Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ZaM-liE9V8Ay0jz2yR00ftkPjJ4.roa
File: ZaM-liE9V8Ay0jz2yR00ftkPjJ4.roa (raw, json)
Hash identifier: 9k8YUBT6zBne6MbQdd+3FTVKN92iakvV5RLmi66a+XI=
Subject key identifier: 65:A3:3E:96:21:3D:57:C0:32:D2:3C:F6:C9:1D:34:7E:D9:0F:8C:9E
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019016F8AF2BCFC4172DE115DA533C7D177F
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ZaM-liE9V8Ay0jz2yR00ftkPjJ4.roa
Signing time: Fri 14 Jun 2024 13:38:34 +0000
ROA not before: Fri 14 Jun 2024 13:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a06:b440::/29 maxlen: 29
2a0e:7780::/29 maxlen: 30
2a0f:e000::/29 maxlen: 29
2a12:ec0::/29 maxlen: 32
2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
2a12:f0c0::/29 maxlen: 30
Validation: Failed, certificate revoked on Fri 21 Jun 2024 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:f8:af:2b:cf:c4:17:2d:e1:15:da:53:3c:7d:17:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jun 14 13:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65a33e96213d57c032d23cf6c91d347ed90f8c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cf:08:cd:47:e9:05:ae:74:5b:6c:4d:71:22:
c8:4f:e9:b5:f1:1d:3e:38:a0:93:79:ea:18:d7:25:
66:5c:f2:94:27:c4:1b:35:be:8c:b7:08:4d:9a:3c:
aa:df:fe:4d:cc:5f:ce:df:fd:e1:35:ec:44:ee:3c:
3f:74:b2:ff:f6:94:3b:35:ea:f6:5c:da:e9:5d:68:
82:d4:52:d0:6b:2c:96:b0:65:b8:65:8f:1b:1c:1c:
c8:4c:2d:ef:90:df:72:46:a3:5d:d7:41:2d:2b:b2:
d0:a8:2f:d9:f0:a9:89:e8:54:91:24:4f:dd:21:f6:
79:a4:9b:18:f1:c4:0d:52:bb:da:97:5a:cc:9e:24:
64:d9:28:10:83:24:51:88:5a:86:40:92:21:b8:ba:
4e:c4:9d:24:32:4c:a3:24:45:05:d0:d9:90:35:41:
aa:81:c7:a8:07:7b:04:4c:f9:dd:92:9a:9a:b3:9b:
ae:32:a5:d4:7a:83:1c:8a:4e:ea:e3:bb:05:fe:10:
4b:9f:39:79:0c:1d:70:69:26:a0:e7:10:5d:44:c9:
7e:8a:52:0d:73:9d:0e:98:13:3d:66:9e:fc:b4:d4:
81:86:df:39:12:a3:f7:af:a4:43:ab:08:e5:c8:91:
04:56:c3:45:41:0a:bb:9a:16:26:b7:a4:b1:57:bf:
93:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A3:3E:96:21:3D:57:C0:32:D2:3C:F6:C9:1D:34:7E:D9:0F:8C:9E
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ZaM-liE9V8Ay0jz2yR00ftkPjJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0e:7780::/29
2a0f:e000::/29
2a12:ec0::/29
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:7c:97:47:ab:f1:2d:c9:38:4a:2c:fd:0f:22:b6:96:d2:a6:
1d:1d:be:22:e5:9a:95:50:b6:65:f2:e1:cb:e6:c0:72:07:1b:
29:b7:00:68:20:0b:bd:a6:a2:7a:3c:8f:2d:1e:51:e3:a5:11:
55:8a:76:28:5a:cb:87:39:75:84:7b:f4:1f:aa:ef:ab:79:8b:
02:74:81:a6:ef:a2:d5:b6:ca:13:4b:f3:10:af:64:24:24:4a:
9b:d0:dd:d9:4d:68:cc:68:cc:f8:0f:b3:d3:de:26:0f:55:a4:
74:6d:0d:f6:d4:f4:2b:ae:1c:39:e9:fb:10:0a:31:ef:90:5c:
1e:e1:3b:d8:81:ae:c3:b1:ee:6b:d1:08:78:53:3d:ec:9f:62:
88:cf:db:d9:a9:c0:2d:04:b7:25:76:24:72:f3:ae:b0:cb:48:
d0:de:42:16:fd:fa:5c:8d:97:22:cc:fb:8c:ea:b8:7b:be:e4:
a4:a9:ba:2d:eb:24:c2:05:4b:84:92:05:0b:bc:ee:2c:6c:37:
ee:df:82:0d:99:92:65:68:1a:3c:50:02:50:d9:47:4b:ae:f1:
00:3e:b7:9a:0a:5e:c1:a3:46:14:36:13:d7:80:9f:3e:e0:ab:
1c:58:ec:e6:08:2f:04:f7:b7:76:94:e9:0b:6c:40:e7:2b:3e:
c7:b5:0e:d6
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZAW+K8rz8QXLeEV2lM8fRd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNjE0MTMzODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWEzM2U5NjIxM2Q1N2MwMzJkMjNjZjZjOTFkMzQ3ZWQ5MGY4YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M8IzUfpBa50W2xNcSLIT+m18R0+
OKCTeeoY1yVmXPKUJ8QbNb6MtwhNmjyq3/5NzF/O3/3hNexE7jw/dLL/9pQ7Ner2
XNrpXWiC1FLQayyWsGW4ZY8bHBzITC3vkN9yRqNd10EtK7LQqC/Z8KmJ6FSRJE/d
IfZ5pJsY8cQNUrval1rMniRk2SgQgyRRiFqGQJIhuLpOxJ0kMkyjJEUF0NmQNUGq
gceoB3sETPndkpqas5uuMqXUeoMcik7q47sF/hBLnzl5DB1waSag5xBdRMl+ilIN
c50OmBM9Zp78tNSBht85EqP3r6RDqwjlyJEEVsNFQQq7mhYmt6SxV7+TYQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGWjPpYhPVfAMtI89skdNH7ZD4yeMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvWmFNLWxpRTlWOEF5MGp6MnlSMDBmdGtQako0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKga0QAMF
AyoOd4ADBQMqD+AAAwUDKhIOwAMFAyoSZ0ADBQMqEo7AAwUDKhLMwAMFAyoS08AD
BQMqEuJAAwUDKhLwwDANBgkqhkiG9w0BAQsFAAOCAQEAOnyXR6vxLck4Siz9DyK2
ltKmHR2+IuWalVC2ZfLhy+bAcgcbKbcAaCALvaaiejyPLR5R46URVYp2KFrLhzl1
hHv0H6rvq3mLAnSBpu+i1bbKE0vzEK9kJCRKm9Dd2U1ozGjM+A+z094mD1WkdG0N
9tT0K64cOen7EAox75BcHuE72IGuw7Hua9EIeFM97J9iiM/b2anALQS3JXYkcvOu
sMtI0N5CFv36XI2XIsz7jOq4e77kpKm6LeskwgVLhJIFC7zuLGw37t+CDZmSZWga
PFACUNlHS67xAD63mgpewaNGFDYT14CfPuCrHFjs5ggvBPe3dpTpC2xA5ys+x7UO
1g==
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:03:50 2024 by rpki-client on console-fra.rpki-client.org