Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Vh_CWVDAeYVy8XxYLtXFbdSru3M.roa
File: Vh_CWVDAeYVy8XxYLtXFbdSru3M.roa (raw, json)
Hash identifier: zVRTCyW5e7ahOa3pVgWIsnrp3aAaXp2HsBnM80K2Ea4=
Subject key identifier: 56:1F:C2:59:50:C0:79:85:72:F1:7C:58:2E:D5:C5:6D:D4:AB:BB:73
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E6C142C42FF68DC8C48D1CCC28AAE4E13
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Vh_CWVDAeYVy8XxYLtXFbdSru3M.roa
Signing time: Sat 23 Mar 2024 16:10:45 +0000
ROA not before: Sat 23 Mar 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:3c43::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Mar 2024 10:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6c:14:2c:42:ff:68:dc:8c:48:d1:cc:c2:8a:ae:4e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Mar 23 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=561fc25950c0798572f17c582ed5c56dd4abbb73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:14:5a:74:65:c8:98:e1:42:7b:40:99:9b:92:
5b:e9:a6:96:5a:70:83:11:13:63:b3:ec:39:57:bd:
24:e8:56:da:49:dd:67:71:d5:41:99:12:0d:85:cd:
9b:08:e0:a2:8d:91:24:6a:69:27:f4:1c:4a:07:4a:
e2:bf:c0:f7:9e:14:da:df:6f:68:fd:20:41:79:3f:
2b:bf:4f:42:a7:69:ae:b3:ce:8d:e4:38:c7:18:b5:
fe:96:a9:01:6b:9d:1e:54:c4:53:41:61:1e:72:07:
27:06:8e:00:25:84:cb:01:29:a3:21:59:33:d9:60:
57:0d:e8:c8:ba:b6:09:5c:54:38:d1:d4:b4:94:46:
24:fd:4f:e7:eb:d0:58:43:bb:62:26:9c:e1:2c:44:
3a:cb:63:06:a8:c8:44:2d:fa:41:74:f2:0e:4d:ef:
66:de:90:05:63:a5:17:f6:00:5f:be:fe:74:d4:7f:
c6:ac:a3:79:b1:70:27:18:2d:4b:81:99:ce:74:9a:
d2:ab:c4:1a:d9:c3:8b:12:04:37:7c:37:ee:3d:4b:
de:06:d7:75:05:18:4f:a1:ae:af:06:d4:c9:25:97:
7b:3f:6a:c4:cc:79:41:00:7a:fb:c3:cd:19:e6:34:
6c:c3:b8:01:b8:eb:97:03:f1:da:5f:68:18:10:9e:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1F:C2:59:50:C0:79:85:72:F1:7C:58:2E:D5:C5:6D:D4:AB:BB:73
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Vh_CWVDAeYVy8XxYLtXFbdSru3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c43::/32
2a11:6bc3::/32
Signature Algorithm: sha256WithRSAEncryption
55:96:9c:02:d5:6a:67:8f:cd:f9:b0:10:82:42:a0:1a:75:5a:
59:aa:26:18:62:e9:62:32:d8:26:e6:59:6b:a4:f3:32:49:ed:
45:18:f6:30:2d:4f:f2:4e:4a:d3:4f:c8:cc:77:d2:87:e5:98:
77:97:45:00:b9:d3:4f:1a:d7:dc:92:24:c3:d1:d7:24:dc:0b:
42:e6:75:d5:eb:68:89:0e:5b:b2:cf:b5:0e:d8:43:33:15:71:
2e:03:71:97:16:b6:b1:8a:a1:30:20:e0:5e:ad:71:73:ac:98:
1d:96:c5:e3:82:0d:16:87:e5:5a:6b:e1:db:90:1f:b4:32:49:
8b:ee:d3:c7:ea:da:b1:32:1a:e5:41:57:2c:88:dc:a8:64:ea:
2f:b9:ce:a0:fa:33:bf:d9:6b:9e:d1:93:dd:e8:13:82:c7:fb:
b6:48:a4:5a:c7:3a:fa:9a:e2:2f:1a:1b:ca:e1:27:81:2e:a1:
37:e5:bf:5b:c5:eb:1a:9c:bb:d7:80:f5:c1:ef:f7:ab:3b:0a:
a9:71:94:96:9d:d5:3b:70:85:3e:84:83:5f:c2:08:e9:7e:24:
ff:e0:e4:69:aa:bc:bd:8e:46:6e:8e:f4:6a:80:ac:34:3b:90:
98:c1:ff:d3:04:53:24:65:24:54:e2:75:77:36:3a:cb:48:8c:
f1:c3:6c:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5sFCxC/2jcjEjRzMKKrk4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMzIzMTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFmYzI1OTUwYzA3OTg1NzJmMTdjNTgyZWQ1YzU2ZGQ0YWJiYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhRadGXImOFCe0CZm5Jb6aaWWnCD
ERNjs+w5V70k6FbaSd1ncdVBmRINhc2bCOCijZEkamkn9BxKB0riv8D3nhTa329o
/SBBeT8rv09Cp2mus86N5DjHGLX+lqkBa50eVMRTQWEecgcnBo4AJYTLASmjIVkz
2WBXDejIurYJXFQ40dS0lEYk/U/n69BYQ7tiJpzhLEQ6y2MGqMhELfpBdPIOTe9m
3pAFY6UX9gBfvv501H/GrKN5sXAnGC1LgZnOdJrSq8Qa2cOLEgQ3fDfuPUveBtd1
BRhPoa6vBtTJJZd7P2rEzHlBAHr7w80Z5jRsw7gBuOuXA/HaX2gYEJ6N6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFYfwllQwHmFcvF8WC7VxW3Uq7tzMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvVmhfQ1dWREFlWVZ5OFh4WUx0WEZiZFNydTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhE8QwMF
ACoRa8MwDQYJKoZIhvcNAQELBQADggEBAFWWnALVamePzfmwEIJCoBp1WlmqJhhi
6WIy2CbmWWuk8zJJ7UUY9jAtT/JOStNPyMx30oflmHeXRQC5008a19ySJMPR1yTc
C0LmddXraIkOW7LPtQ7YQzMVcS4DcZcWtrGKoTAg4F6tcXOsmB2WxeOCDRaH5Vpr
4duQH7QySYvu08fq2rEyGuVBVyyI3Khk6i+5zqD6M7/Za57Rk93oE4LH+7ZIpFrH
Ovqa4i8aG8rhJ4EuoTflv1vF6xqcu9eA9cHv96s7CqlxlJad1TtwhT6Eg1/CCOl+
JP/g5GmqvL2ORm6O9GqArDQ7kJjB/9MEUyRlJFTidXc2OstIjPHDbK4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org