Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/g3HsbFGr3UyM1wkNHsy3IeyLY_0.roa
File: g3HsbFGr3UyM1wkNHsy3IeyLY_0.roa (raw, json)
Hash identifier: mVFdthJVRxRz3fNAvfd2QIrKDxABC4VIE1haWUOa6Mc=
Subject key identifier: 83:71:EC:6C:51:AB:DD:4C:8C:D7:09:0D:1E:CC:B7:21:EC:8B:63:FD
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01920049540874C98E6808D957A93D0EBB79
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/g3HsbFGr3UyM1wkNHsy3IeyLY_0.roa
Signing time: Tue 17 Sep 2024 14:00:58 +0000
ROA not before: Tue 17 Sep 2024 14:00:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0e:7300::/29 maxlen: 29
2a11:a1c0::/29 maxlen: 29
2a11:a1c0::/32 maxlen: 32
2a11:a1c1::/32 maxlen: 32
2a11:a1c2::/32 maxlen: 32
2a11:a1c3::/32 maxlen: 32
2a11:a1c4::/32 maxlen: 32
2a11:a1c5::/32 maxlen: 32
2a11:a1c6::/32 maxlen: 32
2a11:a1c7::/32 maxlen: 32
2a12:6100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 21 Oct 2024 19:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:49:54:08:74:c9:8e:68:08:d9:57:a9:3d:0e:bb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Sep 17 14:00:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8371ec6c51abdd4c8cd7090d1eccb721ec8b63fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:61:3b:05:d8:39:50:d2:f8:cf:85:8c:08:b1:
5a:a2:1c:8d:36:31:6d:a2:ff:7c:86:43:42:77:7a:
cc:eb:07:c6:8b:34:48:7b:14:6c:60:24:f4:18:8f:
50:c8:61:b8:3e:6f:94:b7:87:3c:70:05:2c:df:00:
82:2a:d0:86:60:69:6f:76:fc:a4:41:76:74:e5:31:
82:1c:05:e5:f6:51:a7:fe:d9:9a:d2:60:7c:1f:a2:
6e:86:44:2b:2f:c3:65:98:8c:79:ec:4a:db:a5:ae:
48:cc:1e:63:9a:c2:17:f2:f4:87:af:1b:c8:e7:33:
f3:8f:5f:dc:ff:f0:18:0c:ea:cc:74:2f:9e:98:1f:
2b:df:da:31:4d:54:87:50:c3:2a:21:37:08:6a:c6:
a2:c0:5a:cf:7e:d7:69:ac:fb:33:3b:68:30:f5:6b:
37:cb:12:74:ef:20:5b:10:f3:0c:0d:61:b0:e2:dc:
6d:4e:71:96:e9:6c:67:2b:66:fd:f8:b7:e2:34:a2:
d6:7e:a8:8d:c3:05:67:bb:ab:7d:08:b4:e5:12:b4:
ed:fb:6e:41:c2:ef:7f:7a:21:45:ce:35:88:de:bf:
47:f8:3e:45:56:51:f8:37:05:80:f2:87:b6:78:13:
a7:f8:13:01:a0:75:f1:06:d0:5d:b4:7c:19:54:aa:
46:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:71:EC:6C:51:AB:DD:4C:8C:D7:09:0D:1E:CC:B7:21:EC:8B:63:FD
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/g3HsbFGr3UyM1wkNHsy3IeyLY_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7300::/29
2a11:a1c0::/29
2a12:6100::/29
Signature Algorithm: sha256WithRSAEncryption
1c:ac:ae:e8:32:61:6a:96:3f:5a:c3:99:51:c2:6a:64:57:70:
4c:fe:15:bc:4b:03:8b:fe:ac:c8:bf:83:dc:41:05:b1:7e:c6:
f7:d6:8c:ac:20:f5:2d:96:cc:54:f7:34:4c:48:c5:c3:19:e1:
9a:9a:30:6d:da:ce:89:be:9a:14:44:cc:22:08:77:be:79:46:
01:03:76:42:fb:76:5a:49:8a:6e:76:10:54:32:be:79:93:1b:
6d:9e:a9:e0:b8:c0:c5:e8:83:4a:43:14:a3:35:02:af:03:bf:
12:72:55:0c:1b:48:eb:55:0d:16:45:99:37:af:6d:88:4a:56:
b6:fe:29:e2:11:cb:b3:bd:9c:f7:78:10:1a:67:3f:fb:ba:74:
fc:e6:79:92:b7:91:1c:f4:ea:2a:e9:96:a0:ca:54:94:cd:fd:
b0:93:eb:c0:06:a8:71:4f:35:7f:17:be:1b:7f:c0:e1:81:60:
61:29:01:78:3d:57:9f:cb:ed:5d:da:58:bc:fe:6f:76:75:c5:
19:87:f0:98:66:a8:0d:e4:31:8c:8e:d4:59:cc:38:dd:b9:49:
04:5f:02:5e:3b:b0:7b:50:0b:96:49:65:9a:25:c1:1d:52:ef:
1e:cc:26:b6:51:62:a1:f5:62:4e:ca:c5:87:2d:b9:a0:93:c8:
1c:32:f7:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIASVQIdMmOaAjZV6k9Drt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwOTE3MTQwMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzcxZWM2YzUxYWJkZDRjOGNkNzA5MGQxZWNjYjcyMWVjOGI2M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWE7Bdg5UNL4z4WMCLFaohyNNjFt
ov98hkNCd3rM6wfGizRIexRsYCT0GI9QyGG4Pm+Ut4c8cAUs3wCCKtCGYGlvdvyk
QXZ05TGCHAXl9lGn/tma0mB8H6JuhkQrL8NlmIx57Erbpa5IzB5jmsIX8vSHrxvI
5zPzj1/c//AYDOrMdC+emB8r39oxTVSHUMMqITcIasaiwFrPftdprPszO2gw9Ws3
yxJ07yBbEPMMDWGw4txtTnGW6WxnK2b9+LfiNKLWfqiNwwVnu6t9CLTlErTt+25B
wu9/eiFFzjWI3r9H+D5FVlH4NwWA8oe2eBOn+BMBoHXxBtBdtHwZVKpGQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFINx7GxRq91MjNcJDR7MtyHsi2P9MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZzNIc2JGR3IzVXlNMXdrTkhzeTNJZXlMWV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5zAAMF
AyoRocADBQMqEmEAMA0GCSqGSIb3DQEBCwUAA4IBAQAcrK7oMmFqlj9aw5lRwmpk
V3BM/hW8SwOL/qzIv4PcQQWxfsb31oysIPUtlsxU9zRMSMXDGeGamjBt2s6JvpoU
RMwiCHe+eUYBA3ZC+3ZaSYpudhBUMr55kxttnqnguMDF6INKQxSjNQKvA78SclUM
G0jrVQ0WRZk3r22ISla2/iniEcuzvZz3eBAaZz/7unT85nmSt5Ec9Ooq6ZagylSU
zf2wk+vABqhxTzV/F74bf8DhgWBhKQF4PVefy+1d2li8/m92dcUZh/CYZqgN5DGM
jtRZzDjduUkEXwJeO7B7UAuWSWWaJcEdUu8ezCa2UWKh9WJOysWHLbmgk8gcMvfU
-----END CERTIFICATE-----
Generated at Mon Oct 21 20:57:38 2024 by rpki-client on console-fra.rpki-client.org