Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oiSdiCKNXyhsShTSPlrYm67g4RM.roa
File: oiSdiCKNXyhsShTSPlrYm67g4RM.roa (raw, json)
Hash identifier: m/HZPrm1yfiuURvQGgYbulrFwZbsrsMPWwRWOxbK21A=
Subject key identifier: A2:24:9D:88:22:8D:5F:28:6C:4A:14:D2:3E:5A:D8:9B:AE:E0:E1:13
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0190C73149EDD1EA60F64B73BE793254D3E6
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oiSdiCKNXyhsShTSPlrYm67g4RM.roa
Signing time: Thu 18 Jul 2024 18:53:34 +0000
ROA not before: Thu 18 Jul 2024 18:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214967
IP address blocks: 2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 32
2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jul 2024 15:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c7:31:49:ed:d1:ea:60:f6:4b:73:be:79:32:54:d3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jul 18 18:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2249d88228d5f286c4a14d23e5ad89baee0e113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:49:02:19:57:00:54:db:78:32:cb:e5:5a:1b:
61:79:5f:c9:98:24:77:aa:72:53:39:7a:98:61:1a:
f3:2b:5b:db:8b:97:21:f7:df:f7:4b:67:91:19:fd:
2b:26:b3:f7:eb:87:ea:34:e4:32:98:ac:4f:b3:b0:
02:3c:11:a1:54:77:35:86:e7:6b:0c:8b:41:20:1e:
4d:29:f3:0a:a1:2d:a1:ad:7a:18:a6:08:3f:e0:48:
5b:c9:7f:30:e6:9c:de:e8:85:50:04:8a:9a:b5:be:
10:56:85:6f:ba:fa:0b:40:6b:24:25:d5:81:55:03:
ca:d6:fb:47:38:47:a6:2f:73:71:a5:3f:5a:74:22:
1a:98:f1:19:a2:62:3e:47:92:da:f7:b6:7a:7b:56:
28:c2:74:06:e9:65:82:b4:0d:40:0d:6a:fc:c8:ff:
c9:00:55:90:5e:7d:33:9b:e2:9a:8b:c8:11:9f:a1:
5d:b2:b4:8f:45:54:e6:67:41:65:10:5c:91:47:03:
2d:eb:31:c2:c7:83:92:a9:d6:21:10:c4:ee:2a:5c:
19:40:51:5b:14:cb:6b:cd:bb:a6:e6:27:b3:e5:7d:
bf:d5:9d:72:e4:69:ff:01:e8:56:c9:cc:80:0a:12:
9f:01:9d:4a:0f:99:d9:a3:6d:de:6a:15:9a:0d:23:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:24:9D:88:22:8D:5F:28:6C:4A:14:D2:3E:5A:D8:9B:AE:E0:E1:13
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/oiSdiCKNXyhsShTSPlrYm67g4RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e2c0::/29
2a0e:7780::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:e1:ce:e4:ba:60:04:b5:14:2c:05:ec:38:8d:5b:d6:0e:44:
01:97:f0:fe:b5:7f:13:0c:74:77:e7:ec:84:c9:00:ed:7c:f4:
ad:2a:c3:42:10:6c:d6:91:78:79:0e:ae:99:ab:73:18:f7:4f:
73:c7:60:f4:9c:52:ef:0c:d9:df:13:05:7e:30:4c:ca:00:2b:
c2:77:fd:38:2e:b2:ff:68:11:9c:e3:68:d3:38:8b:ce:08:ed:
6c:28:2f:17:9c:3d:ad:04:f3:ac:03:4b:05:bd:3f:e5:5b:fd:
37:5f:d8:39:8f:1b:f1:eb:3f:a9:c7:4d:a8:26:93:a2:ee:00:
71:8a:cf:18:25:8d:27:c9:79:3f:11:2c:5f:37:25:ba:60:e0:
57:5a:5b:db:04:4e:47:1a:f6:92:00:5b:e6:d7:2a:fd:13:35:
5a:83:66:1c:25:3d:03:af:e0:46:1d:a7:0b:9c:1d:d6:7b:5b:
5e:c9:d3:00:ab:fe:59:1d:24:2c:ac:76:71:ec:cc:33:cc:6a:
76:3e:8f:d7:ce:54:b4:29:b7:cc:c7:58:68:11:78:20:e0:e8:
14:3a:a6:8e:44:b5:81:60:9a:cd:d7:eb:a2:e7:82:b4:87:04:
2b:5f:56:30:1c:a0:c9:e5:fd:55:19:62:03:f5:99:2a:f7:d4:
da:6a:ef:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZDHMUnt0epg9ktzvnkyVNPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNzE4MTg1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjI0OWQ4ODIyOGQ1ZjI4NmM0YTE0ZDIzZTVhZDg5YmFlZTBlMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkkCGVcAVNt4MsvlWhtheV/JmCR3
qnJTOXqYYRrzK1vbi5ch99/3S2eRGf0rJrP364fqNOQymKxPs7ACPBGhVHc1hudr
DItBIB5NKfMKoS2hrXoYpgg/4EhbyX8w5pze6IVQBIqatb4QVoVvuvoLQGskJdWB
VQPK1vtHOEemL3NxpT9adCIamPEZomI+R5La97Z6e1YownQG6WWCtA1ADWr8yP/J
AFWQXn0zm+Kai8gRn6FdsrSPRVTmZ0FlEFyRRwMt6zHCx4OSqdYhEMTuKlwZQFFb
FMtrzbum5iez5X2/1Z1y5Gn/AehWycyAChKfAZ1KD5nZo23eahWaDSNoSwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKIknYgijV8obEoU0j5a2Juu4OETMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvb2lTZGlDS05YeWhzU2hUU1BsclltNjdnNFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgriwAMF
AyoOd4ADBQMqEg7AAwUDKhIZAAMFAyoSKMADBQMqEvDAMA0GCSqGSIb3DQEBCwUA
A4IBAQCR4c7kumAEtRQsBew4jVvWDkQBl/D+tX8TDHR35+yEyQDtfPStKsNCEGzW
kXh5Dq6Zq3MY909zx2D0nFLvDNnfEwV+MEzKACvCd/04LrL/aBGc42jTOIvOCO1s
KC8XnD2tBPOsA0sFvT/lW/03X9g5jxvx6z+px02oJpOi7gBxis8YJY0nyXk/ESxf
NyW6YOBXWlvbBE5HGvaSAFvm1yr9EzVag2YcJT0Dr+BGHacLnB3We1teydMAq/5Z
HSQsrHZx7MwzzGp2Po/XzlS0KbfMx1hoEXgg4OgUOqaORLWBYJrN1+ui54K0hwQr
X1YwHKDJ5f1VGWID9Zkq99Taau9t
-----END CERTIFICATE-----
Generated at Mon Jul 29 17:58:36 2024 by rpki-client on console-fra.rpki-client.org