Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lrCXFPvMCuGmRxS8o3RLYH2zFfY.roa
File: lrCXFPvMCuGmRxS8o3RLYH2zFfY.roa (raw, json)
Hash identifier: yy0VppqAt1vXjzluLoR7XrqmWPFDcIhPTlLevpGlBoQ=
Subject key identifier: 96:B0:97:14:FB:CC:0A:E1:A6:47:14:BC:A3:74:4B:60:7D:B3:15:F6
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018DFF44640327407AA637E08E281D19E304
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lrCXFPvMCuGmRxS8o3RLYH2zFfY.roa
Signing time: Sat 02 Mar 2024 13:04:48 +0000
ROA not before: Sat 02 Mar 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0a:e2c0::/29 maxlen: 32
2a0e:7780::/29 maxlen: 32
2a0f:e000::/29 maxlen: 32
2a11:3b40::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 32
2a13:dac0::/29 maxlen: 32
2a14:7e00::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Mar 2024 18:55:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ff:44:64:03:27:40:7a:a6:37:e0:8e:28:1d:19:e3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Mar 2 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96b09714fbcc0ae1a64714bca3744b607db315f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cb:36:51:05:fc:09:2f:47:7c:fb:ec:5c:6d:
80:56:fc:1c:67:0f:31:38:80:86:5f:64:d5:50:fb:
65:de:7c:79:dd:62:ce:10:23:e6:79:d2:26:a7:3c:
2d:fa:ec:f3:7a:f3:b0:a2:b2:a7:f9:4c:16:11:f8:
61:9e:86:fd:a2:3f:08:02:cb:40:e2:0f:f8:28:d8:
f8:21:69:10:9b:ed:6b:3d:5b:de:60:1c:70:16:c9:
6e:aa:12:5b:3c:b8:d4:a4:f8:24:d5:6f:b9:4b:d8:
27:52:40:79:b2:40:30:2c:89:3b:e2:87:6d:26:22:
45:03:5d:71:f5:1b:a6:c4:56:12:c7:cc:72:97:f4:
82:6c:ad:2f:5f:2f:fe:6a:86:6e:fe:79:7e:91:30:
b7:34:93:ce:84:33:a0:c6:b4:58:b2:19:87:ec:05:
a1:d9:e0:d9:e0:ff:00:9a:8d:04:ae:2e:c6:8a:bb:
08:4f:1b:a0:61:ae:44:45:2d:9e:67:92:20:b3:35:
48:c8:7b:e1:9a:b4:0a:9e:2d:6e:e5:3a:74:11:b5:
c3:b4:f5:41:2d:d8:b4:36:88:81:c3:68:1c:48:d1:
0c:c4:7e:a5:6d:a7:8b:1f:54:ef:06:46:3a:0c:3a:
ff:04:6c:61:26:8a:40:39:fa:9a:e8:fd:fd:ff:18:
5f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B0:97:14:FB:CC:0A:E1:A6:47:14:BC:A3:74:4B:60:7D:B3:15:F6
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/lrCXFPvMCuGmRxS8o3RLYH2zFfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:e000::/29
2a11:3b40::/29
2a11:9600::/29
2a11:dcc0::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
ad:23:f1:e1:3d:3c:a3:9b:4d:5d:01:1c:5e:75:72:e9:8a:c9:
d8:19:8c:6f:7c:a5:13:a1:ca:a2:84:31:8a:97:e4:00:f1:8e:
85:84:dd:57:10:03:3b:54:7a:c3:a4:22:03:69:bd:50:08:ad:
e1:2e:3d:38:92:01:96:2d:b7:5a:24:d5:cb:44:69:cb:3b:8e:
e2:54:73:ad:d6:69:98:fa:ed:65:37:7c:68:4c:e7:91:75:3a:
7f:11:51:48:02:66:b4:2c:15:bb:ea:4e:11:e5:6a:e8:81:4e:
86:3f:0a:11:5f:4f:03:9a:3d:2d:17:6c:f6:19:d1:28:ba:ec:
18:45:57:ac:89:81:9d:2b:e3:bc:3c:db:0f:a8:d7:ca:3a:1e:
fc:7f:fb:eb:27:08:8b:ca:06:bb:6b:90:8d:eb:91:0d:c3:97:
71:82:6e:72:c0:14:29:c3:44:ff:fd:5c:35:5d:f9:77:1e:4b:
c1:8f:8c:c7:f9:c3:3f:f0:46:12:9d:52:69:f5:cf:d7:a8:9f:
5a:97:1b:91:50:5a:17:a7:92:97:4c:f6:27:9c:1b:42:95:4f:
1b:69:a3:03:d0:71:99:7d:bc:2c:d1:8e:7c:00:7f:a7:b7:9f:
8c:ec:05:83:8e:5b:fe:6f:3a:c0:cf:8c:5a:2f:8d:ef:8d:d8:
86:8b:37:7d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY3/RGQDJ0B6pjfgjigdGeMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwMzAyMTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmIwOTcxNGZiY2MwYWUxYTY0NzE0YmNhMzc0NGI2MDdkYjMxNWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8s2UQX8CS9HfPvsXG2AVvwcZw8x
OICGX2TVUPtl3nx53WLOECPmedImpzwt+uzzevOworKn+UwWEfhhnob9oj8IAstA
4g/4KNj4IWkQm+1rPVveYBxwFsluqhJbPLjUpPgk1W+5S9gnUkB5skAwLIk74odt
JiJFA11x9RumxFYSx8xyl/SCbK0vXy/+aoZu/nl+kTC3NJPOhDOgxrRYshmH7AWh
2eDZ4P8Amo0Eri7GirsITxugYa5ERS2eZ5IgszVIyHvhmrQKni1u5Tp0EbXDtPVB
Ldi0NoiBw2gcSNEMxH6lbaeLH1TvBkY6DDr/BGxhJopAOfqa6P39/xhfPwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJawlxT7zArhpkcUvKN0S2B9sxX2MB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvbHJDWEZQdk1DdUdtUnhTOG8zUkxZSDJ6RmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgriwAMF
AyoOd4ADBQMqD+AAAwUDKhE7QAMFAyoRlgADBQMqEdzAAwUDKhO6AAMFAyoT2sAD
BQMqFH4AMA0GCSqGSIb3DQEBCwUAA4IBAQCtI/HhPTyjm01dARxedXLpisnYGYxv
fKUTocqihDGKl+QA8Y6FhN1XEAM7VHrDpCIDab1QCK3hLj04kgGWLbdaJNXLRGnL
O47iVHOt1mmY+u1lN3xoTOeRdTp/EVFIAma0LBW76k4R5WrogU6GPwoRX08Dmj0t
F2z2GdEouuwYRVesiYGdK+O8PNsPqNfKOh78f/vrJwiLyga7a5CN65ENw5dxgm5y
wBQpw0T//Vw1Xfl3HkvBj4zH+cM/8EYSnVJp9c/XqJ9alxuRUFoXp5KXTPYnnBtC
lU8baaMD0HGZfbws0Y58AH+nt5+M7AWDjlv+bzrAz4xaL43vjdiGizd9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org