Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yqOvfNrtqqx0f0VFKc_wXJ6O09s.roa
File: yqOvfNrtqqx0f0VFKc_wXJ6O09s.roa (raw, json)
Hash identifier: OZktvk/T5utbR5yEqrEAeqCEXIosKg1GL+xt/l5/R4M=
Subject key identifier: CA:A3:AF:7C:DA:ED:AA:AC:74:7F:45:45:29:CF:F0:5C:9E:8E:D3:DB
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018F10E0086DD03DB43899EBF87A26268EEE
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yqOvfNrtqqx0f0VFKc_wXJ6O09s.roa
Signing time: Wed 24 Apr 2024 16:11:08 +0000
ROA not before: Wed 24 Apr 2024 16:11:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211522
IP address blocks: 2a05:4145::/32 maxlen: 48
2a05:4145:1::/48 maxlen: 48
2a11:e104::/32 maxlen: 48
2a11:e104:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 17:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:e0:08:6d:d0:3d:b4:38:99:eb:f8:7a:26:26:8e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Apr 24 16:11:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa3af7cdaedaaac747f454529cff05c9e8ed3db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8f:b2:20:24:33:d0:bc:b6:ea:1e:4a:02:70:
32:af:17:9f:53:f1:b7:b6:a2:17:73:b5:b8:be:3a:
10:46:20:d7:f9:fb:68:fe:8d:d1:52:e0:cc:27:3b:
99:d3:58:fe:2c:8c:ef:8e:78:63:0b:a0:81:a7:f6:
42:18:70:39:0d:cf:91:f4:3c:fa:70:ad:a8:6b:97:
81:f9:3f:47:76:dd:9e:c9:f1:77:54:e7:39:4c:26:
ee:50:38:dd:98:1f:b6:02:99:00:d6:da:71:58:5c:
89:25:7a:bd:8f:b3:0b:d6:66:2a:14:72:32:9d:b3:
f5:8e:99:b6:e9:17:e6:2a:f7:3b:b8:ef:7b:3c:0a:
12:72:c1:f3:ac:92:4e:1a:7f:a4:7c:a0:4c:b2:19:
67:87:bb:bd:48:76:40:92:96:49:76:55:fe:56:8a:
82:de:9e:b9:db:d3:40:5f:2f:5d:56:11:65:4d:e3:
00:32:98:36:8c:cb:12:f3:28:b6:3c:62:f3:4e:bc:
b4:0b:05:f9:25:58:73:c5:a5:2a:60:03:3a:ea:21:
28:b0:a4:96:e0:3e:01:a6:0c:85:61:92:7b:f9:9c:
71:e3:69:e1:d3:b0:cd:52:7a:a1:08:7c:8a:70:cd:
3a:27:e1:ed:b5:4b:21:ac:8a:4d:ef:2d:43:ce:6e:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A3:AF:7C:DA:ED:AA:AC:74:7F:45:45:29:CF:F0:5C:9E:8E:D3:DB
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/yqOvfNrtqqx0f0VFKc_wXJ6O09s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4145::/32
2a11:e104::/32
Signature Algorithm: sha256WithRSAEncryption
42:af:65:40:e9:1d:cc:72:87:10:a0:a0:2d:86:be:ec:ba:d4:
ff:11:bc:e4:d9:13:2b:36:1d:6e:0b:d2:7b:82:8d:d1:9b:0b:
10:8a:21:c6:1a:63:ba:8e:c5:8c:39:ad:d6:96:3d:f0:ff:cf:
5b:74:6d:40:c3:99:e1:4d:59:7c:7d:d3:a1:a7:de:b6:33:4b:
35:bd:b4:00:e8:65:44:8a:ac:22:79:83:56:df:70:51:ad:d8:
01:6e:d1:53:0e:8e:5e:6e:f8:cd:9a:4c:87:17:90:1e:ea:76:
2a:da:9b:c1:83:97:f9:b9:6a:32:d7:05:db:9e:15:15:a1:f2:
9b:95:44:0a:1e:03:22:16:62:b4:d2:bc:69:f8:bf:64:e7:98:
55:de:02:d0:ae:67:25:37:5e:31:11:91:6a:07:61:8f:73:b0:
d5:a3:d1:86:2e:9d:b9:68:8b:19:b6:21:1c:f6:7d:9c:d1:0d:
47:f0:1a:ec:a2:eb:6b:d9:99:14:f7:d9:bb:4b:b8:72:bd:cb:
c5:d0:55:18:1b:02:dd:1a:91:5c:1d:39:eb:f9:e5:d4:cd:66:
59:e1:21:d6:6e:0f:e4:3e:22:69:19:91:a7:f8:2f:00:8a:ef:
f9:79:9a:50:ac:f0:dd:45:1d:5e:2f:8c:d7:7a:98:66:d4:32:
66:0c:0b:69
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8Q4Aht0D20OJnr+HomJo7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwNDI0MTYxMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEzYWY3Y2RhZWRhYWFjNzQ3ZjQ1NDUyOWNmZjA1YzllOGVkM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI+yICQz0Ly26h5KAnAyrxefU/G3
tqIXc7W4vjoQRiDX+fto/o3RUuDMJzuZ01j+LIzvjnhjC6CBp/ZCGHA5Dc+R9Dz6
cK2oa5eB+T9Hdt2eyfF3VOc5TCbuUDjdmB+2ApkA1tpxWFyJJXq9j7ML1mYqFHIy
nbP1jpm26RfmKvc7uO97PAoScsHzrJJOGn+kfKBMshlnh7u9SHZAkpZJdlX+VoqC
3p6529NAXy9dVhFlTeMAMpg2jMsS8yi2PGLzTry0CwX5JVhzxaUqYAM66iEosKSW
4D4BpgyFYZJ7+Zxx42nh07DNUnqhCHyKcM06J+HttUshrIpN7y1Dzm5NHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMqjr3za7aqsdH9FRSnP8FyejtPbMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEveXFPdmZOcnRxcXgwZjBWRktjX3dYSjZPMDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgVBRQMF
ACoR4QQwDQYJKoZIhvcNAQELBQADggEBAEKvZUDpHcxyhxCgoC2Gvuy61P8RvOTZ
Eys2HW4L0nuCjdGbCxCKIcYaY7qOxYw5rdaWPfD/z1t0bUDDmeFNWXx906Gn3rYz
SzW9tADoZUSKrCJ5g1bfcFGt2AFu0VMOjl5u+M2aTIcXkB7qdiram8GDl/m5ajLX
BdueFRWh8puVRAoeAyIWYrTSvGn4v2TnmFXeAtCuZyU3XjERkWoHYY9zsNWj0YYu
nbloixm2IRz2fZzRDUfwGuyi62vZmRT32btLuHK9y8XQVRgbAt0akVwdOev55dTN
ZlnhIdZuD+Q+ImkZkaf4LwCK7/l5mlCs8N1FHV4vjNd6mGbUMmYMC2k=
-----END CERTIFICATE-----
Generated at Fri Jun 14 18:56:27 2024 by rpki-client on console-fra.rpki-client.org