Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/We4E8VGxymYfFwZHAkHBiVsQQDk.roa
File: We4E8VGxymYfFwZHAkHBiVsQQDk.roa (raw, json)
Hash identifier: mKQTd7PhU6V6IoAn/93/4Yb/+yiVCCMn3MG0KDPDra4=
Subject key identifier: 59:EE:04:F1:51:B1:CA:66:1F:17:06:47:02:41:C1:89:5B:10:40:39
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018E6C142C3F4E3339C8ED4279F14203CF8F
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/We4E8VGxymYfFwZHAkHBiVsQQDk.roa
Signing time: Sat 23 Mar 2024 16:10:45 +0000
ROA not before: Sat 23 Mar 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:8f87::/32 maxlen: 32
2a11:f181::/32 maxlen: 32
2a12:1805::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:41:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6c:14:2c:3f:4e:33:39:c8:ed:42:79:f1:42:03:cf:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Mar 23 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59ee04f151b1ca661f1706470241c1895b104039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:25:d7:36:05:c9:9e:50:ff:b3:62:46:18:f3:
69:15:1a:b5:ea:cb:50:49:55:61:b1:4c:3d:34:64:
48:6c:20:38:d6:50:b3:18:46:e2:fe:7c:62:9f:4a:
6e:9e:61:9b:e9:44:7d:d2:b1:3e:0a:57:6c:8e:41:
50:90:f9:ed:4e:19:94:71:ca:7a:3c:8c:b7:7b:1d:
06:86:40:99:12:2e:73:70:f1:a8:6a:c5:40:dd:5a:
4e:ab:73:67:98:6a:82:f7:37:57:81:8b:8e:e0:98:
02:b5:61:14:20:88:36:1a:09:c8:79:f5:09:f2:c2:
43:01:38:b7:8f:be:00:f0:ee:1a:85:1c:0c:7c:6a:
e7:7e:de:8f:d2:4d:a0:06:77:ae:ae:53:21:54:d5:
4c:12:89:da:e7:00:d7:44:c0:7d:d6:5d:6a:18:fa:
80:ef:ca:43:ca:3a:5e:24:22:73:57:28:6d:b8:25:
f1:23:d9:09:d0:5e:4b:46:bd:ed:8b:92:1c:5d:1f:
1d:11:07:71:ed:7a:b9:f8:f5:3a:05:62:52:a3:51:
a2:c0:ff:af:34:11:74:d3:24:ec:35:0c:90:a9:5b:
4c:26:ab:2f:ad:04:2d:a0:0e:77:1c:00:2f:0f:8e:
60:f3:23:09:61:f1:8b:79:c8:02:4a:ab:eb:6d:13:
5b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EE:04:F1:51:B1:CA:66:1F:17:06:47:02:41:C1:89:5B:10:40:39
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/We4E8VGxymYfFwZHAkHBiVsQQDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8f87::/32
2a11:f181::/32
2a12:1805::/32
Signature Algorithm: sha256WithRSAEncryption
62:9b:4f:ee:aa:5c:d1:a5:6e:76:77:9e:2c:46:53:1f:e8:c9:
43:b1:de:b8:91:ff:da:02:76:8c:98:99:14:3e:5d:dd:42:31:
4a:fa:1d:05:47:b7:8b:08:08:85:98:bc:3e:c1:e5:a8:4e:08:
d0:b5:27:01:3f:c9:56:30:80:76:0b:e1:04:0a:8c:52:06:3d:
74:23:45:8c:ec:4d:4c:a7:d6:8a:e4:15:97:8e:52:30:81:a3:
27:a9:11:98:e4:db:28:fd:b7:59:a8:f2:04:f0:8f:93:04:50:
ac:15:4e:3f:00:a5:ed:91:da:88:4d:1b:fd:74:c9:6a:0b:da:
81:60:84:92:a6:b8:26:d8:f8:95:fc:e8:d3:dd:eb:93:e4:fe:
0a:24:8a:5f:cf:db:76:90:30:e1:0e:aa:98:59:cf:4f:0a:b8:
3a:b1:e6:16:b1:ee:e4:16:88:c8:46:82:9a:ca:b5:04:5b:fb:
ef:4b:3e:fb:fa:79:24:b1:dc:b1:3c:da:98:6f:74:9e:dd:75:
d1:82:78:46:2f:ec:92:26:54:ac:72:e8:9e:d7:fc:ad:a6:7f:
66:9f:55:65:c6:e9:53:de:7a:81:b8:60:89:c4:bc:d7:3a:64:
6c:fe:56:c8:0d:e9:87:50:2f:a8:a9:b0:e6:66:66:bc:61:29:
a0:b0:37:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5sFCw/TjM5yO1CefFCA8+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMzIzMTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWVlMDRmMTUxYjFjYTY2MWYxNzA2NDcwMjQxYzE4OTViMTA0MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCXXNgXJnlD/s2JGGPNpFRq16stQ
SVVhsUw9NGRIbCA41lCzGEbi/nxin0punmGb6UR90rE+CldsjkFQkPntThmUccp6
PIy3ex0GhkCZEi5zcPGoasVA3VpOq3NnmGqC9zdXgYuO4JgCtWEUIIg2GgnIefUJ
8sJDATi3j74A8O4ahRwMfGrnft6P0k2gBneurlMhVNVMEona5wDXRMB91l1qGPqA
78pDyjpeJCJzVyhtuCXxI9kJ0F5LRr3ti5IcXR8dEQdx7Xq5+PU6BWJSo1GiwP+v
NBF00yTsNQyQqVtMJqsvrQQtoA53HAAvD45g8yMJYfGLecgCSqvrbRNbTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFnuBPFRscpmHxcGRwJBwYlbEEA5MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvV2U0RThWR3h5bVlmRndaSEFrSEJpVnNRUURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhGPhwMF
ACoR8YEDBQAqEhgFMA0GCSqGSIb3DQEBCwUAA4IBAQBim0/uqlzRpW52d54sRlMf
6MlDsd64kf/aAnaMmJkUPl3dQjFK+h0FR7eLCAiFmLw+weWoTgjQtScBP8lWMIB2
C+EECoxSBj10I0WM7E1Mp9aK5BWXjlIwgaMnqRGY5Nso/bdZqPIE8I+TBFCsFU4/
AKXtkdqITRv9dMlqC9qBYISSprgm2PiV/OjT3euT5P4KJIpfz9t2kDDhDqqYWc9P
Crg6seYWse7kFojIRoKayrUEW/vvSz77+nkksdyxPNqYb3Se3XXRgnhGL+ySJlSs
cuie1/ytpn9mn1VlxulT3nqBuGCJxLzXOmRs/lbIDemHUC+oqbDmZma8YSmgsDc5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:18 2024 by rpki-client on console-ams.rpki-client.org