Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/IdxeF6bmXgPkfGScKsAo3SkhdSM.roa
File: IdxeF6bmXgPkfGScKsAo3SkhdSM.roa (raw, json)
Hash identifier: ae12K2Ze+vb8/KQp1KS6fJwLd/rZ7q1fqqgbxXxbrr4=
Subject key identifier: 21:DC:5E:17:A6:E6:5E:03:E4:7C:64:9C:2A:C0:28:DD:29:21:75:23
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01904A12A6264AC7F29C49B7DFA33A9255DB
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/IdxeF6bmXgPkfGScKsAo3SkhdSM.roa
Signing time: Mon 24 Jun 2024 11:47:34 +0000
ROA not before: Mon 24 Jun 2024 11:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:e9c3::/32 maxlen: 32
2a11:e9c5::/32 maxlen: 32
2a14:2dc0::/32 maxlen: 32
2a14:2dc1::/32 maxlen: 32
2a14:2dc2::/32 maxlen: 32
2a14:2dc3::/32 maxlen: 32
2a14:2dc4::/32 maxlen: 32
2a14:2dc5::/32 maxlen: 32
2a14:2dc6::/32 maxlen: 32
2a14:2dc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 19 Nov 2024 15:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:12:a6:26:4a:c7:f2:9c:49:b7:df:a3:3a:92:55:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 24 11:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21dc5e17a6e65e03e47c649c2ac028dd29217523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:a7:74:c0:e3:6e:1e:28:1d:80:94:0d:75:
75:ce:2b:45:40:60:46:bd:a5:c8:c2:49:be:47:f9:
7d:2b:0a:06:1a:2b:c8:4e:75:99:4c:9d:a8:b0:e4:
96:79:7a:39:03:5a:58:e3:d9:c0:60:c6:5d:44:21:
0f:16:14:a1:f3:90:12:fd:eb:6d:bf:f0:6c:47:db:
1b:07:ff:f1:49:01:5c:26:23:62:d4:dd:c2:c2:51:
54:00:75:ff:a5:7d:33:31:c8:df:76:75:05:a9:ec:
40:cc:38:cd:6c:c0:d8:f9:56:d6:ce:3a:c7:5c:e9:
a0:a8:52:6e:05:a8:af:e4:e6:c5:79:44:47:ce:2e:
45:9c:a1:fb:55:4d:00:98:4a:82:9f:1b:2e:16:bb:
93:56:45:7c:4d:51:de:41:3d:23:e7:9d:28:3a:9d:
41:03:db:6b:79:f8:4a:ff:de:bb:3b:82:bb:5a:d2:
d3:cd:52:f0:c7:56:c3:08:59:fd:b2:d0:b4:1c:5c:
38:ef:2a:d2:c7:cf:2d:01:3c:28:ba:f9:69:c7:1a:
a5:8d:31:61:a1:a0:2f:11:56:21:c9:cc:a1:81:23:
3b:67:af:e9:24:cb:b1:7e:69:ca:f0:2e:20:74:d7:
27:c3:70:58:bb:d9:88:3a:3e:52:a1:1f:10:0f:da:
be:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DC:5E:17:A6:E6:5E:03:E4:7C:64:9C:2A:C0:28:DD:29:21:75:23
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/IdxeF6bmXgPkfGScKsAo3SkhdSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e9c3::/32
2a11:e9c5::/32
2a14:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:a6:9b:31:1d:2b:fb:7c:74:e4:4f:10:22:bb:04:aa:7c:ff:
df:56:58:57:b4:6a:cd:44:82:2b:29:cd:ec:a7:09:e2:1f:ff:
24:66:d7:d3:08:b4:ce:40:82:9e:32:c9:44:19:cb:27:2d:87:
4c:ef:db:9b:a5:f3:bf:c9:05:cf:2a:88:e9:f8:fb:20:67:a2:
30:4b:eb:12:5d:f7:95:13:6f:38:62:5d:e7:18:6c:81:a3:6a:
9e:dc:82:58:76:64:28:71:fd:0a:51:3d:58:4f:57:8f:09:85:
92:b0:76:35:d0:6e:e5:0d:13:98:34:95:4d:e8:52:64:44:4d:
e8:1b:c2:54:43:84:01:5f:43:13:7f:f8:f4:3d:d7:49:dc:c9:
78:e4:48:a0:4d:59:de:02:4f:d6:6a:db:8d:e9:2f:cc:3f:33:
5b:e7:fe:9f:f8:37:34:81:4e:86:0f:c1:20:33:6d:25:1a:cb:
6c:d7:27:ab:cc:1b:91:68:fe:3c:58:26:bf:15:a9:33:3c:d4:
ee:54:94:91:2f:90:e4:4b:38:2a:9d:de:4d:4e:01:30:a2:b7:
30:c2:60:da:60:2f:c1:3d:e6:de:da:5a:c5:f2:2d:42:0c:f9:
4d:4b:20:bf:2c:92:d3:dc:9f:dd:5e:ff:c3:bc:8c:49:eb:06:
9a:1e:09:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBKEqYmSsfynEm336M6klXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjI0MTE0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWRjNWUxN2E2ZTY1ZTAzZTQ3YzY0OWMyYWMwMjhkZDI5MjE3NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc+ndMDjbh4oHYCUDXV1zitFQGBG
vaXIwkm+R/l9KwoGGivITnWZTJ2osOSWeXo5A1pY49nAYMZdRCEPFhSh85AS/ett
v/BsR9sbB//xSQFcJiNi1N3CwlFUAHX/pX0zMcjfdnUFqexAzDjNbMDY+VbWzjrH
XOmgqFJuBaiv5ObFeURHzi5FnKH7VU0AmEqCnxsuFruTVkV8TVHeQT0j550oOp1B
A9trefhK/967O4K7WtLTzVLwx1bDCFn9stC0HFw47yrSx88tATwouvlpxxqljTFh
oaAvEVYhycyhgSM7Z6/pJMuxfmnK8C4gdNcnw3BYu9mIOj5SoR8QD9q+iQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCHcXhem5l4D5HxknCrAKN0pIXUjMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSWR4ZUY2Ym1YZ1BrZkdTY0tzQW8zU2toZFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhHpwwMF
ACoR6cUDBQMqFC3AMA0GCSqGSIb3DQEBCwUAA4IBAQB/ppsxHSv7fHTkTxAiuwSq
fP/fVlhXtGrNRIIrKc3spwniH/8kZtfTCLTOQIKeMslEGcsnLYdM79ubpfO/yQXP
Kojp+PsgZ6IwS+sSXfeVE284Yl3nGGyBo2qe3IJYdmQocf0KUT1YT1ePCYWSsHY1
0G7lDROYNJVN6FJkRE3oG8JUQ4QBX0MTf/j0PddJ3Ml45EigTVneAk/WatuN6S/M
PzNb5/6f+Dc0gU6GD8EgM20lGsts1yerzBuRaP48WCa/FakzPNTuVJSRL5DkSzgq
nd5NTgEworcwwmDaYC/BPebe2lrF8i1CDPlNSyC/LJLT3J/dXv/DvIxJ6waaHglY
-----END CERTIFICATE-----
Generated at Tue Nov 19 19:24:41 2024 by rpki-client on console-fra.rpki-client.org