Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/iArKYWqW2Gr8lBPYRZubcqCT1UY.roa
File: iArKYWqW2Gr8lBPYRZubcqCT1UY.roa (raw, json)
Hash identifier: npTeg8ur/vh4/tSjPtCfu1MsnEfQKwPMGH4+edRcRvA=
Subject key identifier: 88:0A:CA:61:6A:96:D8:6A:FC:94:13:D8:45:9B:9B:72:A0:93:D5:46
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D0C2C0141D278BE98EE5939FAA4DC
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/iArKYWqW2Gr8lBPYRZubcqCT1UY.roa
Signing time: Tue 02 Jan 2024 08:31:58 +0000
ROA not before: Tue 02 Jan 2024 08:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208022
IP address blocks: 2a11:3786::/32 maxlen: 48
2a11:3784::/32 maxlen: 48
2a11:3782::/32 maxlen: 48
2a11:3780::/32 maxlen: 48
2a0a:281::/32 maxlen: 48
2a11:3783::/32 maxlen: 48
2a11:3785::/32 maxlen: 48
2a12:ef40::/29 maxlen: 48
2a0a:282::/32 maxlen: 48
2a11:3787::/32 maxlen: 48
2a11:3781::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Nov 2024 12:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:0c:2c:01:41:d2:78:be:98:ee:59:39:fa:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=880aca616a96d86afc9413d8459b9b72a093d546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:54:66:93:76:30:37:b6:55:ae:25:95:79:59:
5b:db:6e:31:af:0b:a3:a7:a1:3e:ad:5e:b3:29:4a:
17:87:15:ae:1b:ff:44:12:2e:cd:7b:71:a7:0d:af:
ac:ca:65:0c:a1:52:38:01:80:85:14:76:dc:3d:ea:
6f:03:1d:c0:db:ec:20:2b:c4:7d:a5:9d:26:18:11:
cd:af:08:f5:0a:65:21:c2:ef:45:1d:26:8a:fc:2b:
5a:88:71:8f:33:e6:ae:18:6d:1b:0b:63:f3:36:5a:
da:7d:53:54:cb:8f:a8:4f:8b:e0:03:32:5a:7e:fb:
d8:bd:b1:a1:52:57:55:75:7e:a1:53:40:b4:98:bb:
1f:c4:27:b3:4b:b7:8c:c5:7e:ad:dd:64:bc:77:a0:
84:d5:c3:16:4b:63:87:36:71:3d:3b:5e:9b:d8:8f:
3b:d7:7b:5d:39:fd:08:b2:df:15:1a:52:f0:ac:41:
b8:ec:c0:eb:ed:e3:3a:5b:5f:c3:ec:9f:2b:8e:02:
df:32:f5:5e:af:49:cd:7b:9a:d8:04:5d:11:8e:c1:
c9:19:8a:6a:58:9b:04:26:8b:de:9a:61:d9:89:c6:
39:66:02:e2:cd:a2:a6:b9:28:9c:cb:69:30:dd:85:
60:95:a8:c8:e4:f7:a6:45:8e:39:16:37:59:31:5b:
2c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0A:CA:61:6A:96:D8:6A:FC:94:13:D8:45:9B:9B:72:A0:93:D5:46
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/iArKYWqW2Gr8lBPYRZubcqCT1UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:281::-2a0a:282:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3780::/29
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
a0:ad:e0:80:2b:dc:2c:9c:8a:4d:1c:b1:41:f3:8d:1d:6d:2a:
f0:a3:79:cb:3f:0c:81:c2:3e:74:5a:6a:28:ac:a4:13:d3:4b:
6b:a7:b1:71:ae:a6:e0:cc:32:6d:fc:c4:e1:50:52:45:b2:61:
3a:76:46:23:d6:ca:ef:4e:42:da:40:b4:8d:e8:30:97:55:e8:
72:cb:f1:a4:b2:46:c6:34:2d:d3:93:50:ae:9a:13:1f:e2:1d:
59:b6:30:28:d8:47:e8:e5:6f:a5:50:60:52:f5:fb:e0:1b:f8:
16:fc:e1:e0:1f:c2:70:51:f6:90:60:67:89:45:b8:07:36:b4:
45:65:5a:0b:41:1b:f8:19:98:7b:71:d8:9d:eb:7f:98:d5:70:
08:77:82:18:b7:59:49:bb:b9:f2:2b:76:a1:c1:e8:dc:bb:ea:
0e:1f:4c:03:ec:6b:cb:43:58:ab:83:27:64:b6:2c:86:d1:89:
a5:aa:be:0a:51:1a:be:1e:fa:ea:77:a7:e1:36:51:6a:fa:94:
0f:13:5d:55:b2:41:7b:ae:7e:8a:87:37:a2:dd:a1:48:71:97:
ea:09:a6:24:d3:a0:4e:4d:67:42:1b:53:42:03:2c:f0:a2:54:
ab:8b:20:56:36:b9:e6:a9:a1:13:25:76:b8:75:16:59:42:17:
62:d4:f4:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTQwsAUHSeL6Y7lk5+qTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBhY2E2MTZhOTZkODZhZmM5NDEzZDg0NTliOWI3MmEwOTNkNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFRmk3YwN7ZVriWVeVlb224xrwuj
p6E+rV6zKUoXhxWuG/9EEi7Ne3GnDa+symUMoVI4AYCFFHbcPepvAx3A2+wgK8R9
pZ0mGBHNrwj1CmUhwu9FHSaK/CtaiHGPM+auGG0bC2PzNlrafVNUy4+oT4vgAzJa
fvvYvbGhUldVdX6hU0C0mLsfxCezS7eMxX6t3WS8d6CE1cMWS2OHNnE9O16b2I87
13tdOf0Ist8VGlLwrEG47MDr7eM6W1/D7J8rjgLfMvVer0nNe5rYBF0RjsHJGYpq
WJsEJovemmHZicY5ZgLizaKmuSicy2kw3YVglajI5PemRY45FjdZMVssyQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIgKymFqlthq/JQT2EWbm3Kgk9VGMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvaUFyS1lXcVcyR3I4bEJQWVJadWJjcUNUMVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqCgKB
AwUAKgoCggMFAyoRN4ADBQMqEu9AMA0GCSqGSIb3DQEBCwUAA4IBAQCgreCAK9ws
nIpNHLFB840dbSrwo3nLPwyBwj50WmoorKQT00trp7FxrqbgzDJt/MThUFJFsmE6
dkYj1srvTkLaQLSN6DCXVehyy/GkskbGNC3Tk1CumhMf4h1ZtjAo2Efo5W+lUGBS
9fvgG/gW/OHgH8JwUfaQYGeJRbgHNrRFZVoLQRv4GZh7cdid63+Y1XAId4IYt1lJ
u7nyK3ahwejcu+oOH0wD7GvLQ1irgydktiyG0Ymlqr4KURq+Hvrqd6fhNlFq+pQP
E11VskF7rn6Khzei3aFIcZfqCaYk06BOTWdCG1NCAyzwolSriyBWNrnmqaETJXa4
dRZZQhdi1PTY
-----END CERTIFICATE-----
Generated at Mon Nov 18 14:00:10 2024 by rpki-client on console-fra.rpki-client.org