Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jAhfvpNdLPSD9MAR1noazHohzWA.roa
File: jAhfvpNdLPSD9MAR1noazHohzWA.roa (raw, json)
Hash identifier: GdpT9DqYYC0wH3mo7tPMb0Ait9NpW8guj5KaXQM4XB8=
Subject key identifier: 8C:08:5F:BE:93:5D:2C:F4:83:F4:C0:11:D6:7A:1A:CC:7A:21:CD:60
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018F9BC0A667AE8633AE172F32621F455566
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jAhfvpNdLPSD9MAR1noazHohzWA.roa
Signing time: Tue 21 May 2024 15:24:04 +0000
ROA not before: Tue 21 May 2024 15:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8cc0::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 23 May 2024 12:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:c0:a6:67:ae:86:33:ae:17:2f:32:62:1f:45:55:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 21 15:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c085fbe935d2cf483f4c011d67a1acc7a21cd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0d:9b:3b:d2:79:cf:6f:d7:ea:e2:a9:45:c0:
1b:80:d7:9e:cd:e6:46:8d:f6:a9:3e:07:56:b5:31:
4d:ad:b6:63:00:a5:b7:ca:b3:10:cd:c9:9e:c0:d1:
34:63:ae:20:a5:62:0b:21:75:70:47:b3:53:9f:25:
25:33:03:2c:07:c4:0f:6f:4a:8b:1f:f6:eb:9c:2a:
a4:a0:b9:c8:ab:88:22:8e:a8:60:ee:e6:c8:ef:73:
98:ed:86:fa:4f:16:c1:97:26:f1:10:cf:65:0d:02:
ae:fd:ec:4e:c7:b0:d2:2b:19:e4:93:cf:76:bb:8c:
bc:92:4a:38:49:da:f5:c5:c9:96:bd:fd:f2:b6:1a:
61:96:ef:d7:70:f4:66:a3:45:f7:27:4b:b5:af:ec:
a3:3e:c5:8f:b2:66:c8:91:77:32:0f:59:f5:29:7e:
29:e6:5d:13:95:44:6e:ba:22:8a:85:91:9a:64:93:
5a:3d:5f:9d:a5:e8:f5:b8:31:f4:a9:56:bb:9f:fa:
91:52:2d:52:fd:90:15:aa:ce:2e:1d:66:c9:1c:44:
61:63:22:ca:a0:e9:05:da:2d:a9:21:fa:5a:f3:6b:
e8:ff:45:80:48:69:a2:8b:63:5d:bd:44:79:4a:a5:
f7:f0:7f:e5:e9:9c:21:73:18:e6:05:85:82:5f:ca:
8a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:08:5F:BE:93:5D:2C:F4:83:F4:C0:11:D6:7A:1A:CC:7A:21:CD:60
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/jAhfvpNdLPSD9MAR1noazHohzWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8cc0::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
67:aa:4c:26:c6:dd:8a:99:b4:63:15:e3:a7:7c:ed:2e:0e:8d:
28:cf:e4:67:45:a0:47:cc:c4:a8:c4:b5:a8:ab:97:8a:af:3c:
98:da:aa:a0:a3:ce:83:ad:fe:34:d8:27:d8:3d:3e:9e:30:e4:
74:7a:64:7b:03:1e:8c:df:96:5d:96:47:ec:f4:d5:3f:67:10:
d0:9b:d9:a9:a8:61:8d:2e:78:ff:ce:fd:ed:87:bc:d1:b2:85:
f9:f3:e9:9f:15:d8:3d:39:b1:28:51:7d:d7:66:98:ff:a8:40:
bd:dc:ce:b4:c1:f0:37:f7:da:66:4d:ca:e7:4c:4a:80:77:52:
bd:00:64:70:e6:e5:a1:94:2c:2b:b5:d7:27:06:8e:da:dd:d9:
1e:3a:0e:a1:18:a9:a3:d2:21:35:b1:70:5f:da:08:a2:99:ea:
92:48:f7:3a:fc:29:d2:23:bc:46:a3:c1:c8:9e:c4:e5:ab:67:
01:b3:1c:da:a8:49:3c:05:52:ba:ce:ac:f1:de:71:0f:b5:92:
fa:f3:52:70:1d:84:9f:3a:48:9c:97:e7:67:92:05:e4:0e:a3:
1b:50:b2:32:96:23:79:62:0b:1d:7f:aa:7e:39:d4:a3:12:7f:
cf:52:14:46:de:48:12:5a:18:55:68:33:be:9f:ff:1d:fd:25:
91:a0:3d:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+bwKZnroYzrhcvMmIfRVVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTIxMTUyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzA4NWZiZTkzNWQyY2Y0ODNmNGMwMTFkNjdhMWFjYzdhMjFjZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ2bO9J5z2/X6uKpRcAbgNeezeZG
jfapPgdWtTFNrbZjAKW3yrMQzcmewNE0Y64gpWILIXVwR7NTnyUlMwMsB8QPb0qL
H/brnCqkoLnIq4gijqhg7ubI73OY7Yb6TxbBlybxEM9lDQKu/exOx7DSKxnkk892
u4y8kko4Sdr1xcmWvf3ythphlu/XcPRmo0X3J0u1r+yjPsWPsmbIkXcyD1n1KX4p
5l0TlURuuiKKhZGaZJNaPV+dpej1uDH0qVa7n/qRUi1S/ZAVqs4uHWbJHERhYyLK
oOkF2i2pIfpa82vo/0WASGmii2NdvUR5SqX38H/l6ZwhcxjmBYWCX8qKTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIwIX76TXSz0g/TAEdZ6Gsx6Ic1gMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvakFoZnZwTmRMUFNEOU1BUjFub2F6SG9oeldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhGMwAMF
AyoSIMADBQMqEtGAMA0GCSqGSIb3DQEBCwUAA4IBAQBnqkwmxt2KmbRjFeOnfO0u
Do0oz+RnRaBHzMSoxLWoq5eKrzyY2qqgo86Drf402CfYPT6eMOR0emR7Ax6M35Zd
lkfs9NU/ZxDQm9mpqGGNLnj/zv3th7zRsoX58+mfFdg9ObEoUX3XZpj/qEC93M60
wfA399pmTcrnTEqAd1K9AGRw5uWhlCwrtdcnBo7a3dkeOg6hGKmj0iE1sXBf2gii
meqSSPc6/CnSI7xGo8HInsTlq2cBsxzaqEk8BVK6zqzx3nEPtZL681JwHYSfOkic
l+dnkgXkDqMbULIyliN5Ygsdf6p+OdSjEn/PUhRG3kgSWhhVaDO+n/8d/SWRoD1k
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org