYk2lGVO3U6nrzYyVwBg
D1CDHU8zpSHA0A/ap6LGS+M8+Z+MdaDVKj64UnQ6sgxiLSnw8vdAFdnSzS/N4sHa
tf74vIJRYEm6I7rKAxJSVSVbjgtTYMTcvyBHzBomVTSQ9kq4iM/9Z7gpuIkDTeb4
Mf/NyEQUpojhF39woJT5kQhES1uTICOnh9E2AzSbCb3dBkudG9C2CgI45wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBW326h3PMiLltdMr5vO34YkOr2dMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvRmJmYnFIYzh5SXVXMTB5dm04N2ZoaVE2dlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgriwAMF
AyoOd4ADBQMqD+AAAwUDKhHcwAMFAyoSa4ADBQMqE7oAAwUDKhPawAMFAyoUfgAw
DQYJKoZIhvcNAQELBQADggEBACD4eOdFQm4FwhsbxZWBel3lqe6bgm25waQapWxz
4HDBEhu/JN0DVt1UF19uwKGWV1GBtDO81rAmx0ZOUki0CI6BA3HcMBbm1aSu7GGA
E/CrB50QE63M5Op67JJfzyQZRjzzgEJqfTqsOVKg0TS6qLMLLPxJBuAHqJeiCU7/
WOwH0/57/2Hpcdav8Qjf01gVxikTalUwvu3jwfASzLDeEcp4g27qfeAncejzjDJj
1wSXmG3ewRyXb41YF9i+N8Q+gMOF70a5Yjl1eUiBJX3lPC9A0/2nva6RcFu5AOoq
HYxC2nU9TVofwerr7Sa/vBfo0BX+gpIJvQ3+j04+NHHKN+Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org