Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Hvr0aRgiDQ_75nn_Uo-himwlSc8.roa
File: Hvr0aRgiDQ_75nn_Uo-himwlSc8.roa (raw, json)
Hash identifier: CT4cBJ0eGakRM9MsNo35d9qHdRncxLE3Dj4iEXGtPmE=
Subject key identifier: 1E:FA:F4:69:18:22:0D:0F:FB:E6:79:FF:52:8F:A1:8A:6C:25:49:CF
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CC43D91F9959BB37ABA504F7FCD1C9EBF
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Hvr0aRgiDQ_75nn_Uo-himwlSc8.roa
Signing time: Mon 01 Jan 2024 08:56:58 +0000
ROA not before: Mon 01 Jan 2024 08:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 32
2a13:ba00::/29 maxlen: 32
2a12:28c0::/29 maxlen: 32
2a12:6b80::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a11:f140::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:3d:91:f9:95:9b:b3:7a:ba:50:4f:7f:cd:1c:9e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 08:56:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1efaf46918220d0ffbe679ff528fa18a6c2549cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a9:f5:9f:9a:d9:1c:6b:55:6e:4b:e9:12:1e:
87:ac:e0:3d:76:79:e2:cc:45:e2:74:22:79:d5:73:
54:a5:3f:44:98:f7:1f:4e:fd:75:89:77:11:42:30:
3e:86:8d:16:31:0e:1c:28:ee:0d:61:39:20:55:4d:
7d:77:9e:be:95:a9:bb:2f:47:3c:e9:91:94:46:49:
53:ac:27:54:03:08:a3:ce:5d:7e:37:b2:c8:21:43:
c9:ed:48:23:4b:c0:a4:8e:10:0c:61:bf:0a:86:fd:
36:d2:96:93:e4:fa:72:b6:73:57:d9:39:a9:ed:a8:
7f:4c:15:03:af:2c:80:46:ec:d8:df:be:54:69:7f:
65:f1:a4:79:b1:9c:77:62:19:1d:20:df:c5:cb:03:
79:75:d2:f0:f0:63:48:1f:c7:a5:fe:a6:2a:2d:12:
82:0d:f0:fe:aa:af:37:02:14:9c:bf:3c:fb:4a:b1:
c9:81:e3:c8:f8:1f:8b:3d:0a:83:1f:bf:f1:24:59:
7e:a9:8b:6e:8d:ad:71:2c:71:e6:0c:84:bd:9f:9d:
32:20:83:d6:86:35:c4:bd:51:1b:11:d4:a1:d0:fc:
79:57:78:3a:66:c8:a5:fd:67:34:c0:40:70:5e:58:
51:ec:9c:58:1a:fd:ba:74:a7:7b:66:bf:b3:49:37:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FA:F4:69:18:22:0D:0F:FB:E6:79:FF:52:8F:A1:8A:6C:25:49:CF
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Hvr0aRgiDQ_75nn_Uo-himwlSc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
43:22:7c:3a:52:f0:b8:6b:ba:06:76:1f:09:eb:25:55:16:bb:
d8:ee:f5:13:17:1d:74:79:e9:76:d6:01:ec:43:3f:a0:42:72:
ef:df:b0:8b:9f:14:0b:fb:3d:18:d7:26:53:27:46:99:d3:95:
0b:ea:4d:69:3a:93:22:c5:3b:ac:9f:43:aa:a1:8d:15:1f:ef:
24:2b:30:99:68:c8:b3:c3:d0:db:cb:f1:61:4b:cb:e2:f7:51:
22:a9:d5:ac:48:ba:14:4e:56:42:52:1c:c1:cc:c6:5b:44:f5:
a7:c1:af:d2:1e:84:08:15:9d:a0:1d:26:9f:56:e9:e3:3d:76:
3f:2e:b8:cd:df:b6:79:c9:3b:1a:b6:a5:42:c3:4d:1d:31:55:
fe:b1:e7:da:ac:94:f1:6f:36:c7:6e:e3:b4:58:ab:e6:bd:a4:
3f:f3:dd:cd:74:f5:19:3f:1a:77:56:69:01:a7:e8:87:72:cd:
1b:92:c7:4c:55:52:a4:fa:0c:c4:32:4d:7c:56:78:3a:d4:93:
d3:55:76:f5:82:b8:3f:8f:fe:2e:d9:b4:42:9b:24:75:f3:4e:
fd:de:ee:ed:fe:87:aa:8a:d0:d7:5e:5e:1e:a2:b2:ad:1c:95:
a7:4f:a2:6e:f0:10:3a:81:2b:ad:12:72:24:e1:6c:99:d5:e7:
50:0e:56:72
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzEPZH5lZuzerpQT3/NHJ6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTAxMDg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZhZjQ2OTE4MjIwZDBmZmJlNjc5ZmY1MjhmYTE4YTZjMjU0OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kn1n5rZHGtVbkvpEh6HrOA9dnni
zEXidCJ51XNUpT9EmPcfTv11iXcRQjA+ho0WMQ4cKO4NYTkgVU19d56+lam7L0c8
6ZGURklTrCdUAwijzl1+N7LIIUPJ7UgjS8CkjhAMYb8Khv020paT5PpytnNX2Tmp
7ah/TBUDryyARuzY375UaX9l8aR5sZx3YhkdIN/FywN5ddLw8GNIH8el/qYqLRKC
DfD+qq83AhScvzz7SrHJgePI+B+LPQqDH7/xJFl+qYtuja1xLHHmDIS9n50yIIPW
hjXEvVEbEdSh0Px5V3g6Zsil/Wc0wEBwXlhR7JxYGv26dKd7Zr+zSTfdhQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFB769GkYIg0P++Z5/1KPoYpsJUnPMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvSHZyMGFSZ2lEUV83NW5uX1VvLWhpbXdsU2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKhHxQAMF
AyoSDsADBQMqEhkAAwUDKhIowAMFAyoSa4ADBQMqE7oAAwUDKhPawAMFAyoUfgAw
DQYJKoZIhvcNAQELBQADggEBAEMifDpS8LhrugZ2HwnrJVUWu9ju9RMXHXR56XbW
AexDP6BCcu/fsIufFAv7PRjXJlMnRpnTlQvqTWk6kyLFO6yfQ6qhjRUf7yQrMJlo
yLPD0NvL8WFLy+L3USKp1axIuhROVkJSHMHMxltE9afBr9IehAgVnaAdJp9W6eM9
dj8uuM3ftnnJOxq2pULDTR0xVf6x59qslPFvNsdu47RYq+a9pD/z3c109Rk/GndW
aQGn6IdyzRuSx0xVUqT6DMQyTXxWeDrUk9NVdvWCuD+P/i7ZtEKbJHXzTv3e7u3+
h6qK0NdeXh6isq0cladPom7wEDqBK60SciThbJnV51AOVnI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org