Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/H2cty8PwNFmCR8enxDir2ktMTVo.roa
File: H2cty8PwNFmCR8enxDir2ktMTVo.roa (raw, json)
Hash identifier: e/xA2gAi4bgTkKUqNDX3nnCUo3bZl6s8XBYExg99fPA=
Subject key identifier: 1F:67:2D:CB:C3:F0:34:59:82:47:C7:A7:C4:38:AB:DA:4B:4C:4D:5A
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0190DBD4DE2EF1FDCD29D5B023994530025E
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/H2cty8PwNFmCR8enxDir2ktMTVo.roa
Signing time: Mon 22 Jul 2024 19:04:39 +0000
ROA not before: Mon 22 Jul 2024 19:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a13:c340::/29 maxlen: 29
2a14:41c0::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Jul 2024 06:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:d4:de:2e:f1:fd:cd:29:d5:b0:23:99:45:30:02:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jul 22 19:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f672dcbc3f034598247c7a7c438abda4b4c4d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b0:2a:e3:71:e9:7f:96:e2:92:b6:a6:3b:e1:
4b:10:e7:a4:83:f3:ea:08:b5:db:97:6e:ec:8f:80:
7f:29:ad:ea:29:dc:8b:2c:35:86:1c:b3:f6:1d:6f:
be:2d:75:ab:1d:70:a0:a7:de:74:ae:2d:83:eb:d5:
77:0d:fa:a7:40:91:e4:a8:5b:59:33:a9:13:ae:18:
59:4c:32:19:9b:5c:3e:e0:e4:89:92:ad:63:35:bb:
b4:5b:cd:5f:89:49:df:48:64:91:1c:a5:81:30:5a:
da:f7:1b:4a:5d:73:7f:da:e9:c3:45:fe:2a:d2:9d:
fa:1b:fe:95:34:27:15:d2:77:38:ad:5f:72:02:fa:
02:3c:71:ab:3e:71:5d:31:05:eb:54:d6:81:1d:c4:
92:e8:e4:e7:05:fe:18:74:dc:fa:61:22:6d:6d:65:
51:af:fc:b4:39:30:e3:d2:26:b4:16:ec:21:ec:bc:
1a:f6:71:eb:cf:5a:8e:06:75:97:09:44:f1:f9:b9:
c1:cb:4c:ae:1a:01:88:54:1c:61:ac:bf:f9:bc:e8:
01:b8:82:44:dd:16:ad:d1:09:75:d6:b3:04:3a:11:
da:12:ba:5a:c5:46:63:02:b6:f7:48:a3:08:2d:5d:
4f:c3:a9:e0:23:65:d0:94:e9:4c:90:ee:0b:a4:fb:
19:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:67:2D:CB:C3:F0:34:59:82:47:C7:A7:C4:38:AB:DA:4B:4C:4D:5A
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/H2cty8PwNFmCR8enxDir2ktMTVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c340::/29
2a14:41c0::/29
2a14:42c0::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
db:13:23:c8:58:fb:92:9f:b7:de:87:c4:77:8d:87:cf:ab:47:
97:b1:e9:11:c0:d5:5b:ec:fa:41:3b:96:ed:76:1b:38:51:00:
5e:80:4a:46:44:90:39:8e:00:5f:4b:61:8a:b0:b4:96:11:8c:
8c:3b:46:1b:4e:55:1a:b7:69:4a:53:bc:bf:0e:d8:2e:69:cf:
83:63:44:57:39:8a:b2:0a:8b:2c:4f:b2:dc:9d:53:58:91:79:
44:28:15:10:5f:a9:86:21:46:99:a8:0b:ac:01:43:a4:8c:7a:
68:cb:11:5b:d2:f6:eb:19:e2:65:28:21:3b:1e:8d:98:a5:03:
51:80:4b:e0:0c:72:e6:0b:cc:9b:bd:9b:f4:58:cf:08:78:22:
4a:db:6a:df:25:c7:bc:ce:24:07:c0:55:cb:2b:81:67:88:9d:
1d:14:02:25:62:e5:c3:5b:69:cc:30:1e:ef:28:d6:08:c1:48:
c8:83:34:d5:3c:99:27:1e:51:28:80:fb:2f:11:6b:00:2e:9d:
7f:e0:20:58:8f:43:81:83:76:d2:6a:2b:57:51:04:80:99:76:
16:30:d6:24:63:cd:51:6a:2c:d2:8a:aa:f7:97:9f:e5:17:d0:
f6:18:ff:de:ce:0f:44:9b:92:49:23:cf:fe:ef:e2:c3:84:95:
9d:5f:15:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZDb1N4u8f3NKdWwI5lFMAJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNzIyMTkwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY3MmRjYmMzZjAzNDU5ODI0N2M3YTdjNDM4YWJkYTRiNGM0ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7Aq43Hpf5bikramO+FLEOekg/Pq
CLXbl27sj4B/Ka3qKdyLLDWGHLP2HW++LXWrHXCgp950ri2D69V3DfqnQJHkqFtZ
M6kTrhhZTDIZm1w+4OSJkq1jNbu0W81fiUnfSGSRHKWBMFra9xtKXXN/2unDRf4q
0p36G/6VNCcV0nc4rV9yAvoCPHGrPnFdMQXrVNaBHcSS6OTnBf4YdNz6YSJtbWVR
r/y0OTDj0ia0Fuwh7Lwa9nHrz1qOBnWXCUTx+bnBy0yuGgGIVBxhrL/5vOgBuIJE
3Rat0Ql11rMEOhHaErpaxUZjArb3SKMILV1Pw6ngI2XQlOlMkO4LpPsZrwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB9nLcvD8DRZgkfHp8Q4q9pLTE1aMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvSDJjdHk4UHdORm1DUjhlbnhEaXIya3RNVFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPDQAMF
AyoUQcADBQMqFELAAwUDKhRiQDANBgkqhkiG9w0BAQsFAAOCAQEA2xMjyFj7kp+3
3ofEd42Hz6tHl7HpEcDVW+z6QTuW7XYbOFEAXoBKRkSQOY4AX0thirC0lhGMjDtG
G05VGrdpSlO8vw7YLmnPg2NEVzmKsgqLLE+y3J1TWJF5RCgVEF+phiFGmagLrAFD
pIx6aMsRW9L26xniZSghOx6NmKUDUYBL4Axy5gvMm72b9FjPCHgiSttq3yXHvM4k
B8BVyyuBZ4idHRQCJWLlw1tpzDAe7yjWCMFIyIM01TyZJx5RKID7LxFrAC6df+Ag
WI9DgYN20morV1EEgJl2FjDWJGPNUWos0oqq95ef5RfQ9hj/3s4PRJuSSSPP/u/i
w4SVnV8VMA==
-----END CERTIFICATE-----
Generated at Thu Jul 25 08:30:32 2024 by rpki-client on console-fra.rpki-client.org