Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qEV1ik_D-y9I1pl8AlHk8iPXsq8.roa
File: qEV1ik_D-y9I1pl8AlHk8iPXsq8.roa (raw, json)
Hash identifier: gIWW4gRhLtxa6XLFEDXyl38OSaSy4rgoDjklUIHWFtc=
Subject key identifier: A8:45:75:8A:4F:C3:FB:2F:48:D6:99:7C:02:51:E4:F2:23:D7:B2:AF
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018F4E4CF2BA1727A334218F6CF149303C3F
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qEV1ik_D-y9I1pl8AlHk8iPXsq8.roa
Signing time: Mon 06 May 2024 14:26:56 +0000
ROA not before: Mon 06 May 2024 14:26:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a11:1140::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 30
Validation: Failed, certificate revoked on Thu 23 May 2024 15:36:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:4c:f2:ba:17:27:a3:34:21:8f:6c:f1:49:30:3c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 6 14:26:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a845758a4fc3fb2f48d6997c0251e4f223d7b2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:1e:98:66:7f:f6:d2:14:ba:42:ba:97:02:
5e:5b:e9:74:bf:e4:2e:87:a5:fd:58:6e:91:c2:3b:
72:89:29:1d:06:d6:a8:45:60:a8:d2:85:2b:f8:6a:
f4:e0:07:7d:37:54:5e:3e:b3:10:7a:e1:f7:bf:2f:
41:b1:d1:00:68:38:2d:fa:3d:bc:5a:4f:e1:7d:20:
00:b8:ac:96:f7:b2:4f:1a:76:11:78:3a:bf:00:95:
88:6c:52:4c:e0:c6:a4:0b:ce:d4:9b:24:fd:75:14:
ed:ad:0c:2e:b9:23:9b:b8:8c:43:23:48:07:5c:a6:
27:7e:c6:83:73:a7:ed:12:30:fb:25:0f:29:87:b5:
eb:ab:f4:a7:d5:5e:d3:4b:8d:f2:25:5d:1b:6d:a9:
3d:39:c1:22:2e:10:bf:12:7d:f8:ef:af:25:56:33:
29:c2:c6:52:89:0b:6d:57:11:81:b7:e9:f7:48:9a:
b8:a0:8d:14:e2:de:f3:ab:bb:59:65:2c:44:d2:56:
01:45:4e:f6:bd:0a:89:e1:4d:e6:db:f4:88:6f:b2:
f5:c7:b7:9e:61:bd:01:de:f8:19:ed:5b:b2:a8:95:
b3:75:7c:88:52:a4:e7:b9:75:69:9d:0f:fa:22:66:
7f:49:e2:87:18:66:c6:46:51:51:b9:bc:08:e2:6e:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:45:75:8A:4F:C3:FB:2F:48:D6:99:7C:02:51:E4:F2:23:D7:B2:AF
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qEV1ik_D-y9I1pl8AlHk8iPXsq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1140::/29
2a12:6b80::/29
2a12:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:13:7a:e5:ac:45:9c:6d:20:ba:26:99:da:d4:da:a6:81:c9:
6d:f0:d4:e0:fc:c1:19:bb:da:dd:1b:52:ee:57:51:7d:0e:d8:
7d:6a:5a:44:d8:f6:0c:07:40:05:4a:57:d2:de:be:eb:aa:72:
5e:d5:5d:e1:64:3a:e9:b0:e4:e9:5b:22:c7:4a:0c:ab:4e:2b:
f1:a4:b9:7d:01:14:52:94:8f:03:58:f9:ec:b6:2f:3c:a5:10:
c5:37:c7:9c:fb:d0:36:e7:73:2b:02:49:73:82:2c:29:cc:a5:
f1:57:c8:4e:b4:44:b3:86:65:79:6f:e2:26:50:49:3e:63:62:
9f:e0:e0:67:97:ab:05:44:63:ef:ac:fd:7c:53:19:99:90:3a:
38:8c:a7:54:c4:d8:7b:81:ba:22:c5:2c:fa:96:ca:5d:a6:73:
54:66:8d:d7:32:26:46:c3:c3:10:1a:97:e5:a6:56:5f:ae:7f:
56:0a:57:e5:e9:4d:f2:e1:4c:29:40:59:6f:ff:02:18:6a:4c:
ba:28:e4:dd:ff:43:93:b7:22:24:ad:63:6d:58:67:c3:66:3f:
d2:74:75:42:1f:50:a4:70:04:6f:06:c4:6d:86:47:4b:b6:bb:
23:d4:0a:0c:40:04:7f:ea:bd:0c:4c:ae:f0:5d:ca:e1:da:3f:
a9:64:a6:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY9OTPK6FyejNCGPbPFJMDw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNTA2MTQyNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ1NzU4YTRmYzNmYjJmNDhkNjk5N2MwMjUxZTRmMjIzZDdiMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo14emGZ/9tIUukK6lwJeW+l0v+Qu
h6X9WG6RwjtyiSkdBtaoRWCo0oUr+Gr04Ad9N1RePrMQeuH3vy9BsdEAaDgt+j28
Wk/hfSAAuKyW97JPGnYReDq/AJWIbFJM4MakC87UmyT9dRTtrQwuuSObuIxDI0gH
XKYnfsaDc6ftEjD7JQ8ph7Xrq/Sn1V7TS43yJV0bbak9OcEiLhC/En34768lVjMp
wsZSiQttVxGBt+n3SJq4oI0U4t7zq7tZZSxE0lYBRU72vQqJ4U3m2/SIb7L1x7ee
Yb0B3vgZ7VuyqJWzdXyIUqTnuXVpnQ/6ImZ/SeKHGGbGRlFRubwI4m548QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKhFdYpPw/svSNaZfAJR5PIj17KvMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvcUVWMWlrX0QteTlJMXBsOEFsSGs4aVBYc3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhERQAMF
AyoSa4ADBQMqEtPAMA0GCSqGSIb3DQEBCwUAA4IBAQCRE3rlrEWcbSC6Jpna1Nqm
gclt8NTg/MEZu9rdG1LuV1F9Dth9alpE2PYMB0AFSlfS3r7rqnJe1V3hZDrpsOTp
WyLHSgyrTivxpLl9ARRSlI8DWPnsti88pRDFN8ec+9A253MrAklzgiwpzKXxV8hO
tESzhmV5b+ImUEk+Y2Kf4OBnl6sFRGPvrP18UxmZkDo4jKdUxNh7gboixSz6lspd
pnNUZo3XMiZGw8MQGpflplZfrn9WClfl6U3y4UwpQFlv/wIYaky6KOTd/0OTtyIk
rWNtWGfDZj/SdHVCH1CkcARvBsRthkdLtrsj1AoMQAR/6r0MTK7wXcrh2j+pZKZB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org