Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3f7Bw_M9Gf_9GSd3YZmSrjB5cVU.roa
File: 3f7Bw_M9Gf_9GSd3YZmSrjB5cVU.roa (raw, json)
Hash identifier: GEuNNInK0lLSB17/gJa6MM+CINeRKsVyQ2aJaiDt0tI=
Subject key identifier: DD:FE:C1:C3:F3:3D:19:FF:FD:19:27:77:61:99:92:AE:30:79:71:55
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019007F460F41CA010B631AB7172401DF163
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3f7Bw_M9Gf_9GSd3YZmSrjB5cVU.roa
Signing time: Tue 11 Jun 2024 15:39:34 +0000
ROA not before: Tue 11 Jun 2024 15:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:3c40::/32 maxlen: 32
2a11:3c43::/32 maxlen: 32
2a11:3c46::/32 maxlen: 32
2a11:6bc1::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
2a11:6bc4::/32 maxlen: 32
2a11:6bc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:47:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:f4:60:f4:1c:a0:10:b6:31:ab:71:72:40:1d:f1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jun 11 15:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddfec1c3f33d19fffd192777619992ae30797155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:c0:09:cd:10:e3:b9:fc:b4:f6:d4:30:45:
04:7c:e3:b0:2a:ad:3f:1b:f7:7a:24:60:c1:d4:f3:
42:a1:45:44:9c:93:b4:1d:cf:3d:64:31:fc:16:1a:
b5:c6:74:88:49:5e:dd:1d:62:ec:0f:88:90:b1:55:
fd:42:fc:f6:6d:d1:de:8d:c3:ce:8b:86:59:05:21:
b1:68:b7:0a:fb:cf:90:f3:98:03:63:7c:4f:51:e0:
76:5c:ec:df:12:63:a4:db:6d:3b:85:17:81:70:18:
fa:ed:48:e1:9b:f0:93:46:9f:13:97:48:12:1f:db:
0c:07:08:6d:40:6d:09:00:e0:f9:60:e5:41:de:5d:
82:02:de:01:b1:5c:42:c9:ec:e6:ea:62:9b:79:7f:
cd:e5:9a:bf:7d:b9:74:b0:c1:1d:0b:35:f3:a0:1f:
1e:8e:03:ec:47:45:2a:9c:8b:16:77:6c:9e:a6:65:
9c:d5:85:cd:cf:93:30:14:05:93:71:42:8b:57:5f:
1a:7e:73:f6:e7:50:b2:37:6c:d1:fa:fc:e2:72:5e:
09:c4:fc:6f:10:b7:88:9d:00:23:02:b5:3f:8b:2f:
17:96:bb:c3:2c:25:04:c3:75:62:e4:34:8c:46:de:
60:2f:7c:70:eb:1d:bd:4c:86:1b:a0:45:fd:b4:61:
42:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FE:C1:C3:F3:3D:19:FF:FD:19:27:77:61:99:92:AE:30:79:71:55
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3f7Bw_M9Gf_9GSd3YZmSrjB5cVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c40::/32
2a11:3c43::/32
2a11:3c46::/32
2a11:6bc1::/32
2a11:6bc3::-2a11:6bc4:ffff:ffff:ffff:ffff:ffff:ffff
2a11:6bc6::/32
Signature Algorithm: sha256WithRSAEncryption
a0:57:a9:ac:ae:a9:f6:1f:d2:cd:c2:37:97:e3:47:64:60:f5:
19:3d:ad:9c:3b:52:1e:16:54:ac:c3:e2:80:e9:61:da:0e:06:
52:16:14:b6:80:b7:ab:55:9b:fe:60:af:0a:74:15:3c:26:7e:
47:7b:b0:be:df:4d:a0:ce:8c:d6:41:06:dc:0d:b0:35:0e:09:
70:59:6a:9e:b3:49:8e:6f:6b:92:66:8f:4a:18:a7:c3:9f:4d:
b1:6e:86:7c:20:87:e7:e8:4a:48:d2:99:bb:8d:7f:15:5a:d5:
1b:dd:68:8a:13:68:80:b8:59:42:fb:cf:51:e1:79:7d:71:1b:
b7:55:86:72:df:f9:fd:15:aa:f9:06:29:80:06:bf:89:53:c3:
fa:4f:b8:8b:d5:ac:c0:55:e2:b1:7e:84:d0:57:ab:c7:58:3d:
eb:7d:51:7d:2c:b7:f6:78:a1:0e:1c:66:0d:a2:95:f6:b5:e5:
f1:b8:c3:52:17:0f:24:8d:02:07:24:70:f5:be:74:48:58:eb:
48:6a:cc:90:ea:c5:b3:25:84:49:c1:68:5a:3a:f6:b3:af:03:
06:86:5b:38:00:e3:fe:26:70:0a:8a:45:da:36:aa:7d:30:3c:
68:63:42:ff:4e:2d:ea:39:7e:72:7d:f3:31:44:f5:82:45:8a:
35:8a:62:02
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZAH9GD0HKAQtjGrcXJAHfFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNjExMTUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZlYzFjM2YzM2QxOWZmZmQxOTI3Nzc2MTk5OTJhZTMwNzk3MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMTACc0Q47n8tPbUMEUEfOOwKq0/
G/d6JGDB1PNCoUVEnJO0Hc89ZDH8Fhq1xnSISV7dHWLsD4iQsVX9Qvz2bdHejcPO
i4ZZBSGxaLcK+8+Q85gDY3xPUeB2XOzfEmOk2207hReBcBj67Ujhm/CTRp8Tl0gS
H9sMBwhtQG0JAOD5YOVB3l2CAt4BsVxCyezm6mKbeX/N5Zq/fbl0sMEdCzXzoB8e
jgPsR0UqnIsWd2yepmWc1YXNz5MwFAWTcUKLV18afnP251CyN2zR+vzicl4JxPxv
ELeInQAjArU/iy8XlrvDLCUEw3Vi5DSMRt5gL3xw6x29TIYboEX9tGFCYwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN3+wcPzPRn//Rknd2GZkq4weXFVMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvM2Y3QndfTTlHZl85R1NkM1labVNyakI1Y1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUAKhE8QAMF
ACoRPEMDBQAqETxGAwUAKhFrwTAOAwUAKhFrwwMFACoRa8QDBQAqEWvGMA0GCSqG
SIb3DQEBCwUAA4IBAQCgV6msrqn2H9LNwjeX40dkYPUZPa2cO1IeFlSsw+KA6WHa
DgZSFhS2gLerVZv+YK8KdBU8Jn5He7C+302gzozWQQbcDbA1DglwWWqes0mOb2uS
Zo9KGKfDn02xboZ8IIfn6EpI0pm7jX8VWtUb3WiKE2iAuFlC+89R4Xl9cRu3VYZy
3/n9Far5BimABr+JU8P6T7iL1azAVeKxfoTQV6vHWD3rfVF9LLf2eKEOHGYNopX2
teXxuMNSFw8kjQIHJHD1vnRIWOtIasyQ6sWzJYRJwWhaOvazrwMGhls4AOP+JnAK
ikXaNqp9MDxoY0L/Ti3qOX5yffMxRPWCRYo1imIC
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:47 2024 by rpki-client on console-fra.rpki-client.org