Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ETWcuO5GfrLli3A3hYW6ogy8YVM.roa
File: ETWcuO5GfrLli3A3hYW6ogy8YVM.roa (raw, json)
Hash identifier: +Sq8frOA+AOP4GPxoZcXZ3TLZJAf0q8wQFyVrFgnPL4=
Subject key identifier: 11:35:9C:B8:EE:46:7E:B2:E5:8B:70:37:85:85:BA:A2:0C:BC:61:53
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01904A12A5E7CF36E8A75044E305CE45FCEB
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ETWcuO5GfrLli3A3hYW6ogy8YVM.roa
Signing time: Mon 24 Jun 2024 11:47:34 +0000
ROA not before: Mon 24 Jun 2024 11:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:3c40::/32 maxlen: 32
2a11:3c41::/32 maxlen: 32
2a11:3c43::/32 maxlen: 32
2a11:3c46::/32 maxlen: 32
2a11:6bc1::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
2a11:6bc4::/32 maxlen: 32
2a11:6bc6::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Aug 2024 09:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:12:a5:e7:cf:36:e8:a7:50:44:e3:05:ce:45:fc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jun 24 11:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11359cb8ee467eb2e58b70378585baa20cbc6153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9e:f6:31:3e:69:03:fb:6b:91:c9:77:ab:ce:
6d:29:22:60:21:1c:d8:e3:e6:c1:5c:d8:73:1a:04:
2b:40:84:38:8e:cd:0b:94:d0:40:94:5d:0d:0e:7c:
66:21:3f:97:64:8f:42:f3:a9:5a:10:74:bd:bb:0a:
dc:a8:35:79:95:63:51:02:a4:d3:22:a9:cd:2a:d7:
1d:e2:01:9d:e9:9a:0a:c5:55:13:89:98:ab:d7:33:
92:8a:1c:20:03:6c:8b:d8:8d:33:15:48:a2:32:ed:
32:37:dd:4d:49:02:e1:e9:1f:5e:6a:4f:65:9b:5b:
0b:ac:01:9e:16:b5:e5:d2:20:77:32:32:01:ba:0e:
fc:92:2c:e3:e8:df:62:3f:ef:5d:70:8d:de:7c:6f:
99:41:1c:fd:0e:1a:01:77:93:bb:bf:46:2e:db:72:
45:4d:e3:2d:41:6a:a8:08:15:b3:f1:64:de:a8:ba:
c2:b2:07:c1:0c:f3:77:f8:28:a3:2b:e3:a9:0d:80:
2f:b4:a5:8b:d4:40:e8:0b:bc:6b:3e:fb:2d:9f:16:
da:c8:29:95:3a:86:eb:a6:72:08:8b:c1:a0:82:56:
71:88:9a:2f:70:79:e0:0d:2f:60:fa:e1:7a:ee:85:
56:14:0b:6e:a5:7f:7a:1a:35:ef:f3:b5:dd:de:e3:
93:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:35:9C:B8:EE:46:7E:B2:E5:8B:70:37:85:85:BA:A2:0C:BC:61:53
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ETWcuO5GfrLli3A3hYW6ogy8YVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c40::/31
2a11:3c43::/32
2a11:3c46::/32
2a11:6bc1::/32
2a11:6bc3::-2a11:6bc4:ffff:ffff:ffff:ffff:ffff:ffff
2a11:6bc6::/32
Signature Algorithm: sha256WithRSAEncryption
1f:e6:db:aa:20:99:ae:02:a6:e3:33:ff:3b:7f:6d:63:fc:28:
b4:c5:ed:55:e1:75:be:5b:62:4e:41:d9:fb:b7:f8:fb:75:85:
3a:89:3e:3f:6b:d9:e5:3d:96:07:f9:f9:2b:a3:e9:b6:be:a7:
3a:4d:52:15:20:f1:8c:60:0b:e1:f2:b3:dd:ef:22:6a:11:2b:
b7:7a:b5:94:49:8a:c0:60:e8:4e:88:83:48:88:be:21:66:1a:
dd:29:35:90:82:72:45:4e:e2:25:1a:eb:6d:9a:4a:43:89:04:
11:3f:58:af:a8:b4:01:85:06:1d:c3:84:58:00:ca:ea:d5:5c:
1a:3e:7e:f1:2c:f5:4d:43:46:65:e1:30:14:c1:69:4c:14:4b:
95:f6:10:3c:10:5b:12:97:95:21:a5:79:4f:75:f5:f5:5c:a9:
93:79:5b:56:ec:76:61:8d:58:8a:0b:b6:04:83:06:b9:e5:78:
58:eb:f5:3b:44:75:85:e7:22:72:34:4c:cf:16:77:25:5c:37:
1a:86:a7:8d:37:ba:5b:9e:84:83:e9:38:c0:9e:be:76:a6:24:
bb:14:cf:9b:91:2a:2a:3a:0a:80:fc:3a:fe:09:0e:1a:fc:fb:
94:00:37:33:4c:9b:14:48:15:71:57:dc:a7:c9:db:f5:c9:f3:
e5:44:7d:fb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZBKEqXnzzbop1BE4wXORfzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNjI0MTE0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTM1OWNiOGVlNDY3ZWIyZTU4YjcwMzc4NTg1YmFhMjBjYmM2MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ72MT5pA/trkcl3q85tKSJgIRzY
4+bBXNhzGgQrQIQ4js0LlNBAlF0NDnxmIT+XZI9C86laEHS9uwrcqDV5lWNRAqTT
IqnNKtcd4gGd6ZoKxVUTiZir1zOSihwgA2yL2I0zFUiiMu0yN91NSQLh6R9eak9l
m1sLrAGeFrXl0iB3MjIBug78kizj6N9iP+9dcI3efG+ZQRz9DhoBd5O7v0Yu23JF
TeMtQWqoCBWz8WTeqLrCsgfBDPN3+CijK+OpDYAvtKWL1EDoC7xrPvstnxbayCmV
OobrpnIIi8GgglZxiJovcHngDS9g+uF67oVWFAtupX96GjXv87Xd3uOTtwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBE1nLjuRn6y5YtwN4WFuqIMvGFTMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvRVRXY3VPNUdmckxsaTNBM2hZVzZvZ3k4WVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUBKhE8QAMF
ACoRPEMDBQAqETxGAwUAKhFrwTAOAwUAKhFrwwMFACoRa8QDBQAqEWvGMA0GCSqG
SIb3DQEBCwUAA4IBAQAf5tuqIJmuAqbjM/87f21j/Ci0xe1V4XW+W2JOQdn7t/j7
dYU6iT4/a9nlPZYH+fkro+m2vqc6TVIVIPGMYAvh8rPd7yJqESu3erWUSYrAYOhO
iINIiL4hZhrdKTWQgnJFTuIlGuttmkpDiQQRP1ivqLQBhQYdw4RYAMrq1VwaPn7x
LPVNQ0Zl4TAUwWlMFEuV9hA8EFsSl5UhpXlPdfX1XKmTeVtW7HZhjViKC7YEgwa5
5XhY6/U7RHWF5yJyNEzPFnclXDcahqeNN7pbnoSD6TjAnr52piS7FM+bkSoqOgqA
/Dr+CQ4a/PuUADczTJsUSBVxV9ynydv1yfPlRH37
-----END CERTIFICATE-----
Generated at Fri Aug 9 12:13:07 2024 by rpki-client on console-fra.rpki-client.org