Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/iVMk2f251mN1ox5afxh6ySBstFk.roa
File: iVMk2f251mN1ox5afxh6ySBstFk.roa (raw, json)
Hash identifier: O70lSYYUnKmBLT2B0W8R5d7c0lijfOR6TMkvOqtJ7Rg=
Subject key identifier: 89:53:24:D9:FD:B9:D6:63:75:A3:1E:5A:7F:18:7A:C9:20:6C:B4:59
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018F3CAA7C74F8D19226D160C3C2F4A557E2
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/iVMk2f251mN1ox5afxh6ySBstFk.roa
Signing time: Fri 03 May 2024 04:15:56 +0000
ROA not before: Fri 03 May 2024 04:15:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 32
2a0f:e000::/29 maxlen: 32
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
2a14:7e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 May 2024 13:42:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3c:aa:7c:74:f8:d1:92:26:d1:60:c3:c2:f4:a5:57:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 3 04:15:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895324d9fdb9d66375a31e5a7f187ac9206cb459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:58:89:4e:96:29:e0:0f:cf:e0:d1:3c:54:4e:
ad:e1:f2:be:2b:26:c2:26:4f:ae:96:38:37:7d:7f:
cb:c9:cf:b4:be:1d:86:c9:91:66:1e:f6:23:63:d5:
ae:7c:4e:d0:fe:0e:c9:be:81:52:ff:39:f3:39:1b:
e7:16:72:d0:ca:b0:12:3b:4f:fe:83:c6:65:65:d1:
db:80:3c:83:36:c1:63:ee:79:39:83:7c:09:a0:2d:
74:1d:81:79:9f:df:6b:11:b9:c4:40:34:0b:3d:c6:
e5:af:02:f9:cc:0f:f8:2e:b2:3f:35:9f:d5:ac:88:
fa:14:fb:09:fb:be:d1:eb:19:e1:5f:31:79:40:48:
40:26:a7:67:45:66:a7:b5:96:f6:cd:a2:aa:ea:fb:
a4:d5:d8:52:be:a7:91:17:18:6e:6e:7f:98:2d:8b:
19:0a:04:4d:b2:63:02:42:bf:db:f3:02:49:ac:9f:
73:d7:6a:ab:1e:72:da:f0:df:49:bd:4b:19:89:80:
82:b4:30:8c:cd:16:df:35:9d:b4:e2:6f:c3:c4:4f:
30:b3:26:3a:6f:70:42:7b:57:d8:c0:9e:ba:ea:d8:
3f:d9:79:4e:59:c5:21:ab:5a:ce:b4:e2:fe:c6:11:
ba:08:7e:56:c1:d5:1d:82:72:45:50:8c:62:5d:91:
b4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:53:24:D9:FD:B9:D6:63:75:A3:1E:5A:7F:18:7A:C9:20:6C:B4:59
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/iVMk2f251mN1ox5afxh6ySBstFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a11:dcc0::/29
2a12:f0c0::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
21:a0:12:0d:87:c9:e3:00:24:0b:3f:3a:db:a3:33:8c:6a:cb:
44:12:ad:71:28:f2:6b:ca:18:d7:aa:a4:c7:5e:f4:19:48:b8:
18:d4:84:5a:2f:de:9b:61:7e:64:e7:0b:52:7a:1f:e8:89:98:
52:ef:81:3e:5b:28:05:b1:dd:83:6d:29:9d:84:de:73:bf:7a:
19:11:05:88:d3:7a:4f:de:49:6e:5f:5f:d0:92:63:df:b9:ca:
77:d7:0f:3c:93:bc:92:b8:34:f4:c0:7b:be:47:7f:1f:6e:12:
d1:1b:32:6c:be:a4:68:7f:af:c0:a0:b4:ec:71:e2:6f:1a:e0:
d9:4f:2d:2d:dd:a8:2a:fb:f7:7a:4b:f6:c5:ac:47:c8:86:33:
e7:86:02:c8:58:0a:c1:1c:d7:1c:f1:74:ae:71:f8:c6:42:ba:
f4:7e:13:47:87:54:aa:da:1c:38:e7:2d:b1:75:87:bb:db:d3:
b8:6b:a3:1d:72:7b:ea:0b:b0:c7:90:5f:7b:74:1e:7b:cd:be:
61:b5:ff:8a:16:2b:fc:65:d2:cc:53:8e:f3:74:9b:e3:92:aa:
3b:d5:9e:31:75:7e:4c:67:00:87:fa:2a:ac:b3:4b:0b:49:76:
b5:66:ba:dc:db:54:54:00:82:a8:18:e0:f1:ce:68:fb:83:6c:
ff:06:3d:73
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY88qnx0+NGSJtFgw8L0pVfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNTAzMDQxNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUzMjRkOWZkYjlkNjYzNzVhMzFlNWE3ZjE4N2FjOTIwNmNiNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxViJTpYp4A/P4NE8VE6t4fK+KybC
Jk+uljg3fX/Lyc+0vh2GyZFmHvYjY9WufE7Q/g7JvoFS/znzORvnFnLQyrASO0/+
g8ZlZdHbgDyDNsFj7nk5g3wJoC10HYF5n99rEbnEQDQLPcblrwL5zA/4LrI/NZ/V
rIj6FPsJ+77R6xnhXzF5QEhAJqdnRWantZb2zaKq6vuk1dhSvqeRFxhubn+YLYsZ
CgRNsmMCQr/b8wJJrJ9z12qrHnLa8N9JvUsZiYCCtDCMzRbfNZ204m/DxE8wsyY6
b3BCe1fYwJ666tg/2XlOWcUhq1rOtOL+xhG6CH5WwdUdgnJFUIxiXZG0pQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIlTJNn9udZjdaMeWn8YeskgbLRZMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvaVZNazJmMjUxbU4xb3g1YWZ4aDZ5U0JzdEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFAyoK4sAD
BQMqDneAAwUDKg/gAAMFAyoRL0ADBQMqETtAAwUDKhFyQAMFAyoRlgADBQMqEdzA
AwUDKhLwwAMFAyoTugADBQMqE9rAAwUDKhQBQAMFAyoUAcADBQMqFAgAAwUDKhQP
QAMFAyoUfgAwDQYJKoZIhvcNAQELBQADggEBACGgEg2HyeMAJAs/OtujM4xqy0QS
rXEo8mvKGNeqpMde9BlIuBjUhFov3pthfmTnC1J6H+iJmFLvgT5bKAWx3YNtKZ2E
3nO/ehkRBYjTek/eSW5fX9CSY9+5ynfXDzyTvJK4NPTAe75Hfx9uEtEbMmy+pGh/
r8CgtOxx4m8a4NlPLS3dqCr793pL9sWsR8iGM+eGAshYCsEc1xzxdK5x+MZCuvR+
E0eHVKraHDjnLbF1h7vb07hrox1ye+oLsMeQX3t0HnvNvmG1/4oWK/xl0sxTjvN0
m+OSqjvVnjF1fkxnAIf6KqyzSwtJdrVmutzbVFQAgqgY4PHOaPuDbP8GPXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org