Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/aPptVJFaqNRXZx-DpsdqCWf2XF0.roa
File: aPptVJFaqNRXZx-DpsdqCWf2XF0.roa (raw, json)
Hash identifier: rSRAZnY+4u+GeooODQ9s3XPhWLFOR6kbqOrKvDIr/Ug=
Subject key identifier: 68:FA:6D:54:91:5A:A8:D4:57:67:1F:83:A6:C7:6A:09:67:F6:5C:5D
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01916016A6600BFA0B032FAF0F2FAF126847
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/aPptVJFaqNRXZx-DpsdqCWf2XF0.roa
Signing time: Sat 17 Aug 2024 11:26:22 +0000
ROA not before: Sat 17 Aug 2024 11:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a06:b440::/29 maxlen: 32
2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
Validation: Failed, certificate revoked on Mon 09 Sep 2024 20:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:16:a6:60:0b:fa:0b:03:2f:af:0f:2f:af:12:68:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 17 11:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68fa6d54915aa8d457671f83a6c76a0967f65c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bb:90:35:10:81:58:72:d6:eb:fe:71:08:42:
61:73:a7:83:48:8c:e6:5d:2f:ca:32:db:8d:8b:22:
5c:26:0c:3a:96:37:4f:09:c4:a7:c7:17:b4:be:1d:
18:c3:1a:e8:21:3a:f1:c5:e3:ad:24:09:0e:a4:91:
8f:9a:03:9e:11:24:39:e9:73:6b:77:22:c3:1a:2b:
46:17:dc:6e:ec:c8:8a:5b:3f:27:66:4b:95:f1:60:
f9:df:67:05:f8:39:f6:ed:5f:92:8f:70:8d:8d:2c:
6c:86:b5:4d:e8:41:72:32:7b:06:c2:3d:8b:c6:f7:
53:ba:c1:9f:c5:c9:a9:5f:34:94:f6:65:64:f8:b2:
f3:4c:79:ba:32:40:4b:fa:ef:34:5c:9f:5e:61:11:
41:82:50:5b:68:d3:ca:21:d3:bc:7c:eb:f5:39:e3:
a2:23:95:07:a2:95:5a:24:9e:95:52:40:66:bf:b8:
8c:3d:98:89:b1:2b:09:89:f3:60:78:be:92:8e:22:
e2:69:a0:f4:71:b4:64:dc:e9:f5:39:19:b6:c6:d7:
2d:7c:61:6b:27:66:0a:ca:c1:1e:b7:6f:84:f6:89:
2a:fe:5e:c6:da:2d:d9:35:56:30:ed:53:b7:11:c0:
22:60:33:fa:30:a2:21:85:4b:86:d8:4a:5c:1f:62:
96:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FA:6D:54:91:5A:A8:D4:57:67:1F:83:A6:C7:6A:09:67:F6:5C:5D
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/aPptVJFaqNRXZx-DpsdqCWf2XF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
Signature Algorithm: sha256WithRSAEncryption
5a:6b:df:9a:73:08:fe:3a:d3:b8:dc:80:a1:a2:fb:5f:5f:de:
87:58:f2:5f:bd:ca:fb:8e:3f:f1:3b:57:4b:80:2d:89:5c:d3:
bf:ad:f0:b4:7c:c0:a8:08:fc:b3:f6:29:9f:d4:76:7b:e1:5e:
98:89:40:10:c8:64:a5:bb:76:cf:67:84:b0:8b:3a:45:d0:90:
0a:02:ce:2f:b2:06:07:6b:60:96:e6:9d:e8:f9:16:78:40:c9:
35:a8:ec:e4:e0:a8:86:76:64:aa:3b:7b:f0:db:76:54:9e:95:
a0:ec:d5:ad:d0:90:ab:f2:11:f8:fd:2b:b3:b3:1a:95:39:1f:
a5:c4:54:ae:6f:f6:0f:b2:fa:c8:16:5e:e5:81:5c:20:93:d1:
8c:e1:2c:cd:85:c0:e5:60:fa:d3:5a:1f:9b:31:7d:ac:67:83:
8d:0c:4b:ad:85:03:d6:5a:2e:b7:1d:a4:47:75:25:a4:e2:11:
17:f9:ae:cd:3f:26:18:51:f6:ab:d0:23:cf:3a:19:61:2a:8a:
9f:cb:3e:5a:b5:16:08:99:36:7a:43:24:bb:6b:02:71:52:f3:
06:f8:9e:36:aa:0a:7b:2c:ba:ae:fe:f2:e7:c3:d1:21:c4:e1:
96:7d:da:83:cd:f6:c2:14:e0:3f:49:55:00:f8:9d:78:ed:f6:
eb:74:49:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFgFqZgC/oLAy+vDy+vEmhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODE3MTEyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZhNmQ1NDkxNWFhOGQ0NTc2NzFmODNhNmM3NmEwOTY3ZjY1YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7uQNRCBWHLW6/5xCEJhc6eDSIzm
XS/KMtuNiyJcJgw6ljdPCcSnxxe0vh0YwxroITrxxeOtJAkOpJGPmgOeESQ56XNr
dyLDGitGF9xu7MiKWz8nZkuV8WD532cF+Dn27V+Sj3CNjSxshrVN6EFyMnsGwj2L
xvdTusGfxcmpXzSU9mVk+LLzTHm6MkBL+u80XJ9eYRFBglBbaNPKIdO8fOv1OeOi
I5UHopVaJJ6VUkBmv7iMPZiJsSsJifNgeL6SjiLiaaD0cbRk3On1ORm2xtctfGFr
J2YKysEet2+E9okq/l7G2i3ZNVYw7VO3EcAiYDP6MKIhhUuG2EpcH2KWeQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGj6bVSRWqjUV2cfg6bHagln9lxdMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvYVBwdFZKRmFxTlJYWngtRHBzZHFDV2YyWEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKga0QAMF
AyoSZ0ADBQMqEo7AAwUDKhLMwAMFAyoS08ADBQMqEuJAMA0GCSqGSIb3DQEBCwUA
A4IBAQBaa9+acwj+OtO43IChovtfX96HWPJfvcr7jj/xO1dLgC2JXNO/rfC0fMCo
CPyz9imf1HZ74V6YiUAQyGSlu3bPZ4SwizpF0JAKAs4vsgYHa2CW5p3o+RZ4QMk1
qOzk4KiGdmSqO3vw23ZUnpWg7NWt0JCr8hH4/SuzsxqVOR+lxFSub/YPsvrIFl7l
gVwgk9GM4SzNhcDlYPrTWh+bMX2sZ4ONDEuthQPWWi63HaRHdSWk4hEX+a7NPyYY
Ufar0CPPOhlhKoqfyz5atRYImTZ6QyS7awJxUvMG+J42qgp7LLqu/vLnw9EhxOGW
fdqDzfbCFOA/SVUA+J147fbrdEmJ
-----END CERTIFICATE-----
Generated at Mon Sep 9 23:00:19 2024 by rpki-client on console-ams.rpki-client.org