Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qJ7vJXf3rbY8BWIx8x7e2w4VDuo.roa
File: qJ7vJXf3rbY8BWIx8x7e2w4VDuo.roa (raw, json)
Hash identifier: XZxAHDsh8Yk+Xmma51fRg49xeNVHh4AT7kacQ2zpS6k=
Subject key identifier: A8:9E:EF:25:77:F7:AD:B6:3C:05:62:31:F3:1E:DE:DB:0E:15:0E:EA
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019152814F247C0776C26AB39F05E1838E48
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qJ7vJXf3rbY8BWIx8x7e2w4VDuo.roa
Signing time: Wed 14 Aug 2024 20:08:11 +0000
ROA not before: Wed 14 Aug 2024 20:08:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214967
IP address blocks: 2a06:b440::/29 maxlen: 32
2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 32
2a11:f140::/29 maxlen: 29
2a12:ec0::/29 maxlen: 32
2a12:1900::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 16 Aug 2024 13:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:81:4f:24:7c:07:76:c2:6a:b3:9f:05:e1:83:8e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 14 20:08:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a89eef2577f7adb63c056231f31ededb0e150eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:b8:3e:a2:15:42:50:0f:c2:2d:2c:e2:30:
01:32:ee:5b:ee:ef:a2:c8:98:d4:fd:24:5c:5b:c6:
bf:22:89:76:1f:c9:6f:9b:f9:6a:2f:7f:3f:87:5d:
e8:43:55:1b:d5:26:a6:97:95:e9:a7:40:33:64:95:
06:b3:a5:5f:0b:22:af:e3:aa:f5:f0:7e:b4:4b:ee:
e6:68:9e:b7:87:41:e7:db:4e:24:9f:ee:bc:d2:3b:
0a:ce:23:b4:8a:7c:1a:8a:de:cc:f9:b0:00:4e:c0:
ad:90:7f:66:9d:62:8d:01:ce:4c:f3:01:19:9b:25:
9c:24:f9:27:a1:cc:5f:4d:45:02:54:a3:c1:eb:4f:
f7:34:7d:5a:8e:6f:21:30:7a:36:cd:5a:2d:c0:20:
9c:3e:0f:d0:30:4a:96:a6:b4:ea:eb:4e:29:0e:e8:
a1:41:71:7d:18:91:a6:a5:3b:27:66:96:96:0c:75:
c5:1e:a1:12:97:00:9b:4d:6c:e1:45:71:79:0c:82:
7e:81:ee:93:74:71:05:14:44:30:13:65:81:11:33:
b5:cc:b1:ab:44:dd:7c:a9:c2:e0:9f:ee:55:24:20:
01:55:06:e2:79:24:1d:f8:53:a1:a9:e9:3e:c6:63:
66:50:66:8b:1a:08:09:07:2d:fa:21:bf:6f:8f:d5:
24:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9E:EF:25:77:F7:AD:B6:3C:05:62:31:F3:1E:DE:DB:0E:15:0E:EA
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/qJ7vJXf3rbY8BWIx8x7e2w4VDuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b440::/29
2a0a:e2c0::/29
2a0e:7780::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:54:b1:9d:fb:e4:6a:9e:83:27:84:d2:b5:76:1a:d3:cb:66:
11:8f:eb:fb:58:67:e2:dc:a4:f5:4f:41:e1:00:49:95:18:7c:
2a:36:da:4c:2f:e2:58:a5:7f:6b:b2:c3:e1:f5:13:f2:b7:95:
44:3b:f3:53:0f:00:33:be:f5:27:7f:fb:3c:29:93:f9:8f:4a:
c7:fa:e3:a4:bc:8b:36:81:d4:2c:4a:79:8b:25:c8:70:33:2c:
55:0b:cd:35:ef:c3:ed:b8:f9:a1:b6:4c:5f:bf:7c:84:ed:94:
19:ab:29:15:35:72:67:01:03:15:a1:2f:89:91:8a:94:5a:a7:
cf:ed:ce:88:4f:89:db:7b:0c:ee:4e:b1:30:4a:7d:18:f3:e2:
5d:b9:36:70:39:8c:dd:09:f6:29:4c:e5:e4:23:36:7b:95:8a:
0d:b9:4f:f1:35:b0:49:0c:bf:8f:0e:ab:46:60:c1:f4:eb:07:
5c:65:da:eb:f0:2f:6a:95:ce:ea:91:d3:b7:3f:3d:41:3c:0e:
79:cc:df:58:19:9c:83:48:80:65:19:33:b2:2a:99:89:83:1f:
6f:9c:d6:df:47:69:fc:6f:61:58:ee:d3:61:9a:57:01:d8:fd:
2a:0b:a0:fb:81:99:20:1f:35:47:50:e1:86:a3:bc:72:72:d1:
1e:bd:1a:cf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZFSgU8kfAd2wmqznwXhg45IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODE0MjAwODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODllZWYyNTc3ZjdhZGI2M2MwNTYyMzFmMzFlZGVkYjBlMTUwZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir+4PqIVQlAPwi0s4jABMu5b7u+i
yJjU/SRcW8a/Iol2H8lvm/lqL38/h13oQ1Ub1Saml5Xpp0AzZJUGs6VfCyKv46r1
8H60S+7maJ63h0Hn204kn+680jsKziO0inwait7M+bAATsCtkH9mnWKNAc5M8wEZ
myWcJPknocxfTUUCVKPB60/3NH1ajm8hMHo2zVotwCCcPg/QMEqWprTq604pDuih
QXF9GJGmpTsnZpaWDHXFHqESlwCbTWzhRXF5DIJ+ge6TdHEFFEQwE2WBETO1zLGr
RN18qcLgn+5VJCABVQbieSQd+FOhqek+xmNmUGaLGggJBy36Ib9vj9UkFQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKie7yV39622PAViMfMe3tsOFQ7qMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvcUo3dkpYZjNyYlk4QldJeDh4N2UydzRWRHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKga0QAMF
AyoK4sADBQMqDneAAwUDKhHxQAMFAyoSDsADBQMqEhkAAwUDKhIowAMFAyoS8MAw
DQYJKoZIhvcNAQELBQADggEBADNUsZ375GqegyeE0rV2GtPLZhGP6/tYZ+LcpPVP
QeEASZUYfCo22kwv4lilf2uyw+H1E/K3lUQ781MPADO+9Sd/+zwpk/mPSsf646S8
izaB1CxKeYslyHAzLFULzTXvw+24+aG2TF+/fITtlBmrKRU1cmcBAxWhL4mRipRa
p8/tzohPidt7DO5OsTBKfRjz4l25NnA5jN0J9ilM5eQjNnuVig25T/E1sEkMv48O
q0ZgwfTrB1xl2uvwL2qVzuqR07c/PUE8DnnM31gZnINIgGUZM7IqmYmDH2+c1t9H
afxvYVju02GaVwHY/SoLoPuBmSAfNUdQ4YajvHJy0R69Gs8=
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:30:37 2024 by rpki-client on console-ams.rpki-client.org