Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/YQdrcVHNkUqT6Ige2iD9TmaMx0I.roa
File: YQdrcVHNkUqT6Ige2iD9TmaMx0I.roa (raw, json)
Hash identifier: ZCdi9p5ppQpxUloAnCCn98ALvZZUO5R97NcAJ2SdSxU=
Subject key identifier: 61:07:6B:71:51:CD:91:4A:93:E8:88:1E:DA:20:FD:4E:66:8C:C7:42
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 01862CE37491BBCCAE36B779C4DADBA09C73
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/YQdrcVHNkUqT6Ige2iD9TmaMx0I.roa
Signing time: Tue 07 Feb 2023 17:19:09 +0000
ROA not before: Tue 07 Feb 2023 17:19:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60649
IP address blocks: 150.129.11.0/24 maxlen: 24
2a0f:6bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:e3:74:91:bb:cc:ae:36:b7:79:c4:da:db:a0:9c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Feb 7 17:19:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61076b7151cd914a93e8881eda20fd4e668cc742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a8:59:ac:d1:1d:62:e6:d3:7b:18:4e:ed:2d:
41:a5:85:af:3d:6b:c3:5c:bc:41:bf:ca:6e:cd:47:
11:b1:4c:04:64:2e:a4:e4:8a:9a:ab:08:6b:a4:5d:
0f:b7:23:73:60:81:56:d4:a2:cd:61:6a:5e:69:8c:
4a:17:c1:7c:c0:03:7a:6f:21:14:15:67:e6:43:38:
c4:c9:b3:57:95:6f:9f:e8:f7:f1:87:eb:7e:b5:d1:
de:f3:bb:ee:72:50:4e:4d:38:46:e1:e1:9e:a2:21:
c7:bc:ec:a6:4b:75:c4:69:1f:83:df:20:74:ce:1d:
5e:6c:12:de:a2:0a:52:1a:72:fb:7c:91:d5:ca:f0:
4c:e1:a5:fb:7f:16:c6:ca:bd:a7:b2:5a:8b:86:0d:
50:af:4b:ed:ac:ee:f8:0f:f4:0f:1d:fa:47:ef:d4:
7d:ea:df:b2:58:f2:f2:e4:99:b8:18:b7:89:10:27:
7e:ce:da:59:26:8e:4f:4e:e2:17:f2:87:97:d2:fa:
c7:01:6b:c4:7a:b3:20:06:fb:4a:e0:db:af:5d:1e:
1b:e2:32:6b:1e:7c:69:80:20:83:6b:aa:84:5d:b6:
fc:89:bd:19:68:76:01:19:3f:75:d1:69:73:a9:c4:
27:c7:ee:df:d2:4b:2e:fa:81:4e:a5:84:4f:d3:aa:
68:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:07:6B:71:51:CD:91:4A:93:E8:88:1E:DA:20:FD:4E:66:8C:C7:42
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/YQdrcVHNkUqT6Ige2iD9TmaMx0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.129.11.0/24
IPv6:
2a0f:6bc0::/32
Signature Algorithm: sha256WithRSAEncryption
c4:6f:be:0e:e0:c4:0a:7e:e1:25:c5:b4:33:07:2d:f7:21:ec:
6f:23:54:97:75:d2:7b:4f:60:6b:66:e1:f9:eb:32:8f:03:f1:
f2:4e:f7:a2:10:9e:72:2d:5b:5d:07:0c:68:a6:ca:23:b4:a5:
b6:aa:34:06:04:e0:15:41:50:64:28:71:66:82:e9:16:86:f2:
28:77:5f:e5:80:5a:13:b5:c9:28:7f:bc:c9:2b:bd:5e:c2:bc:
0b:f7:7e:2b:e3:0b:e4:27:66:10:ce:81:6d:4e:1a:1f:69:78:
2d:b1:11:82:7c:a6:f8:98:a0:ea:c3:15:75:de:c2:6b:4d:29:
bb:09:1e:4c:84:cf:6d:93:48:02:98:2f:95:44:ee:cd:23:08:
3b:1b:61:5d:76:fe:2f:b8:01:a2:a8:02:da:94:7b:5a:b3:0b:
61:c8:8f:a3:35:6b:1d:f0:3a:00:7b:cf:2c:bf:bd:27:63:f6:
6b:c7:5c:bb:9f:15:5a:df:e0:c7:e0:32:82:4e:f8:64:cc:98:
99:98:17:10:4a:9f:d5:4d:23:8d:9d:7c:27:0b:55:f2:70:4f:
64:e5:ed:06:b6:7d:6f:6a:cd:39:4d:52:7e:34:ca:bb:bd:6b:
c6:a2:98:7d:de:9c:ad:e2:ec:75:ea:43:29:44:1d:e7:bb:43:
4e:93:f3:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYs43SRu8yuNrd5xNrboJxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjMwMjA3MTcxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTA3NmI3MTUxY2Q5MTRhOTNlODg4MWVkYTIwZmQ0ZTY2OGNjNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKhZrNEdYubTexhO7S1BpYWvPWvD
XLxBv8puzUcRsUwEZC6k5IqaqwhrpF0PtyNzYIFW1KLNYWpeaYxKF8F8wAN6byEU
FWfmQzjEybNXlW+f6Pfxh+t+tdHe87vuclBOTThG4eGeoiHHvOymS3XEaR+D3yB0
zh1ebBLeogpSGnL7fJHVyvBM4aX7fxbGyr2nslqLhg1Qr0vtrO74D/QPHfpH79R9
6t+yWPLy5Jm4GLeJECd+ztpZJo5PTuIX8oeX0vrHAWvEerMgBvtK4NuvXR4b4jJr
HnxpgCCDa6qEXbb8ib0ZaHYBGT910WlzqcQnx+7f0ksu+oFOpYRP06poIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGEHa3FRzZFKk+iIHtog/U5mjMdCMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvWVFkcmNWSE5rVXFUNklnZTJpRDlUbWFNeDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAloELMA0E
AgACMAcDBQAqD2vAMA0GCSqGSIb3DQEBCwUAA4IBAQDEb74O4MQKfuElxbQzBy33
IexvI1SXddJ7T2BrZuH56zKPA/HyTveiEJ5yLVtdBwxopsojtKW2qjQGBOAVQVBk
KHFmgukWhvIod1/lgFoTtckof7zJK71ewrwL934r4wvkJ2YQzoFtThofaXgtsRGC
fKb4mKDqwxV13sJrTSm7CR5MhM9tk0gCmC+VRO7NIwg7G2Fddv4vuAGiqALalHta
swthyI+jNWsd8DoAe88sv70nY/Zrx1y7nxVa3+DH4DKCTvhkzJiZmBcQSp/VTSON
nXwnC1XycE9k5e0Gtn1vas05TVJ+NMq7vWvGoph93pyt4ux16kMpRB3nu0NOk/OI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:42 2024 by rpki-client on console-fra.rpki-client.org