Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fSD3Gtycd97rmpmNMXDGXONsffA.roa
File: fSD3Gtycd97rmpmNMXDGXONsffA.roa (raw, json)
Hash identifier: 8mOijtJzjdpaFAz3f3Z7vzokQpJ1L7wyxNySFLtBUew=
Subject key identifier: 7D:20:F7:1A:DC:9C:77:DE:EB:9A:99:8D:31:70:C6:5C:E3:6C:7D:F0
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FA55C54B9FB7826495B5D2C255D3F598B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fSD3Gtycd97rmpmNMXDGXONsffA.roa
Signing time: Thu 23 May 2024 12:10:42 +0000
ROA not before: Thu 23 May 2024 12:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8c40::/29 maxlen: 29
2a11:8cc0::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:2dc0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 May 2024 12:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:5c:54:b9:fb:78:26:49:5b:5d:2c:25:5d:3f:59:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 23 12:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d20f71adc9c77deeb9a998d3170c65ce36c7df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:88:46:10:6e:3b:38:c6:e5:c0:2f:02:ac:
f9:3a:51:c4:11:3a:55:7c:7d:e9:7c:e6:0f:31:9e:
76:25:6d:fd:de:a7:a6:4c:e4:9f:81:fe:18:20:60:
d4:66:f1:f6:9a:86:a4:fc:67:2b:c4:04:b4:70:69:
6b:47:3c:ae:33:a3:56:19:7f:7a:65:7f:8b:46:5a:
c9:f7:cb:13:69:a2:bd:7b:f2:27:20:0b:12:33:f0:
7b:b9:fe:15:9c:70:7e:cc:fb:dd:8d:13:42:5a:f6:
36:9f:4d:40:37:ea:cd:f6:cd:db:6e:15:87:bb:bb:
39:30:4a:e3:90:93:9f:0c:b6:3a:46:bf:93:cd:fd:
bf:f2:1d:40:ed:6e:20:bf:a2:29:4b:2f:9d:34:8e:
77:19:8d:7d:35:d0:d6:7f:4a:c1:9b:ca:5b:34:5e:
d9:55:71:37:41:5c:e3:c3:1c:83:b4:e6:24:32:38:
04:d4:14:30:ed:1c:b1:86:dd:53:14:2e:c5:c1:e8:
43:5d:2e:3e:be:04:05:03:dc:a5:d2:18:28:ad:fa:
ab:24:52:8c:b1:8f:c0:ac:83:82:b1:08:9d:58:13:
d0:d2:34:5d:3c:e7:29:d7:f8:ab:58:83:dc:0d:d7:
b5:ac:ea:d9:7a:e9:4b:6a:9b:7b:cc:8d:92:71:ae:
35:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:20:F7:1A:DC:9C:77:DE:EB:9A:99:8D:31:70:C6:5C:E3:6C:7D:F0
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/fSD3Gtycd97rmpmNMXDGXONsffA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8c40::/29
2a11:8cc0::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:2dc0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
0a:00:06:bb:b4:c3:87:c4:d6:43:84:6d:dd:d8:34:37:05:be:
42:fa:af:01:a4:66:94:61:41:42:75:21:0e:b1:e1:99:23:6c:
6b:38:e7:4a:ed:e9:3e:34:68:0a:50:d8:62:73:24:ac:26:6b:
01:68:73:fa:8a:cf:e9:c2:7f:9a:c0:09:db:13:49:78:63:3b:
ba:d3:b8:14:23:bc:82:89:39:6a:95:90:0b:7d:0f:1f:9a:b8:
0e:94:9d:ae:6e:2a:0a:3c:46:8c:65:7e:8b:59:a7:6b:df:a7:
f8:5d:50:8c:66:df:8c:ee:92:44:67:c8:56:30:b8:3e:4e:de:
0d:ff:70:de:74:6b:07:14:c4:6b:b7:ae:3d:23:7b:0c:23:0b:
85:dd:1d:79:ca:10:2d:a2:a3:aa:51:aa:ca:51:af:a2:5d:c5:
55:4a:de:b1:8a:e0:54:db:16:c1:57:53:8e:2b:5c:fb:05:7d:
bb:c3:cd:6a:b5:05:12:aa:22:cd:2a:49:f2:5a:ac:9a:67:33:
f0:e2:a0:2b:b7:cf:bb:4e:e8:69:36:3a:2f:fc:16:d0:3d:35:
ff:fa:2a:65:5d:f6:79:7c:be:c1:65:e1:c5:d0:cf:3d:ff:ad:
17:f5:40:a3:82:be:c2:bd:6a:49:44:48:ed:b1:bd:38:f7:0d:
b4:59:da:36
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY+lXFS5+3gmSVtdLCVdP1mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTIzMTIxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDIwZjcxYWRjOWM3N2RlZWI5YTk5OGQzMTcwYzY1Y2UzNmM3ZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXWIRhBuOzjG5cAvAqz5OlHEETpV
fH3pfOYPMZ52JW393qemTOSfgf4YIGDUZvH2moak/GcrxAS0cGlrRzyuM6NWGX96
ZX+LRlrJ98sTaaK9e/InIAsSM/B7uf4VnHB+zPvdjRNCWvY2n01AN+rN9s3bbhWH
u7s5MErjkJOfDLY6Rr+Tzf2/8h1A7W4gv6IpSy+dNI53GY19NdDWf0rBm8pbNF7Z
VXE3QVzjwxyDtOYkMjgE1BQw7Ryxht1TFC7FwehDXS4+vgQFA9yl0hgorfqrJFKM
sY/ArIOCsQidWBPQ0jRdPOcp1/irWIPcDde1rOrZeulLapt7zI2Sca41BQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFH0g9xrcnHfe65qZjTFwxlzjbH3wMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZlNEM0d0eWNkOTdybXBtTk1YREdYT05zZmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhGMQAMF
AyoRjMADBQMqEaDAAwUDKhGoAAMFAyoSIMADBQMqEi3AAwUDKhLRgDANBgkqhkiG
9w0BAQsFAAOCAQEACgAGu7TDh8TWQ4Rt3dg0NwW+QvqvAaRmlGFBQnUhDrHhmSNs
azjnSu3pPjRoClDYYnMkrCZrAWhz+orP6cJ/msAJ2xNJeGM7utO4FCO8gok5apWQ
C30PH5q4DpSdrm4qCjxGjGV+i1mna9+n+F1QjGbfjO6SRGfIVjC4Pk7eDf9w3nRr
BxTEa7euPSN7DCMLhd0decoQLaKjqlGqylGvol3FVUresYrgVNsWwVdTjitc+wV9
u8PNarUFEqoizSpJ8lqsmmcz8OKgK7fPu07oaTY6L/wW0D01//oqZV32eXy+wWXh
xdDPPf+tF/VAo4K+wr1qSURI7bG9OPcNtFnaNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org