Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/0d1QR1DMh0owVLEJvCHU7fjd_lw.roa
File: 0d1QR1DMh0owVLEJvCHU7fjd_lw.roa (raw, json)
Hash identifier: 42G3DLgZmImRtHUU8dP2LNqlX1YuJNkevQSa1Hdyvv0=
Subject key identifier: D1:DD:50:47:50:CC:87:4A:30:54:B1:09:BC:21:D4:ED:F8:DD:FE:5C
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018FE4B217815BF13989F83B48F33DEDED0B
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/0d1QR1DMh0owVLEJvCHU7fjd_lw.roa
Signing time: Tue 04 Jun 2024 19:20:27 +0000
ROA not before: Tue 04 Jun 2024 19:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:8f82::/32 maxlen: 32
2a11:8f87::/32 maxlen: 32
2a11:f180::/32 maxlen: 32
2a11:f181::/32 maxlen: 32
2a12:1803::/32 maxlen: 32
2a12:1805::/32 maxlen: 32
2a12:1cc1::/32 maxlen: 32
2a12:1cc5::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Jun 2024 15:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e4:b2:17:81:5b:f1:39:89:f8:3b:48:f3:3d:ed:ed:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jun 4 19:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1dd504750cc874a3054b109bc21d4edf8ddfe5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:89:b2:30:66:af:58:1a:ef:44:49:d6:2a:ba:
62:2d:04:1b:bb:79:28:f6:2b:b8:55:1b:ad:bd:cf:
1d:a5:f3:b3:25:b7:a7:d3:5c:ff:8d:fd:cb:c5:55:
1b:fd:30:9f:f8:2c:c9:2e:ad:c7:bb:31:7b:0f:15:
59:67:43:53:1f:23:e1:3a:8f:b1:15:33:5b:a2:5e:
bc:fd:10:ad:83:fb:55:c1:11:d1:f9:c7:5b:80:86:
b2:30:a2:d8:7c:ae:5d:80:b7:54:0c:f5:59:6c:58:
00:bd:fe:15:40:2a:06:cf:e5:18:82:66:eb:9b:7f:
90:fd:5c:56:12:d7:9e:b6:90:3b:e7:a3:f2:1d:24:
69:36:82:05:81:03:f9:b9:73:fd:2a:60:b7:d7:bb:
4f:a3:33:a7:96:e2:fc:30:3d:e5:78:07:37:a0:86:
fd:05:ff:5d:08:9c:4e:d0:6f:e6:fe:44:04:fe:6e:
df:65:a2:fa:4f:cc:ec:db:8b:c6:6f:21:3e:30:5e:
b2:90:8e:94:8b:ac:39:c0:a4:9a:b4:f7:6d:36:18:
da:0c:ab:af:3d:d5:27:65:2d:40:cc:f7:ed:17:a5:
13:8f:6c:11:0f:67:ae:25:70:e1:10:08:ee:a1:e3:
34:bd:81:ad:da:7f:ed:18:4b:e8:96:43:e4:66:89:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DD:50:47:50:CC:87:4A:30:54:B1:09:BC:21:D4:ED:F8:DD:FE:5C
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/0d1QR1DMh0owVLEJvCHU7fjd_lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8f82::/32
2a11:8f87::/32
2a11:f180::/31
2a12:1803::/32
2a12:1805::/32
2a12:1cc1::/32
2a12:1cc5::/32
Signature Algorithm: sha256WithRSAEncryption
ba:ca:24:ba:33:91:22:b7:a9:a1:03:21:dc:be:5a:12:9a:00:
c3:35:4c:2c:84:1d:36:df:6d:17:b7:e1:77:b5:8a:d1:77:5d:
83:f6:5d:dd:b2:ff:7a:7a:a6:d4:b8:ea:66:8d:e0:02:1e:fe:
92:86:d5:b1:b1:7a:26:82:8f:93:48:f0:74:ef:c8:b4:68:60:
52:83:6e:b7:34:6b:05:bb:8e:c7:c0:65:12:ed:90:cd:5b:50:
59:02:79:85:70:6b:63:19:ea:56:e0:e2:8e:ad:86:68:d2:d4:
6f:3f:1f:41:67:3f:7f:df:69:53:a0:e7:0b:f9:49:ce:7d:12:
2b:f5:a9:a4:73:83:4c:73:4c:80:2d:7f:c9:3f:9a:30:4b:e5:
11:4b:3a:b2:13:4c:0b:1f:e2:79:a3:6b:9f:83:bd:42:b9:fe:
54:2b:cc:1e:5e:8f:eb:68:bd:a2:bc:fd:a3:53:3b:07:7d:fa:
60:89:e6:85:6a:0a:a0:12:1e:39:58:4d:7d:15:7f:4c:f2:32:
4b:30:84:e4:1b:90:26:f8:7c:af:64:35:7d:17:94:03:34:43:
54:14:d5:90:f9:be:4a:0c:d1:ab:46:85:af:d4:7c:5c:12:12:
7d:2e:04:32:bd:0e:a5:a1:14:1e:db:28:23:5c:53:fd:bd:00:
6b:89:2e:d6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY/ksheBW/E5ifg7SPM97e0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwNjA0MTkyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRkNTA0NzUwY2M4NzRhMzA1NGIxMDliYzIxZDRlZGY4ZGRmZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4myMGavWBrvREnWKrpiLQQbu3ko
9iu4VRutvc8dpfOzJben01z/jf3LxVUb/TCf+CzJLq3HuzF7DxVZZ0NTHyPhOo+x
FTNbol68/RCtg/tVwRHR+cdbgIayMKLYfK5dgLdUDPVZbFgAvf4VQCoGz+UYgmbr
m3+Q/VxWEteetpA756PyHSRpNoIFgQP5uXP9KmC317tPozOnluL8MD3leAc3oIb9
Bf9dCJxO0G/m/kQE/m7fZaL6T8zs24vGbyE+MF6ykI6Ui6w5wKSatPdtNhjaDKuv
PdUnZS1AzPftF6UTj2wRD2euJXDhEAjuoeM0vYGt2n/tGEvolkPkZomM8wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNHdUEdQzIdKMFSxCbwh1O343f5cMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvMGQxUVIxRE1oMG93VkxFSnZDSFU3ZmpkX2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKhGPggMF
ACoRj4cDBQEqEfGAAwUAKhIYAwMFACoSGAUDBQAqEhzBAwUAKhIcxTANBgkqhkiG
9w0BAQsFAAOCAQEAusokujORIrepoQMh3L5aEpoAwzVMLIQdNt9tF7fhd7WK0Xdd
g/Zd3bL/enqm1LjqZo3gAh7+kobVsbF6JoKPk0jwdO/ItGhgUoNutzRrBbuOx8Bl
Eu2QzVtQWQJ5hXBrYxnqVuDijq2GaNLUbz8fQWc/f99pU6DnC/lJzn0SK/WppHOD
THNMgC1/yT+aMEvlEUs6shNMCx/ieaNrn4O9Qrn+VCvMHl6P62i9orz9o1M7B336
YInmhWoKoBIeOVhNfRV/TPIySzCE5BuQJvh8r2Q1fReUAzRDVBTVkPm+SgzRq0aF
r9R8XBISfS4EMr0OpaEUHtsoI1xT/b0Aa4ku1g==
-----END CERTIFICATE-----
Generated at Tue Jun 11 19:46:37 2024 by rpki-client on console-fra.rpki-client.org