Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Ojjw5dBI7CcUyhGwCxaZY63m8Ag.roa
File: Ojjw5dBI7CcUyhGwCxaZY63m8Ag.roa (raw, json)
Hash identifier: wiXX/WOr/Y+//F6aX1sJdtjvzkUx+K6WD7Ul9gQBN3c=
Subject key identifier: 3A:38:F0:E5:D0:48:EC:27:14:CA:11:B0:0B:16:99:63:AD:E6:F0:08
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01915B6CCDAC7AB7CC42B260433E2ECEEEDD
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Ojjw5dBI7CcUyhGwCxaZY63m8Ag.roa
Signing time: Fri 16 Aug 2024 13:42:22 +0000
ROA not before: Fri 16 Aug 2024 13:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214967
IP address blocks: 2a06:b440::/29 maxlen: 32
2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 32
2a11:f140::/29 maxlen: 29
2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 17 Aug 2024 11:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:6c:cd:ac:7a:b7:cc:42:b2:60:43:3e:2e:ce:ee:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 16 13:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a38f0e5d048ec2714ca11b00b169963ade6f008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:a2:f3:24:44:d5:da:28:ed:90:a0:3e:bc:
f6:09:ca:ba:74:c4:ce:1f:24:7b:4d:d6:66:80:85:
ea:42:c5:ba:68:82:05:0b:e5:44:63:fc:9b:71:4f:
c1:b3:c5:d5:47:4f:99:55:d5:41:85:ca:72:1b:0b:
d0:33:36:e2:04:5e:41:28:17:93:92:59:a2:9c:ae:
b9:8e:81:f6:d9:45:45:3e:de:94:56:a5:b5:44:3d:
08:3e:cd:86:08:b5:9e:48:43:17:80:ff:ff:3f:40:
e2:bc:51:8b:32:4f:25:15:8a:f9:59:66:5d:e6:6d:
0e:f4:c5:6e:8d:6b:97:f3:60:d2:ff:29:52:66:88:
b5:85:d0:78:0a:97:f3:c3:8f:a2:dc:26:22:bf:57:
fb:10:9c:5d:0b:2a:70:79:8f:0b:25:81:7d:c9:1b:
06:ff:27:09:75:03:ba:82:60:39:07:ee:c1:b8:05:
30:e7:56:b7:89:b2:b5:72:42:f2:60:85:0a:b0:3e:
63:af:8c:a4:cd:95:71:e7:39:5b:c4:1e:c5:88:6b:
5b:26:a5:33:5d:15:a1:71:85:c4:3d:3f:6f:27:f9:
b8:17:95:a4:78:23:fd:c9:59:53:40:bb:2d:be:c2:
56:ab:6f:b1:31:d5:4d:60:3c:09:5b:6c:7c:6b:17:
92:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:38:F0:E5:D0:48:EC:27:14:CA:11:B0:0B:16:99:63:AD:E6:F0:08
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/Ojjw5dBI7CcUyhGwCxaZY63m8Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0a:e2c0::/29
2a0e:7780::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:14:31:c7:ae:72:37:30:1b:48:1e:24:ee:c2:7b:c4:62:19:
d1:cc:48:ed:65:dd:4b:dc:8e:5b:b7:06:db:e9:63:97:fe:e7:
ea:81:1f:7e:d5:f3:81:bd:7c:1d:30:8c:8b:b2:5f:fa:e5:d6:
e3:93:0d:39:fb:5c:47:3b:d1:ae:d3:18:9b:e5:6e:8c:54:aa:
c5:b3:e5:a6:87:5a:5d:a5:01:03:84:2a:ec:20:3f:94:11:7e:
6c:11:ad:a7:75:ad:9e:d0:39:b6:b3:e2:5e:7f:13:62:57:8c:
74:e8:4b:e5:c7:c7:52:59:89:69:06:30:94:84:cf:c7:e7:d4:
37:2d:07:e9:c7:c7:66:df:4e:c5:68:f6:cb:2d:89:61:30:c3:
77:01:46:66:ae:d8:90:e0:43:73:10:92:c7:6e:8a:6d:a8:89:
d2:46:d0:06:8f:a9:df:77:90:42:7f:ea:56:32:0c:86:3b:25:
54:11:81:0c:8c:a3:4c:a9:8d:06:d1:a2:62:78:24:aa:d6:8c:
f5:09:46:23:64:bc:b8:4c:10:b3:d9:fa:b6:ef:0a:32:9c:fb:
bb:bd:7f:c1:1b:da:4e:fd:dc:22:e1:c6:fb:d6:eb:2f:b4:e1:
e5:7b:fe:91:75:77:e8:94:73:b6:01:bd:34:12:21:4a:9b:5f:
0a:76:63:d5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZFbbM2serfMQrJgQz4uzu7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODE2MTM0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM4ZjBlNWQwNDhlYzI3MTRjYTExYjAwYjE2OTk2M2FkZTZmMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAyi8yRE1doo7ZCgPrz2Ccq6dMTO
HyR7TdZmgIXqQsW6aIIFC+VEY/ybcU/Bs8XVR0+ZVdVBhcpyGwvQMzbiBF5BKBeT
klminK65joH22UVFPt6UVqW1RD0IPs2GCLWeSEMXgP//P0DivFGLMk8lFYr5WWZd
5m0O9MVujWuX82DS/ylSZoi1hdB4Cpfzw4+i3CYiv1f7EJxdCypweY8LJYF9yRsG
/ycJdQO6gmA5B+7BuAUw51a3ibK1ckLyYIUKsD5jr4ykzZVx5zlbxB7FiGtbJqUz
XRWhcYXEPT9vJ/m4F5WkeCP9yVlTQLstvsJWq2+xMdVNYDwJW2x8axeSsQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDo48OXQSOwnFMoRsAsWmWOt5vAIMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvT2pqdzVkQkk3Q2NVeWhHd0N4YVpZNjNtOEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKga0QAMF
AyoK4sADBQMqDneAAwUDKhHxQAMFAyoSDsADBQMqEhkAAwUDKhIowDANBgkqhkiG
9w0BAQsFAAOCAQEAkxQxx65yNzAbSB4k7sJ7xGIZ0cxI7WXdS9yOW7cG2+ljl/7n
6oEfftXzgb18HTCMi7Jf+uXW45MNOftcRzvRrtMYm+VujFSqxbPlpodaXaUBA4Qq
7CA/lBF+bBGtp3WtntA5trPiXn8TYleMdOhL5cfHUlmJaQYwlITPx+fUNy0H6cfH
Zt9OxWj2yy2JYTDDdwFGZq7YkOBDcxCSx26KbaiJ0kbQBo+p33eQQn/qVjIMhjsl
VBGBDIyjTKmNBtGiYngkqtaM9QlGI2S8uEwQs9n6tu8KMpz7u71/wRvaTv3cIuHG
+9brL7Th5Xv+kXV36JRztgG9NBIhSptfCnZj1Q==
-----END CERTIFICATE-----
Generated at Sat Aug 17 16:28:12 2024 by rpki-client on console-fra.rpki-client.org