Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/IFbhph2X7WjWHkD-KouGOGXCrP4.roa
File: IFbhph2X7WjWHkD-KouGOGXCrP4.roa (raw, json)
Hash identifier: 5Q/n0JzVEwbAkxtR7IgADHPKgsodHVl7MSH4Wb2wK5g=
Subject key identifier: 20:56:E1:A6:1D:97:ED:68:D6:1E:40:FE:2A:8B:86:38:65:C2:AC:FE
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CD5FA6E1B6A3007B5AC3898C3B0D1E41B
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/IFbhph2X7WjWHkD-KouGOGXCrP4.roa
Signing time: Thu 04 Jan 2024 19:36:48 +0000
ROA not before: Thu 04 Jan 2024 19:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0f:e000::/29 maxlen: 32
2a13:ba00::/29 maxlen: 32
2a0e:7780::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
2a0a:e2c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Feb 2024 17:59:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:fa:6e:1b:6a:30:07:b5:ac:38:98:c3:b0:d1:e4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 4 19:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2056e1a61d97ed68d61e40fe2a8b863865c2acfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:30:cc:88:c6:48:3b:4d:87:8a:04:c9:ea:0a:
80:d2:1b:5d:fc:91:c2:6c:72:48:48:84:8b:a9:29:
8b:ba:a3:78:f8:97:01:17:69:88:80:75:ab:b9:41:
4e:da:a6:d4:ff:88:4e:45:e1:9c:d5:38:d5:7a:1a:
31:28:7b:76:66:ce:4f:2c:bc:87:ff:13:18:c0:5a:
cd:12:aa:ab:26:5d:62:49:80:3b:1b:bc:73:c8:6e:
dd:e7:1a:17:34:07:fe:a9:74:f2:9e:ce:16:78:88:
ed:7d:29:c2:67:6a:53:0e:83:c8:44:68:c5:a6:5d:
a1:be:e8:c9:d4:2d:06:fd:a5:e7:2a:23:f4:65:61:
6a:b9:30:f0:82:3e:bb:3c:b6:06:3f:f8:ad:db:b0:
3a:ec:82:b7:13:93:84:34:aa:2b:ea:35:cb:e5:b7:
b6:53:92:2f:97:d9:e2:f5:43:c9:70:a5:41:b4:02:
58:09:7e:c6:52:e7:46:8c:65:cb:90:66:25:53:d5:
95:97:33:b0:6e:04:77:d9:b0:7c:6d:1f:33:6f:9c:
2f:a5:9f:8e:0e:af:56:c1:ea:b8:2b:19:63:e9:40:
78:aa:66:41:bf:f8:c6:59:32:43:35:e7:c2:92:5f:
c4:5f:39:06:e5:83:1d:89:39:c4:96:41:e3:38:c7:
95:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:56:E1:A6:1D:97:ED:68:D6:1E:40:FE:2A:8B:86:38:65:C2:AC:FE
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/IFbhph2X7WjWHkD-KouGOGXCrP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
c9:d8:ba:3e:36:a3:e9:b9:9a:d2:cf:67:c2:44:a9:1b:2b:91:
87:63:04:0a:a8:1c:5b:5e:58:e5:8b:f3:b1:c7:fb:f6:92:a8:
ee:08:71:2e:aa:4d:8a:19:77:23:64:d3:f6:49:92:1b:93:c8:
95:1b:26:e6:5b:e1:bf:99:6c:a6:a4:d8:e6:5e:f5:87:ed:5d:
97:8c:86:de:82:8f:0a:6a:49:ce:d8:b2:11:85:d3:53:14:90:
42:17:73:e0:ef:1f:c8:ca:4e:56:16:3c:25:63:e3:5d:97:8e:
56:7f:91:f7:24:f7:4e:fa:50:39:a6:4d:0a:29:f0:b1:ed:92:
90:0c:87:52:e1:67:8f:97:32:49:6c:7d:89:3d:78:1e:d2:43:
92:00:de:dc:84:f3:30:90:ff:1c:33:6e:3e:42:44:eb:85:40:
a9:1d:12:cd:07:97:ff:88:a6:0d:79:2e:a4:22:2d:6a:c6:a7:
6a:85:e4:43:1f:64:4c:22:cb:d2:b8:13:9d:11:f6:b7:a2:23:
27:48:94:c8:bf:1c:17:2b:16:02:de:4e:f8:53:a3:82:40:a7:
65:1f:ca:e7:e2:6b:1f:1a:00:57:a2:50:c3:62:5c:a9:76:08:
8d:8b:b0:fa:6c:85:8e:1e:c4:9d:d0:0a:a0:fa:1d:82:41:43:
26:4c:d1:5e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzV+m4bajAHtaw4mMOw0eQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTA0MTkzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU2ZTFhNjFkOTdlZDY4ZDYxZTQwZmUyYThiODYzODY1YzJhY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTDMiMZIO02HigTJ6gqA0htd/JHC
bHJISISLqSmLuqN4+JcBF2mIgHWruUFO2qbU/4hOReGc1TjVehoxKHt2Zs5PLLyH
/xMYwFrNEqqrJl1iSYA7G7xzyG7d5xoXNAf+qXTyns4WeIjtfSnCZ2pTDoPIRGjF
pl2hvujJ1C0G/aXnKiP0ZWFquTDwgj67PLYGP/it27A67IK3E5OENKor6jXL5be2
U5Ivl9ni9UPJcKVBtAJYCX7GUudGjGXLkGYlU9WVlzOwbgR32bB8bR8zb5wvpZ+O
Dq9Wweq4Kxlj6UB4qmZBv/jGWTJDNefCkl/EXzkG5YMdiTnElkHjOMeV2wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCBW4aYdl+1o1h5A/iqLhjhlwqz+MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvSUZiaHBoMlg3V2pXSGtELUtvdUdPR1hDclA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgriwAMF
AyoOd4ADBQMqD+AAAwUDKhO6AAMFAyoT2sADBQMqFH4AMA0GCSqGSIb3DQEBCwUA
A4IBAQDJ2Lo+NqPpuZrSz2fCRKkbK5GHYwQKqBxbXljli/Oxx/v2kqjuCHEuqk2K
GXcjZNP2SZIbk8iVGybmW+G/mWympNjmXvWH7V2XjIbego8KaknO2LIRhdNTFJBC
F3Pg7x/Iyk5WFjwlY+Ndl45Wf5H3JPdO+lA5pk0KKfCx7ZKQDIdS4WePlzJJbH2J
PXge0kOSAN7chPMwkP8cM24+QkTrhUCpHRLNB5f/iKYNeS6kIi1qxqdqheRDH2RM
IsvSuBOdEfa3oiMnSJTIvxwXKxYC3k74U6OCQKdlH8rn4msfGgBXolDDYlypdgiN
i7D6bIWOHsSd0Aqg+h2CQUMmTNFe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:37 2024 by rpki-client on console-fra.rpki-client.org