Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/G2r5QVilHE6Ew0_6bmD58SM2I_w.roa
File: G2r5QVilHE6Ew0_6bmD58SM2I_w.roa (raw, json)
Hash identifier: 86FFae94QVZNrjiF8hr81D/W9DOSHNjqbBgIrB+uEK0=
Subject key identifier: 1B:6A:F9:41:58:A5:1C:4E:84:C3:4F:FA:6E:60:F9:F1:23:36:23:FC
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FAA8E9829C3FCDC9F336BBB364DB67C8C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/G2r5QVilHE6Ew0_6bmD58SM2I_w.roa
Signing time: Fri 24 May 2024 12:23:42 +0000
ROA not before: Fri 24 May 2024 12:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8c40::/29 maxlen: 29
2a11:8cc0::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Jun 2024 19:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:8e:98:29:c3:fc:dc:9f:33:6b:bb:36:4d:b6:7c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 24 12:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b6af94158a51c4e84c34ffa6e60f9f1233623fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a9:22:8d:c2:fd:f9:7b:cd:ff:f7:64:48:ee:
64:d0:88:a5:bd:aa:32:d6:71:26:34:5a:d0:9d:9b:
93:0c:ec:57:0b:d1:91:47:69:9d:03:91:24:1c:33:
10:a1:64:46:fb:88:82:ae:08:6b:74:6d:eb:e9:d1:
bd:03:cf:bd:4f:a0:36:ba:e2:cf:09:78:44:e9:cd:
0f:08:74:35:a3:7e:26:9a:82:3a:40:00:81:6a:2b:
54:8c:7f:83:5f:d0:b4:64:91:2e:d9:1a:87:76:e7:
95:2f:1e:b6:c2:81:93:2f:7c:0c:9c:c0:f6:0a:87:
6e:91:5d:68:32:51:11:6c:c0:2a:12:65:fe:e9:c3:
39:65:2c:fd:13:72:c8:e6:6b:2a:3e:de:2a:e4:ac:
a8:2e:fe:bd:08:e3:bc:fd:07:5c:25:de:a1:49:86:
aa:c0:cd:93:2f:f5:df:db:dd:0f:62:65:dd:73:bb:
b4:ea:17:c6:94:cb:d8:b1:dd:f5:dc:3c:6e:9f:bb:
5a:e0:0a:3b:da:56:2a:fa:a3:55:75:e2:0b:40:87:
44:aa:0b:e2:a4:b8:d7:e0:fc:7c:42:37:6a:66:be:
39:f5:2d:47:48:76:cf:66:c4:bf:63:ae:73:0d:67:
74:e1:e6:6d:e6:8e:e3:d7:9f:75:74:88:0a:6a:95:
47:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6A:F9:41:58:A5:1C:4E:84:C3:4F:FA:6E:60:F9:F1:23:36:23:FC
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/G2r5QVilHE6Ew0_6bmD58SM2I_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8c40::/29
2a11:8cc0::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
58:36:03:89:b7:c8:1c:cd:9e:56:70:3f:52:fd:8f:e6:60:2a:
35:25:76:4f:53:0b:b1:cb:0a:66:43:71:82:a2:fe:7f:9c:02:
27:d0:a2:97:91:5c:6c:d9:e8:89:94:d7:40:a1:11:29:b4:19:
e1:da:6e:51:0b:c8:e5:03:bd:c4:f4:6b:cc:5e:fa:94:95:1b:
2a:28:33:89:1a:0f:76:dd:9d:15:45:f2:86:72:d2:9f:7b:c9:
ac:9a:2c:59:d7:47:86:6e:b9:1b:70:39:9e:c4:d3:0f:5a:f2:
8a:64:dd:dd:b4:fc:de:a0:1f:38:6c:b6:7f:25:c7:e7:5c:03:
2a:ea:d2:f7:a5:cf:1d:1b:d7:cf:8b:07:cd:0a:47:7d:ee:45:
a8:38:ce:a0:97:fe:f6:db:c3:11:70:4d:70:42:89:6e:74:e7:
24:d1:bb:d6:4f:cc:61:08:93:79:30:a1:3a:f9:14:97:6c:5f:
45:ef:5c:2a:ca:d1:96:eb:58:13:1b:bb:bf:29:ff:a2:70:49:
a2:a8:ab:c7:42:17:10:ae:74:e9:2c:6e:53:40:9a:60:77:66:
d0:4c:80:ef:78:55:5c:0b:88:be:83:c7:3e:b7:93:c6:10:15:
9d:1e:57:20:7a:f4:4b:10:ba:4e:74:72:b6:22:9f:29:ec:e3:
71:06:98:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+qjpgpw/zcnzNruzZNtnyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTI0MTIyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZhZjk0MTU4YTUxYzRlODRjMzRmZmE2ZTYwZjlmMTIzMzYyM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqkijcL9+XvN//dkSO5k0Iilvaoy
1nEmNFrQnZuTDOxXC9GRR2mdA5EkHDMQoWRG+4iCrghrdG3r6dG9A8+9T6A2uuLP
CXhE6c0PCHQ1o34mmoI6QACBaitUjH+DX9C0ZJEu2RqHdueVLx62woGTL3wMnMD2
CodukV1oMlERbMAqEmX+6cM5ZSz9E3LI5msqPt4q5KyoLv69COO8/QdcJd6hSYaq
wM2TL/Xf290PYmXdc7u06hfGlMvYsd313Dxun7ta4Ao72lYq+qNVdeILQIdEqgvi
pLjX4Px8QjdqZr459S1HSHbPZsS/Y65zDWd04eZt5o7j1591dIgKapVH0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBtq+UFYpRxOhMNP+m5g+fEjNiP8MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRzJyNVFWaWxIRTZFdzBfNmJtRDU4U00ySV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhGMQAMF
AyoRjMADBQMqEaDAAwUDKhGoAAMFAyoSIMADBQMqEtGAMA0GCSqGSIb3DQEBCwUA
A4IBAQBYNgOJt8gczZ5WcD9S/Y/mYCo1JXZPUwuxywpmQ3GCov5/nAIn0KKXkVxs
2eiJlNdAoREptBnh2m5RC8jlA73E9GvMXvqUlRsqKDOJGg923Z0VRfKGctKfe8ms
mixZ10eGbrkbcDmexNMPWvKKZN3dtPzeoB84bLZ/JcfnXAMq6tL3pc8dG9fPiwfN
Ckd97kWoOM6gl/7228MRcE1wQoludOck0bvWT8xhCJN5MKE6+RSXbF9F71wqytGW
61gTG7u/Kf+icEmiqKvHQhcQrnTpLG5TQJpgd2bQTIDveFVcC4i+g8c+t5PGEBWd
HlcgevRLELpOdHK2Ip8p7ONxBpjc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org