Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9B7GZFK7blqAaOXM9hPtGKtsjsw.roa
File: 9B7GZFK7blqAaOXM9hPtGKtsjsw.roa (raw, json)
Hash identifier: RSanGnb5hZCqJ1p+7XWEYr588ASwURijjDdDjdzBe+U=
Subject key identifier: F4:1E:C6:64:52:BB:6E:5A:80:68:E5:CC:F6:13:ED:18:AB:6C:8E:CC
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FE84C091FFA04D0E5054196875E92CB2E
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9B7GZFK7blqAaOXM9hPtGKtsjsw.roa
Signing time: Wed 05 Jun 2024 12:07:27 +0000
ROA not before: Wed 05 Jun 2024 12:07:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:6700::/29 maxlen: 29
2a11:8c40::/29 maxlen: 29
2a11:8cc0::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jul 2024 12:52:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:4c:09:1f:fa:04:d0:e5:05:41:96:87:5e:92:cb:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jun 5 12:07:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f41ec66452bb6e5a8068e5ccf613ed18ab6c8ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:71:11:ef:5a:4a:52:ad:f0:b6:df:74:a3:
d2:2d:0c:fc:a8:01:2c:b6:5b:38:32:20:5b:0e:64:
cd:6e:c4:e9:6e:e0:ee:5e:1a:94:eb:bb:50:66:0b:
b4:d0:95:48:3e:d2:ed:bd:34:b8:e2:c2:bd:e2:87:
33:89:52:65:83:b0:67:8b:2d:b0:55:98:ce:6b:fd:
41:47:cf:69:67:06:9d:77:7e:fc:be:71:b4:d5:ec:
a7:51:d6:b9:a3:0c:60:3a:32:2c:b8:d3:db:d5:9e:
8f:89:e6:a8:03:b8:83:26:b7:cf:4e:76:45:f7:c6:
5f:16:c3:21:9b:aa:38:5d:d2:7c:52:6e:92:13:30:
df:7e:57:aa:78:08:0c:60:97:e2:62:ed:37:dc:f2:
1a:f0:33:02:ca:8b:cd:07:98:d5:2e:7a:a5:c9:cb:
23:d6:40:d8:b3:b2:12:83:13:d7:7c:d5:46:3b:78:
b8:a9:f8:df:5f:2d:eb:a8:7e:e5:7a:85:3f:99:3c:
3c:5d:15:98:82:8f:f2:b7:66:ef:1f:7b:c3:2f:42:
3e:1d:05:a2:1d:e3:03:b9:87:8c:33:2a:61:36:3e:
99:45:a2:e9:99:e8:32:1f:34:76:aa:33:23:ec:41:
b9:7e:b6:cd:b9:3e:74:40:73:e4:13:b6:05:09:c6:
c2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1E:C6:64:52:BB:6E:5A:80:68:E5:CC:F6:13:ED:18:AB:6C:8E:CC
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9B7GZFK7blqAaOXM9hPtGKtsjsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6700::/29
2a11:8c40::/29
2a11:8cc0::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
2e:d1:09:8b:5d:2d:9f:7e:27:0c:49:2d:a5:66:2e:b1:6a:35:
05:73:a5:63:ea:d4:65:3d:b5:76:a8:43:b9:a7:ad:9e:e4:86:
d2:f1:08:9e:30:9f:49:2b:52:b9:d2:0c:19:2f:f1:ec:2a:18:
0e:48:4a:c9:ef:b2:78:53:ab:be:f5:3f:db:98:f2:58:92:6c:
8a:82:7e:b9:5d:3a:22:2d:ef:ba:df:53:52:1e:0c:3c:5a:65:
6b:af:73:1f:3d:bf:4f:5a:e2:ab:ee:2e:93:d9:40:f5:11:c4:
91:08:f9:21:c0:f1:a8:86:ce:f3:fd:f5:22:b8:c9:77:88:9f:
50:da:91:4d:ed:98:12:0f:73:dd:34:7f:76:ba:d4:48:a8:61:
7c:30:28:b3:ae:61:35:46:f4:0d:5c:8c:88:dd:bb:6d:f5:06:
7d:6f:76:7b:3c:9c:17:b6:a7:e4:27:ec:09:d6:e8:e5:43:3a:
db:0d:df:d0:cf:ba:7d:8e:3f:d4:15:48:c3:b6:a7:ec:a0:f8:
fb:27:de:b5:27:66:55:02:32:03:66:d7:be:ff:b8:49:14:34:
9d:9d:33:33:91:32:e6:00:a7:fc:f5:f4:e7:ef:97:43:93:f4:
32:c9:e2:13:21:1d:42:a2:45:2d:d6:56:56:cb:b8:17:71:1a:
4f:6a:28:99
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY/oTAkf+gTQ5QVBlodekssuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNjA1MTIwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDFlYzY2NDUyYmI2ZTVhODA2OGU1Y2NmNjEzZWQxOGFiNmM4ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyblxEe9aSlKt8LbfdKPSLQz8qAEs
tls4MiBbDmTNbsTpbuDuXhqU67tQZgu00JVIPtLtvTS44sK94ocziVJlg7Bniy2w
VZjOa/1BR89pZwadd378vnG01eynUda5owxgOjIsuNPb1Z6PieaoA7iDJrfPTnZF
98ZfFsMhm6o4XdJ8Um6SEzDffleqeAgMYJfiYu033PIa8DMCyovNB5jVLnqlycsj
1kDYs7ISgxPXfNVGO3i4qfjfXy3rqH7leoU/mTw8XRWYgo/yt2bvH3vDL0I+HQWi
HeMDuYeMMyphNj6ZRaLpmegyHzR2qjMj7EG5frbNuT50QHPkE7YFCcbCsQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPQexmRSu25agGjlzPYT7RirbI7MMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvOUI3R1pGSzdibHFBYU9YTTloUHRHS3RzanN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhFnAAMF
AyoRjEADBQMqEYzAAwUDKhGgwAMFAyoRqAADBQMqEiDAAwUDKhLRgDANBgkqhkiG
9w0BAQsFAAOCAQEALtEJi10tn34nDEktpWYusWo1BXOlY+rUZT21dqhDuaetnuSG
0vEInjCfSStSudIMGS/x7CoYDkhKye+yeFOrvvU/25jyWJJsioJ+uV06Ii3vut9T
Uh4MPFpla69zHz2/T1riq+4uk9lA9RHEkQj5IcDxqIbO8/31IrjJd4ifUNqRTe2Y
Eg9z3TR/drrUSKhhfDAos65hNUb0DVyMiN27bfUGfW92ezycF7an5CfsCdbo5UM6
2w3f0M+6fY4/1BVIw7an7KD4+yfetSdmVQIyA2bXvv+4SRQ0nZ0zM5Ey5gCn/PX0
5++XQ5P0MsniEyEdQqJFLdZWVsu4F3EaT2oomQ==
-----END CERTIFICATE-----
Generated at Thu Jul 4 15:31:06 2024 by rpki-client on console-fra.rpki-client.org