Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qh7bTJwVXHFkwLKaKqh4Dv9LWRk.roa
File: Qh7bTJwVXHFkwLKaKqh4Dv9LWRk.roa (raw, json)
Hash identifier: STgnDSV9DFbLKW8aYyb1wFZNwzYzSj23ZyKqzEZtHpY=
Subject key identifier: 42:1E:DB:4C:9C:15:5C:71:64:C0:B2:9A:2A:A8:78:0E:FF:4B:59:19
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC6CB3FB11E65B5C16D09919BBC143FA5
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qh7bTJwVXHFkwLKaKqh4Dv9LWRk.roa
Signing time: Wed 10 Apr 2024 06:56:32 +0000
ROA not before: Wed 10 Apr 2024 06:56:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:e8c0::/29 maxlen: 29
2a11:ea80::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:1040::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9300::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:cb:3f:b1:1e:65:b5:c1:6d:09:91:9b:bc:14:3f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 10 06:56:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=421edb4c9c155c7164c0b29a2aa8780eff4b5919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:80:73:94:c1:e3:94:44:fd:b6:36:e1:af:96:
6a:93:e3:7e:94:01:68:b3:25:8a:a2:67:1c:90:bc:
8f:c5:1f:3a:c5:61:39:94:b2:7b:03:03:82:f7:bd:
53:71:7a:21:5b:72:c3:35:ee:57:13:cb:28:56:2a:
a9:81:13:34:43:5f:46:70:31:06:2e:0c:1f:d6:51:
95:33:11:14:1d:51:e2:8c:9d:5a:d6:7e:7d:b6:a1:
ff:10:80:f2:b7:10:27:b8:b3:ee:a8:18:92:df:9c:
b4:4e:a8:43:b9:04:88:1e:67:9d:8e:a7:5e:90:6a:
f6:79:09:b2:d7:c6:78:2f:6d:3a:3e:c7:f0:98:23:
c5:61:99:fe:f7:8d:a0:83:da:a5:e5:15:e6:3a:51:
6a:7e:2e:58:4d:09:d7:d2:1e:25:b9:ce:77:f3:47:
ec:d6:9b:0c:2d:48:21:63:8e:d8:7c:5e:2f:d9:df:
b9:66:b5:6c:5c:70:58:dd:6d:08:8b:df:a9:4d:b4:
ee:81:71:22:fb:c5:c8:74:b7:05:49:e3:44:af:49:
a5:8f:a1:5a:f2:78:d1:04:76:f7:dc:2c:0f:f3:0d:
e0:3b:44:95:0b:2f:70:96:77:86:46:f2:20:ad:56:
6c:5d:df:08:d2:18:09:62:ce:1e:78:1f:c2:0b:d2:
89:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:1E:DB:4C:9C:15:5C:71:64:C0:B2:9A:2A:A8:78:0E:FF:4B:59:19
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Qh7bTJwVXHFkwLKaKqh4Dv9LWRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e8c0::/29
2a11:ea80::/29
2a11:ff40::/29
2a12:1040::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:8580::/29
2a12:8a00::/29
2a12:9300::/29
2a12:d080::/29
Signature Algorithm: sha256WithRSAEncryption
39:97:11:91:ea:36:7e:01:0b:a8:3b:04:73:3c:71:7c:5f:93:
86:47:a8:77:ab:43:07:a8:d1:df:d7:99:c8:2d:86:44:aa:06:
c3:ec:94:98:50:cf:29:8f:4b:8a:24:69:89:ac:0e:c9:65:bd:
bb:ab:65:f1:26:70:17:cc:8d:75:10:83:96:fb:94:a3:4d:7b:
22:b9:1f:0a:2c:af:47:da:fd:fb:b6:e4:b7:6e:92:c5:41:09:
69:ee:04:30:19:11:9d:7c:bd:69:fa:1c:1f:60:b0:5d:60:5f:
36:ee:cf:ed:61:ee:34:24:f3:f1:3f:1f:ad:46:de:5a:aa:c8:
6c:6e:bb:48:61:5b:64:db:33:cc:04:84:79:1c:de:9b:0e:65:
60:cf:5d:8f:ec:d1:0f:a0:59:67:36:01:51:8c:e6:66:24:20:
6f:9d:d9:18:a3:b6:8e:12:90:57:a4:9a:d1:ff:28:ca:06:52:
55:cd:65:90:f2:68:d3:bf:70:43:16:00:89:97:0a:24:76:e1:
d0:77:64:77:46:c6:96:e8:50:bf:6f:40:80:3c:35:c9:59:ba:
79:07:9c:3f:1a:7f:d8:39:34:1e:1f:0e:b2:87:3c:be:a6:91:
a3:fe:b8:31:9d:05:69:6c:27:d0:18:0b:61:d3:84:e5:85:6b:
a1:19:f3:66
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY7Gyz+xHmW1wW0JkZu8FD+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDEwMDY1NjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjFlZGI0YzljMTU1YzcxNjRjMGIyOWEyYWE4NzgwZWZmNGI1OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IBzlMHjlET9tjbhr5Zqk+N+lAFo
syWKomcckLyPxR86xWE5lLJ7AwOC971TcXohW3LDNe5XE8soViqpgRM0Q19GcDEG
Lgwf1lGVMxEUHVHijJ1a1n59tqH/EIDytxAnuLPuqBiS35y0TqhDuQSIHmedjqde
kGr2eQmy18Z4L206PsfwmCPFYZn+942gg9ql5RXmOlFqfi5YTQnX0h4luc5380fs
1psMLUghY47YfF4v2d+5ZrVsXHBY3W0Ii9+pTbTugXEi+8XIdLcFSeNEr0mlj6Fa
8njRBHb33CwP8w3gO0SVCy9wlneGRvIgrVZsXd8I0hgJYs4eeB/CC9KJawIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEIe20ycFVxxZMCymiqoeA7/S1kZMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUWg3YlRKd1ZYSEZrd0xLYUtxaDREdjlMV1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKhHowAMF
AyoR6oADBQMqEf9AAwUDKhIQQAMFAyoSLoADBQMqEjwAAwUDKhKFgAMFAyoSigAD
BQMqEpMAAwUDKhLQgDANBgkqhkiG9w0BAQsFAAOCAQEAOZcRkeo2fgELqDsEczxx
fF+Thkeod6tDB6jR39eZyC2GRKoGw+yUmFDPKY9LiiRpiawOyWW9u6tl8SZwF8yN
dRCDlvuUo017IrkfCiyvR9r9+7bkt26SxUEJae4EMBkRnXy9afocH2CwXWBfNu7P
7WHuNCTz8T8frUbeWqrIbG67SGFbZNszzASEeRzemw5lYM9dj+zRD6BZZzYBUYzm
ZiQgb53ZGKO2jhKQV6Sa0f8oygZSVc1lkPJo079wQxYAiZcKJHbh0Hdkd0bGluhQ
v29AgDw1yVm6eQecPxp/2Dk0Hh8Osoc8vqaRo/64MZ0FaWwn0BgLYdOE5YVroRnz
Zg==
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:12:09 2024 by rpki-client on console-ams.rpki-client.org