Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/QXUzy0qVzPjMLOQR766SOJteijQ.roa
File: QXUzy0qVzPjMLOQR766SOJteijQ.roa (raw, json)
Hash identifier: 6cmOfCN+j+G5slh92Dk7cpG6Yu3VRww2/BGH5NHtfLY=
Subject key identifier: 41:75:33:CB:4A:95:CC:F8:CC:2C:E4:11:EF:AE:92:38:9B:5E:8A:34
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018FE4786A2057980C4BD4CF56C8C88A7782
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/QXUzy0qVzPjMLOQR766SOJteijQ.roa
Signing time: Tue 04 Jun 2024 18:17:27 +0000
ROA not before: Tue 04 Jun 2024 18:17:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:a040::/29 maxlen: 29
2a11:e8c0::/29 maxlen: 29
2a11:ea80::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:1040::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9300::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Jun 2024 14:27:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e4:78:6a:20:57:98:0c:4b:d4:cf:56:c8:c8:8a:77:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 4 18:17:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=417533cb4a95ccf8cc2ce411efae92389b5e8a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b3:b3:b4:98:d9:71:06:c5:f0:7f:3f:2d:af:
9e:27:4a:22:cf:82:92:6b:3e:13:ec:0d:31:83:33:
94:2d:22:83:c7:ec:6c:e4:4a:71:18:42:f1:fe:19:
34:88:9e:f1:42:39:d4:31:cf:c2:d6:31:29:6e:83:
5f:fd:f6:22:13:1d:35:0e:bf:d3:fb:66:52:f7:ef:
3b:f3:13:30:a2:4c:07:78:46:f1:72:a4:f8:7b:f0:
fb:15:63:1d:fc:77:bd:46:55:d9:34:05:a9:36:f9:
37:95:86:61:43:47:ed:cc:e5:6c:e9:ca:cc:d5:5d:
40:dd:e9:41:7f:4d:04:d6:92:19:8b:fb:08:7c:41:
45:7c:06:7a:33:50:a0:1d:c3:07:e8:a3:36:b1:50:
78:a3:79:73:c6:97:a1:68:39:88:2f:71:09:94:33:
28:c4:4f:98:68:64:f7:25:cb:4e:6d:72:71:48:bc:
76:f6:ec:f4:3a:26:17:cf:84:97:0c:32:97:15:d9:
50:52:86:67:b7:80:fe:12:10:69:c6:3a:46:48:82:
06:d8:11:2e:76:a7:bb:62:43:bc:8f:83:e0:26:aa:
2a:5e:94:e5:8e:ae:f4:86:8e:60:59:ee:90:ff:88:
dc:aa:ca:0c:b0:c2:d4:9a:33:7e:a1:80:21:2d:0b:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:75:33:CB:4A:95:CC:F8:CC:2C:E4:11:EF:AE:92:38:9B:5E:8A:34
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/QXUzy0qVzPjMLOQR766SOJteijQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a040::/29
2a11:e8c0::/29
2a11:ea80::/29
2a11:ff40::/29
2a12:1040::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:8580::/29
2a12:8a00::/29
2a12:9300::/29
2a12:d080::/29
Signature Algorithm: sha256WithRSAEncryption
66:f7:93:43:ad:96:55:3c:e0:9e:1a:51:f8:db:7d:c3:8a:79:
16:6b:a6:97:e3:54:77:c5:4e:e0:23:37:56:9c:11:a0:2d:3c:
58:b1:29:81:b7:24:59:23:f8:4c:b1:8c:fc:5c:1f:26:9f:fa:
d7:ee:d3:e7:69:85:c1:b7:6b:6e:f0:d1:fd:34:1b:ea:d0:5c:
b6:ac:6d:7f:29:4e:00:9f:ad:b9:96:29:09:d7:f6:bb:75:0f:
3c:36:9b:99:2e:03:37:a2:3f:65:db:66:1b:2f:f3:ee:de:c2:
a3:c1:da:b0:1d:7a:b8:6d:7e:93:47:7d:7c:ba:42:43:df:ce:
2f:a9:7c:c6:4e:b8:9c:ad:83:03:50:9e:64:3a:76:83:8d:a3:
26:c6:35:f8:bf:07:49:54:80:9d:21:e4:2f:37:f7:3f:50:74:
83:57:14:e8:74:da:30:a9:76:bf:b5:99:4e:4d:fe:31:b0:02:
5b:d2:94:e3:f9:29:10:1e:93:72:be:40:46:a4:1f:b5:d0:0a:
39:5c:b4:c0:81:06:5e:3c:9c:d3:bd:93:af:5c:77:e4:f8:e4:
fa:a9:33:6e:90:9a:5b:46:ee:c3:8d:17:5d:80:a5:75:00:a8:
f1:44:1e:dc:80:5a:80:f7:a4:62:f5:d5:f6:23:78:b2:06:d7:
bb:d5:5e:6d
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY/keGogV5gMS9TPVsjIineCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjA0MTgxNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc1MzNjYjRhOTVjY2Y4Y2MyY2U0MTFlZmFlOTIzODliNWU4YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LOztJjZcQbF8H8/La+eJ0oiz4KS
az4T7A0xgzOULSKDx+xs5EpxGELx/hk0iJ7xQjnUMc/C1jEpboNf/fYiEx01Dr/T
+2ZS9+878xMwokwHeEbxcqT4e/D7FWMd/He9RlXZNAWpNvk3lYZhQ0ftzOVs6crM
1V1A3elBf00E1pIZi/sIfEFFfAZ6M1CgHcMH6KM2sVB4o3lzxpehaDmIL3EJlDMo
xE+YaGT3JctObXJxSLx29uz0OiYXz4SXDDKXFdlQUoZnt4D+EhBpxjpGSIIG2BEu
dqe7YkO8j4PgJqoqXpTljq70ho5gWe6Q/4jcqsoMsMLUmjN+oYAhLQsgXwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFEF1M8tKlcz4zCzkEe+ukjibXoo0MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUVhVenkwcVZ6UGpNTE9RUjc2NlNPSnRlaWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKhGgQAMF
AyoR6MADBQMqEeqAAwUDKhH/QAMFAyoSEEADBQMqEi6AAwUDKhI8AAMFAyoShYAD
BQMqEooAAwUDKhKTAAMFAyoS0IAwDQYJKoZIhvcNAQELBQADggEBAGb3k0OtllU8
4J4aUfjbfcOKeRZrppfjVHfFTuAjN1acEaAtPFixKYG3JFkj+EyxjPxcHyaf+tfu
0+dphcG3a27w0f00G+rQXLasbX8pTgCfrbmWKQnX9rt1Dzw2m5kuAzeiP2XbZhsv
8+7ewqPB2rAderhtfpNHfXy6QkPfzi+pfMZOuJytgwNQnmQ6doONoybGNfi/B0lU
gJ0h5C839z9QdINXFOh02jCpdr+1mU5N/jGwAlvSlOP5KRAek3K+QEakH7XQCjlc
tMCBBl48nNO9k69cd+T45PqpM26QmltG7sONF12ApXUAqPFEHtyAWoD3pGL11fYj
eLIG17vVXm0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:17:22 2024 by rpki-client on console-ams.rpki-client.org