Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1TeWFECYdFGE8qzTAyTB_aCMhcc.roa
File: 1TeWFECYdFGE8qzTAyTB_aCMhcc.roa (raw, json)
Hash identifier: kf1zPM2ToOgP7Tse43ioL/x7+Majp9zc8eVVhPBVQfk=
Subject key identifier: D5:37:96:14:40:98:74:51:84:F2:AC:D3:03:24:C1:FD:A0:8C:85:C7
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01907DCD827A998BBCE58A85CB7F2F52B673
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1TeWFECYdFGE8qzTAyTB_aCMhcc.roa
Signing time: Thu 04 Jul 2024 12:52:18 +0000
ROA not before: Thu 04 Jul 2024 12:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8c40::/29 maxlen: 29
2a11:8cc0::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 15:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:cd:82:7a:99:8b:bc:e5:8a:85:cb:7f:2f:52:b6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jul 4 12:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d53796144098745184f2acd30324c1fda08c85c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2e:6a:9b:0c:7d:13:cd:cf:2f:c4:19:5b:9d:
e7:5e:64:36:c4:13:72:b3:9e:52:e4:c7:7b:f4:eb:
15:12:02:ad:62:14:56:93:0c:95:e1:6c:a3:27:0d:
22:69:55:ea:04:34:fb:12:d6:0e:87:d0:b2:09:63:
86:68:c4:c4:d7:b5:76:60:f5:86:0b:14:9d:cd:2e:
63:a6:c5:0f:23:16:97:05:e0:17:9f:0b:be:57:b5:
f3:0f:44:7e:29:ed:1a:47:77:27:1c:cd:40:ce:b6:
d1:83:40:93:b2:5a:64:8a:e1:0f:53:e4:90:c9:30:
86:61:8d:97:d1:5a:63:66:6d:4f:93:79:5e:ba:2c:
d1:d9:64:5a:36:a5:f5:42:05:42:6f:97:7d:5d:3e:
83:7f:67:44:69:25:29:26:e7:8c:50:d3:23:22:39:
ff:76:25:97:ba:45:09:14:b4:a6:f4:94:3a:1a:72:
e2:ed:d0:c0:96:26:5f:6e:16:d8:29:36:c2:fb:cc:
46:f2:7b:bf:77:ac:7e:1a:03:08:ca:fb:2a:cb:a1:
f0:5c:fe:6d:a0:7e:42:7c:f5:39:c6:34:22:94:3c:
a1:d6:3d:61:19:6d:79:66:ea:d9:d4:30:97:a9:92:
eb:07:93:aa:e2:8a:fc:38:da:56:d6:e2:90:5c:aa:
7b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:37:96:14:40:98:74:51:84:F2:AC:D3:03:24:C1:FD:A0:8C:85:C7
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1TeWFECYdFGE8qzTAyTB_aCMhcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8c40::/29
2a11:8cc0::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
91:e0:3c:23:99:31:c7:69:d8:c8:28:10:fc:52:e7:1b:3d:8e:
c6:99:7e:f4:03:cf:a3:7b:89:ca:4e:dc:15:f4:6c:73:de:9e:
60:eb:98:de:24:1c:fe:c6:fd:53:20:98:58:0b:28:b3:6a:7a:
c9:20:57:ca:25:41:94:c0:8c:dd:c7:1f:25:c6:38:c5:49:67:
fd:7d:12:cb:05:1d:3f:60:8f:74:f8:34:41:4c:85:a4:5a:d4:
7c:35:94:90:34:82:a6:e0:eb:d2:f2:74:05:96:42:ea:ee:bd:
39:49:4a:88:0f:cf:68:ce:60:01:be:e4:3a:34:eb:f9:2c:46:
91:aa:54:cc:81:cc:ed:0f:1f:f7:b5:1c:9d:2b:fe:83:6a:87:
ac:f4:32:1c:d9:34:cd:78:78:56:79:b4:ac:8f:2a:b9:8a:fb:
55:bb:76:6b:2c:f7:3a:8a:82:e6:c6:d6:5c:d0:15:c6:23:bd:
d4:89:ed:aa:7a:2f:dd:97:39:34:77:12:2a:e2:48:37:06:ae:
05:85:9c:b6:c6:f1:29:b6:90:66:08:14:f9:fa:65:0c:32:de:
ad:e5:41:db:b2:36:e5:1c:73:ee:93:2f:92:f1:9a:64:0b:a7:
19:36:0a:16:8d:0a:35:67:23:0d:cc:1b:76:7e:e0:6d:c8:09:
3d:b0:06:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZB9zYJ6mYu85YqFy38vUrZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNzA0MTI1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM3OTYxNDQwOTg3NDUxODRmMmFjZDMwMzI0YzFmZGEwOGM4NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2C5qmwx9E83PL8QZW53nXmQ2xBNy
s55S5Md79OsVEgKtYhRWkwyV4WyjJw0iaVXqBDT7EtYOh9CyCWOGaMTE17V2YPWG
CxSdzS5jpsUPIxaXBeAXnwu+V7XzD0R+Ke0aR3cnHM1AzrbRg0CTslpkiuEPU+SQ
yTCGYY2X0VpjZm1Pk3leuizR2WRaNqX1QgVCb5d9XT6Df2dEaSUpJueMUNMjIjn/
diWXukUJFLSm9JQ6GnLi7dDAliZfbhbYKTbC+8xG8nu/d6x+GgMIyvsqy6HwXP5t
oH5CfPU5xjQilDyh1j1hGW15ZurZ1DCXqZLrB5Oq4or8ONpW1uKQXKp76QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNU3lhRAmHRRhPKs0wMkwf2gjIXHMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMVRlV0ZFQ1lkRkdFOHF6VEF5VEJfYUNNaGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhGMQAMF
AyoRjMADBQMqEaDAAwUDKhGoAAMFAyoSIMADBQMqEtGAMA0GCSqGSIb3DQEBCwUA
A4IBAQCR4DwjmTHHadjIKBD8UucbPY7GmX70A8+je4nKTtwV9Gxz3p5g65jeJBz+
xv1TIJhYCyizanrJIFfKJUGUwIzdxx8lxjjFSWf9fRLLBR0/YI90+DRBTIWkWtR8
NZSQNIKm4OvS8nQFlkLq7r05SUqID89ozmABvuQ6NOv5LEaRqlTMgcztDx/3tRyd
K/6Daoes9DIc2TTNeHhWebSsjyq5ivtVu3ZrLPc6ioLmxtZc0BXGI73Uie2qei/d
lzk0dxIq4kg3Bq4FhZy2xvEptpBmCBT5+mUMMt6t5UHbsjblHHPuky+S8ZpkC6cZ
NgoWjQo1ZyMNzBt2fuBtyAk9sAZt
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:35 2024 by rpki-client on console-fra.rpki-client.org