Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zrlcStyCkaqu9VyqzWpmpgV-uU8.roa
File: zrlcStyCkaqu9VyqzWpmpgV-uU8.roa (raw, json)
Hash identifier: XPdeJyD7jN1MrwcojRIBcx5+c7kVpPsG6qBjgyHVCtQ=
Subject key identifier: CE:B9:5C:4A:DC:82:91:AA:AE:F5:5C:AA:CD:6A:66:A6:05:7E:B9:4F
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018EFD1DBF2054013CA80A71B88B300643CE
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zrlcStyCkaqu9VyqzWpmpgV-uU8.roa
Signing time: Sat 20 Apr 2024 20:06:08 +0000
ROA not before: Sat 20 Apr 2024 20:06:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a11:1140::/29 maxlen: 29
2a11:f240::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 May 2024 17:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fd:1d:bf:20:54:01:3c:a8:0a:71:b8:8b:30:06:43:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Apr 20 20:06:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceb95c4adc8291aaaef55caacd6a66a6057eb94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:12:88:c2:2f:06:45:7b:a3:83:0e:f5:dc:7c:
8a:02:7b:33:7b:f6:ed:7e:0f:61:7d:ac:f3:45:e4:
fc:53:7e:11:4d:1b:b3:82:90:49:7b:85:43:c6:71:
34:26:69:ee:56:e3:6e:16:5f:95:c5:88:70:3d:3f:
a3:00:8c:5e:da:e2:81:ad:7d:81:cb:78:61:02:78:
e1:82:ed:ea:6d:f7:d4:24:0b:10:50:0d:99:11:7a:
05:06:eb:53:9e:ed:8f:16:f0:a8:6c:b6:d8:51:9e:
3d:9d:b1:15:56:99:56:63:90:b0:c7:f4:9a:02:39:
0a:34:e5:65:cb:8e:e1:8e:46:d4:38:92:b7:9d:91:
38:42:0f:fe:f2:7a:25:28:b2:fd:3a:ee:f0:43:e2:
40:17:9f:2b:f3:20:55:4c:97:8c:ce:66:93:90:0c:
27:94:69:89:92:3b:a5:78:e5:e3:49:aa:56:e7:a8:
43:fc:81:15:72:38:b4:33:41:0e:8e:39:3f:66:cf:
f5:aa:e8:55:42:be:4b:a7:ac:73:91:8d:09:ec:92:
6b:d0:66:80:4a:6f:0b:7e:7e:c8:5f:ba:ee:f4:1a:
fd:e0:1e:a3:a0:f3:fb:7c:cc:79:b8:2b:84:71:1f:
a8:96:93:a8:8a:cf:d5:ab:47:b1:67:8d:ca:61:8c:
e4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B9:5C:4A:DC:82:91:AA:AE:F5:5C:AA:CD:6A:66:A6:05:7E:B9:4F
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zrlcStyCkaqu9VyqzWpmpgV-uU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1140::/29
2a11:f240::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
13:5d:c4:46:aa:3a:61:92:ed:3f:d8:41:9e:45:21:e7:a8:b5:
35:32:72:07:a1:a3:88:24:40:4b:ee:3d:93:ce:60:4c:6f:28:
8e:37:48:af:6d:fc:58:ed:50:ac:7f:76:50:51:f7:5c:6d:ad:
a8:49:3b:d5:33:61:e4:54:e9:a1:a7:22:f4:c1:23:f5:98:a5:
99:67:e9:99:8f:92:3e:e5:bc:f0:cc:aa:be:ee:90:1d:71:ae:
8d:39:eb:e0:9f:db:68:77:e2:85:02:2f:47:d1:5c:1b:90:e7:
14:b9:9c:0b:68:4f:03:e3:f2:ef:e4:20:a5:ab:0e:5d:09:f6:
06:57:f0:53:58:22:b3:a3:5f:1a:27:b9:1d:14:db:4e:44:c4:
1a:87:6f:6d:01:d4:18:c0:59:a3:b8:9b:2f:90:11:00:27:33:
66:a3:21:c6:d6:44:f5:36:9d:db:d1:51:01:d6:9d:07:4e:37:
a1:9f:70:83:a1:39:b4:23:59:cd:d4:2c:71:d6:e5:c4:aa:33:
87:f2:17:84:7e:af:25:a9:d9:b8:d2:ca:06:ea:e8:11:c8:bc:
18:ce:35:bd:8e:41:4f:b5:e1:c4:19:3b:75:e1:9e:d3:20:d8:
b2:16:ae:dd:1c:d8:9e:a3:b6:37:f7:69:2a:2b:10:97:9b:6c:
65:01:1c:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY79Hb8gVAE8qApxuIswBkPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNDIwMjAwNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI5NWM0YWRjODI5MWFhYWVmNTVjYWFjZDZhNjZhNjA1N2ViOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxKIwi8GRXujgw713HyKAnsze/bt
fg9hfazzReT8U34RTRuzgpBJe4VDxnE0JmnuVuNuFl+VxYhwPT+jAIxe2uKBrX2B
y3hhAnjhgu3qbffUJAsQUA2ZEXoFButTnu2PFvCobLbYUZ49nbEVVplWY5Cwx/Sa
AjkKNOVly47hjkbUOJK3nZE4Qg/+8nolKLL9Ou7wQ+JAF58r8yBVTJeMzmaTkAwn
lGmJkjuleOXjSapW56hD/IEVcji0M0EOjjk/Zs/1quhVQr5Lp6xzkY0J7JJr0GaA
Sm8Lfn7IX7ru9Br94B6joPP7fMx5uCuEcR+olpOois/Vq0exZ43KYYzkGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM65XErcgpGqrvVcqs1qZqYFfrlPMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvenJsY1N0eUNrYXF1OVZ5cXpXcG1wZ1YtdVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhERQAMF
AyoR8kADBQMqEmuAMA0GCSqGSIb3DQEBCwUAA4IBAQATXcRGqjphku0/2EGeRSHn
qLU1MnIHoaOIJEBL7j2TzmBMbyiON0ivbfxY7VCsf3ZQUfdcba2oSTvVM2HkVOmh
pyL0wSP1mKWZZ+mZj5I+5bzwzKq+7pAdca6NOevgn9tod+KFAi9H0VwbkOcUuZwL
aE8D4/Lv5CClqw5dCfYGV/BTWCKzo18aJ7kdFNtORMQah29tAdQYwFmjuJsvkBEA
JzNmoyHG1kT1Np3b0VEB1p0HTjehn3CDoTm0I1nN1Cxx1uXEqjOH8heEfq8lqdm4
0soG6ugRyLwYzjW9jkFPteHEGTt14Z7TINiyFq7dHNieo7Y392kqKxCXm2xlARwG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:38 2024 by rpki-client on console-fra.rpki-client.org