Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/bUjZ7I2MWzHekcVJy08BsNqEmE4.roa
File: bUjZ7I2MWzHekcVJy08BsNqEmE4.roa (raw, json)
Hash identifier: o9twwUfGfxiDtY/mirdpYJP9tjc6PZBmQ2/YrQq6GkQ=
Subject key identifier: 6D:48:D9:EC:8D:8C:5B:31:DE:91:C5:49:CB:4F:01:B0:DA:84:98:4E
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018CC61F2299D98FF9559BEE9F84D23DBEEB
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/bUjZ7I2MWzHekcVJy08BsNqEmE4.roa
Signing time: Mon 01 Jan 2024 17:42:58 +0000
ROA not before: Mon 01 Jan 2024 17:42:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 32
2a0f:e000::/29 maxlen: 32
2a13:ba00::/29 maxlen: 32
2a12:28c0::/29 maxlen: 32
2a12:6b80::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a0e:7780::/29 maxlen: 32
2a11:f140::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
2a0a:e2c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jan 2024 19:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:1f:22:99:d9:8f:f9:55:9b:ee:9f:84:d2:3d:be:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 17:42:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d48d9ec8d8c5b31de91c549cb4f01b0da84984e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:27:b5:67:8f:f7:4b:92:58:65:f2:da:c9:
f4:dc:ed:fd:e4:75:61:97:57:85:bb:d6:5c:92:0d:
97:61:fc:be:3a:ec:0c:41:77:4d:e5:de:16:6c:f6:
19:db:8b:81:66:36:87:4e:58:87:f8:42:ab:1c:58:
cc:ed:46:3f:31:38:df:8e:01:53:ae:5e:fe:86:e8:
cb:46:55:a7:cc:f5:19:b2:82:ec:44:d1:a5:ef:94:
24:bd:29:d9:2c:a4:c5:ee:7f:9a:fe:b2:92:dd:81:
7e:25:0e:01:14:af:16:9d:7f:50:b9:36:13:20:1e:
79:3c:c8:ca:64:42:fb:01:27:3d:95:f0:e2:2f:93:
6b:3e:97:f5:3c:d1:55:7f:39:ae:59:71:a4:2a:dc:
c9:01:9a:62:03:ba:bb:bd:a6:9b:cc:e3:14:27:65:
03:15:12:d2:8c:11:6f:a1:20:06:be:7b:64:24:3a:
2e:ad:8b:59:8d:15:ff:c8:f7:24:18:b3:e7:08:8b:
18:96:e1:ce:a1:22:de:ad:cb:d7:11:af:9f:14:57:
c2:e1:35:46:ec:b4:a6:c1:9c:80:09:7f:12:6b:d0:
88:6f:68:6d:11:f0:7d:a6:e8:05:59:be:80:02:dd:
39:6e:c1:1a:c2:9f:04:31:ee:d2:eb:54:12:a1:c5:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:D9:EC:8D:8C:5B:31:DE:91:C5:49:CB:4F:01:B0:DA:84:98:4E
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/bUjZ7I2MWzHekcVJy08BsNqEmE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6b80::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:9a:c7:f1:8e:20:1d:61:f8:af:75:7e:67:cb:5c:02:a2:ca:
d3:8f:db:2a:57:52:96:5d:a3:8f:dc:43:3a:5a:43:9f:18:87:
e1:93:36:de:df:3d:04:e2:70:79:48:69:91:f5:9a:e9:b6:59:
da:ce:d7:54:44:73:41:38:72:9b:93:a7:77:6d:d6:46:57:de:
d0:08:eb:80:97:2a:dd:b0:94:03:67:fb:df:8b:2d:95:2b:dd:
74:de:53:46:65:86:0d:58:d3:4e:79:ae:31:b1:40:70:8f:aa:
f0:d0:6c:32:37:96:fd:5c:38:3e:f8:78:b6:01:9b:54:d5:c1:
45:f4:64:f5:84:20:b9:ae:62:00:73:0b:60:11:c8:de:7a:1f:
0b:52:07:14:d0:94:9e:75:9a:23:22:cb:6b:c6:30:0e:a9:1f:
ad:8e:1c:92:31:46:67:f3:1d:db:50:c9:fe:94:35:d8:dc:7a:
87:6c:c9:a7:e9:31:66:c5:b0:33:21:8c:a5:a9:d2:38:b2:54:
b2:a6:fe:20:f9:31:0c:d3:54:ee:cc:a9:8c:f9:15:bb:94:2d:
ee:f9:e9:92:66:47:09:78:bf:d6:9c:aa:5c:ba:c6:c1:77:44:
e5:1f:c2:81:d6:37:d1:14:94:d1:8a:88:06:55:ae:80:2d:1f:
8f:6c:e8:25
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzGHyKZ2Y/5VZvun4TSPb7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMTAxMTc0MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQ4ZDllYzhkOGM1YjMxZGU5MWM1NDljYjRmMDFiMGRhODQ5ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNgntWeP90uSWGXy2sn03O395HVh
l1eFu9Zckg2XYfy+OuwMQXdN5d4WbPYZ24uBZjaHTliH+EKrHFjM7UY/MTjfjgFT
rl7+hujLRlWnzPUZsoLsRNGl75QkvSnZLKTF7n+a/rKS3YF+JQ4BFK8WnX9QuTYT
IB55PMjKZEL7ASc9lfDiL5NrPpf1PNFVfzmuWXGkKtzJAZpiA7q7vaabzOMUJ2UD
FRLSjBFvoSAGvntkJDourYtZjRX/yPckGLPnCIsYluHOoSLercvXEa+fFFfC4TVG
7LSmwZyACX8Sa9CIb2htEfB9pugFWb6AAt05bsEawp8EMe7S61QSocUPFwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFG1I2eyNjFsx3pHFSctPAbDahJhOMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvYlVqWjdJMk1Xekhla2NWSnkwOEJzTnFFbUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKgriwAMF
AyoOd4ADBQMqD+AAAwUDKhHxQAMFAyoSDsADBQMqEhkAAwUDKhIowAMFAyoSa4AD
BQMqE7oAAwUDKhPawAMFAyoUfgAwDQYJKoZIhvcNAQELBQADggEBAKSax/GOIB1h
+K91fmfLXAKiytOP2ypXUpZdo4/cQzpaQ58Yh+GTNt7fPQTicHlIaZH1mum2WdrO
11REc0E4cpuTp3dt1kZX3tAI64CXKt2wlANn+9+LLZUr3XTeU0Zlhg1Y0055rjGx
QHCPqvDQbDI3lv1cOD74eLYBm1TVwUX0ZPWEILmuYgBzC2ARyN56HwtSBxTQlJ51
miMiy2vGMA6pH62OHJIxRmfzHdtQyf6UNdjceodsyafpMWbFsDMhjKWp0jiyVLKm
/iD5MQzTVO7MqYz5FbuULe756ZJmRwl4v9acqly6xsF3ROUfwoHWN9EUlNGKiAZV
roAtH49s6CU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org