Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yRbgo8Z5X8umzHSdfcnyeOBa3xw.roa
File: yRbgo8Z5X8umzHSdfcnyeOBa3xw.roa (raw, json)
Hash identifier: K9nCw/lz7tbVkNF9RnkllhJ9BhJ9Dv0LKjqBjBkfTHo=
Subject key identifier: C9:16:E0:A3:C6:79:5F:CB:A6:CC:74:9D:7D:C9:F2:78:E0:5A:DF:1C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019007F461022869BF46034982FFAE485D59
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yRbgo8Z5X8umzHSdfcnyeOBa3xw.roa
Signing time: Tue 11 Jun 2024 15:39:34 +0000
ROA not before: Tue 11 Jun 2024 15:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:e9c3::/32 maxlen: 32
2a14:2dc0::/32 maxlen: 32
2a14:2dc1::/32 maxlen: 32
2a14:2dc2::/32 maxlen: 32
2a14:2dc3::/32 maxlen: 32
2a14:2dc4::/32 maxlen: 32
2a14:2dc5::/32 maxlen: 32
2a14:2dc6::/32 maxlen: 32
2a14:2dc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:47:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:07:f4:61:02:28:69:bf:46:03:49:82:ff:ae:48:5d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 11 15:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c916e0a3c6795fcba6cc749d7dc9f278e05adf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:8f:8f:68:3c:6e:d2:a5:12:31:97:16:b8:
d2:b7:9e:ab:6d:00:13:3f:7b:91:09:35:13:53:86:
09:ff:bf:51:58:95:b1:1f:fa:1f:7a:5b:c1:e1:ea:
66:d9:43:28:78:ba:98:2e:2f:d7:20:22:3d:67:06:
88:c6:19:6a:5b:f0:2e:5e:0b:19:32:c0:3e:09:e0:
c2:78:33:0e:5c:0d:eb:b3:45:83:2f:d5:c1:f7:cb:
0e:1e:45:f0:79:db:50:2c:42:d1:1b:26:32:0a:21:
1f:a1:b4:30:0c:7c:13:39:da:01:67:a9:e2:07:06:
5a:a2:b3:4f:d9:ba:57:27:9d:d2:71:d8:08:27:09:
3f:89:20:5d:2c:db:d8:e5:18:48:9b:ea:bd:a4:52:
2d:95:d5:4d:73:e4:ea:cb:e2:a9:de:4c:9f:bf:39:
9d:4e:49:ad:f0:5d:29:26:eb:3d:73:3c:5a:c6:be:
ec:9a:56:46:d9:1a:be:4c:da:ac:45:95:3f:fc:16:
39:1b:28:c8:85:d5:d3:82:8b:ee:15:4c:25:05:20:
a9:d0:d9:23:d1:03:94:25:c4:fc:eb:87:13:eb:d1:
2d:c1:ca:99:d2:3d:c9:d3:6a:03:02:9b:57:6f:1c:
d7:1d:5e:6b:f2:cf:a5:e8:8d:c5:09:50:63:41:23:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:16:E0:A3:C6:79:5F:CB:A6:CC:74:9D:7D:C9:F2:78:E0:5A:DF:1C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/yRbgo8Z5X8umzHSdfcnyeOBa3xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e9c3::/32
2a14:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
96:f9:04:d0:d1:e3:33:9b:74:f2:c3:33:4e:05:35:a9:ad:39:
0d:de:b7:2b:a1:94:84:54:b5:25:47:76:46:03:63:53:70:8a:
46:cc:cf:32:69:4c:d0:0c:ed:dc:55:44:82:6e:fc:6b:08:a6:
ca:b0:4c:ac:d7:42:35:1c:ca:22:d3:8c:d8:4e:1b:c5:31:cc:
0c:3e:36:8e:b4:fd:73:d1:0d:a2:30:2f:39:93:ad:40:84:0d:
06:ac:0c:cd:49:8c:53:14:ee:b0:18:a2:dc:db:8c:82:58:7d:
a5:ee:a7:10:d3:b1:98:f0:09:87:66:e2:ea:56:58:a8:9e:55:
ad:57:0e:6f:e8:c3:35:2f:95:9d:2d:b9:0b:1c:80:f3:32:76:
7f:d7:f2:26:6a:d5:9f:f7:86:64:37:94:b7:33:82:4d:59:cd:
3f:99:41:d4:57:0b:f8:7d:38:44:84:99:d3:e0:a5:63:b3:46:
ec:2e:56:8b:1f:ca:20:23:0d:3b:d4:f5:ae:dc:91:b9:24:e7:
b6:39:44:a1:c5:38:ac:c8:43:5d:1d:dc:32:2e:72:79:f9:23:
23:22:b4:66:08:b4:61:72:af:07:6b:56:6d:8e:65:9e:92:04:
70:ca:64:6e:d5:32:50:1a:a7:bc:62:6e:49:97:4f:ab:9a:dd:
e4:93:dc:9a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZAH9GECKGm/RgNJgv+uSF1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjExMTUzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE2ZTBhM2M2Nzk1ZmNiYTZjYzc0OWQ3ZGM5ZjI3OGUwNWFkZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfePj2g8btKlEjGXFrjSt56rbQAT
P3uRCTUTU4YJ/79RWJWxH/ofelvB4epm2UMoeLqYLi/XICI9ZwaIxhlqW/AuXgsZ
MsA+CeDCeDMOXA3rs0WDL9XB98sOHkXwedtQLELRGyYyCiEfobQwDHwTOdoBZ6ni
BwZaorNP2bpXJ53ScdgIJwk/iSBdLNvY5RhIm+q9pFItldVNc+Tqy+Kp3kyfvzmd
Tkmt8F0pJus9czxaxr7smlZG2Rq+TNqsRZU//BY5GyjIhdXTgovuFUwlBSCp0Nkj
0QOUJcT864cT69EtwcqZ0j3J02oDAptXbxzXHV5r8s+l6I3FCVBjQSMOQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMkW4KPGeV/Lpsx0nX3J8njgWt8cMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEveVJiZ284WjVYOHVtekhTZGZjbnllT0JhM3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhHpwwMF
AyoULcAwDQYJKoZIhvcNAQELBQADggEBAJb5BNDR4zObdPLDM04FNamtOQ3etyuh
lIRUtSVHdkYDY1NwikbMzzJpTNAM7dxVRIJu/GsIpsqwTKzXQjUcyiLTjNhOG8Ux
zAw+No60/XPRDaIwLzmTrUCEDQasDM1JjFMU7rAYotzbjIJYfaXupxDTsZjwCYdm
4upWWKieVa1XDm/owzUvlZ0tuQscgPMydn/X8iZq1Z/3hmQ3lLczgk1ZzT+ZQdRX
C/h9OESEmdPgpWOzRuwuVosfyiAjDTvU9a7ckbkk57Y5RKHFOKzIQ10d3DIucnn5
IyMitGYItGFyrwdrVm2OZZ6SBHDKZG7VMlAap7xibkmXT6ua3eST3Jo=
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:47 2024 by rpki-client on console-fra.rpki-client.org