Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/SRDgIjVx0xO3hJemwncqI5-Mj-Q.roa
File: SRDgIjVx0xO3hJemwncqI5-Mj-Q.roa (raw, json)
Hash identifier: exVeB2rUQbqcCn05lPhMrA3bVligCRGcDVdu6hSEJh0=
Subject key identifier: 49:10:E0:22:35:71:D3:13:B7:84:97:A6:C2:77:2A:23:9F:8C:8F:E4
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0190FEF4E63A0C631F659559BFFA9BB6E644
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/SRDgIjVx0xO3hJemwncqI5-Mj-Q.roa
Signing time: Mon 29 Jul 2024 14:46:20 +0000
ROA not before: Mon 29 Jul 2024 14:46:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214477
IP address blocks: 2a11:f240::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jul 2024 14:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:f4:e6:3a:0c:63:1f:65:95:59:bf:fa:9b:b6:e6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 29 14:46:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4910e0223571d313b78497a6c2772a239f8c8fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e7:78:10:c5:40:b8:dc:e8:29:51:c2:4c:3d:
1c:55:b1:2d:33:0a:98:b6:18:56:2a:b5:23:b5:74:
e1:7f:7d:80:f2:48:fe:0f:0e:b9:49:e2:93:19:33:
f0:cd:73:a4:e0:80:87:09:57:c9:1a:14:b2:22:95:
77:88:b0:38:50:c4:4e:e1:d2:04:04:e9:03:04:05:
b9:5c:44:f9:df:41:92:e8:2a:ad:b2:46:f2:e5:04:
b4:af:49:9d:be:19:5e:91:36:bb:b0:74:8b:96:ad:
73:a5:03:b8:52:7e:56:66:b9:7b:53:ab:69:cb:b0:
20:be:6d:b5:b0:b8:fc:e5:f4:3a:58:95:08:bd:5b:
96:67:08:70:69:7c:35:71:6c:47:af:02:d6:b5:9c:
32:00:92:b7:30:08:dc:d9:9e:5a:14:20:6d:27:e4:
ca:14:5c:e0:01:1b:2a:00:0b:81:0c:d0:56:ab:33:
5b:a5:e2:01:2d:c3:05:88:9b:84:22:c5:d1:f1:d2:
c6:4f:6b:9d:7f:bc:21:bb:83:f2:a0:9c:0d:27:56:
a0:2e:e6:cd:c6:5d:8b:ce:71:1e:2c:80:01:a0:57:
d6:77:df:a7:0f:30:3c:a0:85:bf:82:10:59:10:db:
b7:83:36:35:f7:b5:b2:03:7e:98:5c:ea:61:8e:11:
3e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:10:E0:22:35:71:D3:13:B7:84:97:A6:C2:77:2A:23:9F:8C:8F:E4
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/SRDgIjVx0xO3hJemwncqI5-Mj-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f240::/29
2a12:6f40::/29
2a12:7740::/29
Signature Algorithm: sha256WithRSAEncryption
8f:33:0d:23:69:60:e7:bd:15:dc:d7:4f:c4:7f:55:f1:44:f5:
36:88:08:36:b0:03:c2:08:eb:d4:90:ef:5a:91:93:be:05:e0:
db:3a:e3:9f:2e:b4:79:40:15:41:f4:9f:c2:f0:05:ce:98:7c:
67:ff:f6:0e:73:0e:35:12:c1:f7:c8:63:2b:88:0f:9b:95:6f:
2b:b6:b6:22:0b:94:6f:bb:0a:d3:b4:f9:d5:bf:34:1c:de:4c:
af:5e:ac:8d:47:fd:20:35:af:39:1d:79:e0:6e:d5:49:b9:b6:
4f:ac:a1:fa:47:55:a5:f6:d6:5c:33:a2:29:a8:6b:13:24:59:
e7:2e:80:0d:2e:8f:85:0f:eb:ce:f9:44:cb:63:c8:7e:47:3e:
f4:77:6b:c1:2d:02:97:37:68:71:a4:20:a1:67:6d:fe:71:76:
f9:60:0f:54:84:d0:c4:23:97:76:25:d2:56:38:08:35:95:ee:
1b:a2:bf:27:6a:06:b9:93:75:75:92:da:87:2e:35:9b:4b:d9:
b3:76:19:7d:67:50:c3:5d:43:44:fc:4b:9b:a9:80:d0:29:84:
05:f0:8c:e9:e3:55:d9:09:b6:b5:6d:ee:e6:a7:a2:23:ae:0e:
23:ed:de:74:d8:ff:b5:77:35:2e:b5:b8:bc:34:93:ed:ab:09:
50:75:6e:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZD+9OY6DGMfZZVZv/qbtuZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNzI5MTQ0NjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTEwZTAyMjM1NzFkMzEzYjc4NDk3YTZjMjc3MmEyMzlmOGM4ZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ed4EMVAuNzoKVHCTD0cVbEtMwqY
thhWKrUjtXThf32A8kj+Dw65SeKTGTPwzXOk4ICHCVfJGhSyIpV3iLA4UMRO4dIE
BOkDBAW5XET530GS6Cqtskby5QS0r0mdvhlekTa7sHSLlq1zpQO4Un5WZrl7U6tp
y7Agvm21sLj85fQ6WJUIvVuWZwhwaXw1cWxHrwLWtZwyAJK3MAjc2Z5aFCBtJ+TK
FFzgARsqAAuBDNBWqzNbpeIBLcMFiJuEIsXR8dLGT2udf7whu4PyoJwNJ1agLubN
xl2LznEeLIABoFfWd9+nDzA8oIW/ghBZENu3gzY197WyA36YXOphjhE+8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEkQ4CI1cdMTt4SXpsJ3KiOfjI/kMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvU1JEZ0lqVngweE8zaEplbXduY3FJNS1Nai1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhHyQAMF
AyoSb0ADBQMqEndAMA0GCSqGSIb3DQEBCwUAA4IBAQCPMw0jaWDnvRXc10/Ef1Xx
RPU2iAg2sAPCCOvUkO9akZO+BeDbOuOfLrR5QBVB9J/C8AXOmHxn//YOcw41EsH3
yGMriA+blW8rtrYiC5RvuwrTtPnVvzQc3kyvXqyNR/0gNa85HXngbtVJubZPrKH6
R1Wl9tZcM6IpqGsTJFnnLoANLo+FD+vO+UTLY8h+Rz70d2vBLQKXN2hxpCChZ23+
cXb5YA9UhNDEI5d2JdJWOAg1le4bor8naga5k3V1ktqHLjWbS9mzdhl9Z1DDXUNE
/EubqYDQKYQF8Izp41XZCba1be7mp6Ijrg4j7d502P+1dzUutbi8NJPtqwlQdW5g
-----END CERTIFICATE-----
Generated at Mon Jul 29 19:29:06 2024 by rpki-client on console-ams.rpki-client.org