Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/TOP1EYHTkAe6HDdYP1k-OACQXto.roa
File: TOP1EYHTkAe6HDdYP1k-OACQXto.roa (raw, json)
Hash identifier: KiUUcIMwzFa9ZOW+N2B/bdFIae3XigtqxNo8EYvUy98=
Subject key identifier: 4C:E3:F5:11:81:D3:90:07:BA:1C:37:58:3F:59:3E:38:00:90:5E:DA
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 019084D74469D5B41ED25B8315302E388B4B
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/TOP1EYHTkAe6HDdYP1k-OACQXto.roa
Signing time: Fri 05 Jul 2024 21:40:18 +0000
ROA not before: Fri 05 Jul 2024 21:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a11:4040::/29 maxlen: 29
2a11:6540::/29 maxlen: 29
2a11:6580::/29 maxlen: 29
2a11:6d00::/29 maxlen: 29
2a11:84c0::/29 maxlen: 29
2a11:9f40::/29 maxlen: 29
2a11:a180::/29 maxlen: 29
2a12:2040::/29 maxlen: 29
2a12:2fc0::/29 maxlen: 29
2a12:38c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Aug 2024 13:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:84:d7:44:69:d5:b4:1e:d2:5b:83:15:30:2e:38:8b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Jul 5 21:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ce3f51181d39007ba1c37583f593e3800905eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bd:82:c5:88:09:48:17:d3:5d:83:2f:37:c7:
f5:b7:b7:08:c3:d2:4e:af:cf:35:07:77:f9:a7:61:
f2:29:b3:5a:13:74:0d:d2:55:2e:71:88:59:d3:e3:
94:6a:e1:b2:ca:b7:8b:36:00:71:9c:1a:83:95:b3:
67:69:e2:e3:d6:d4:43:74:e0:5c:28:e8:6b:d9:fe:
b7:59:17:cb:56:90:85:74:9e:dc:fd:30:7c:93:26:
13:4c:6e:6f:bf:75:b8:e8:ef:70:be:07:a7:52:fb:
26:e5:97:48:cb:4c:c9:af:e5:8b:ef:22:b9:94:78:
f0:f4:97:dd:e8:c7:e3:38:5c:95:58:21:0e:1b:f1:
9c:47:24:6b:18:67:6e:92:48:ec:88:6f:fa:f5:fc:
d3:87:50:41:23:72:73:36:6e:22:19:2a:7c:d0:ec:
2a:a2:61:ce:c4:ec:a7:86:5a:f4:bd:40:45:57:e0:
1b:26:c3:70:5b:39:c1:1d:0a:58:f3:79:19:8e:f8:
f4:f1:be:66:c1:29:26:fd:5c:4c:7e:38:e2:ed:1e:
52:b0:8b:f1:24:4e:76:bf:26:f9:17:5e:8b:fd:ed:
f7:bc:9e:c9:f8:1a:c7:a2:31:48:54:7c:cf:97:06:
43:6e:fd:a2:e3:49:2b:23:bb:71:7d:aa:ac:15:da:
81:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E3:F5:11:81:D3:90:07:BA:1C:37:58:3F:59:3E:38:00:90:5E:DA
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/TOP1EYHTkAe6HDdYP1k-OACQXto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4040::/29
2a11:6540::/29
2a11:6580::/29
2a11:6d00::/29
2a11:84c0::/29
2a11:9f40::/29
2a11:a180::/29
2a12:2040::/29
2a12:2fc0::/29
2a12:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:42:fc:d0:06:20:85:ab:2e:b6:e4:89:0c:f4:7a:d1:e5:8b:
8e:29:ef:ed:51:a7:2b:99:d8:b7:a7:8b:ee:56:03:82:f4:05:
9b:3c:c8:06:20:23:6d:31:d9:c3:f0:8e:46:22:00:2f:52:38:
72:d0:be:6f:34:b7:f0:18:a0:32:f8:65:ce:89:36:0d:32:de:
f5:b9:a6:f4:4f:d9:9c:af:0e:08:75:d8:05:fd:57:88:00:d8:
5f:97:c4:d7:52:df:7d:b4:4c:bb:0d:df:58:38:20:f2:f9:6e:
c8:c2:20:c7:a6:8f:64:36:5c:b5:11:8a:75:a4:d1:95:c2:2b:
af:15:fa:c4:5e:7a:65:4e:a5:63:cf:09:14:3f:6f:6d:c8:24:
60:ae:27:21:ee:17:66:40:ac:fd:55:b0:82:01:a3:67:4f:81:
60:3b:85:d8:5b:c9:54:b7:a9:ba:32:d2:8d:d0:f3:fd:b8:52:
7a:66:68:19:4b:1c:ec:20:c9:5a:a7:32:81:3c:e2:94:f7:ab:
a1:42:d8:67:10:5e:b9:18:49:c9:12:32:49:bd:e3:69:03:74:
70:d1:21:83:fb:c9:7d:92:5a:22:95:50:d9:6d:de:be:72:a0:
29:57:ec:85:cc:25:23:ca:97:86:73:49:e9:c9:57:50:21:30:
ba:ca:80:40
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZCE10Rp1bQe0luDFTAuOItLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwNzA1MjE0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2UzZjUxMTgxZDM5MDA3YmExYzM3NTgzZjU5M2UzODAwOTA1ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm72CxYgJSBfTXYMvN8f1t7cIw9JO
r881B3f5p2HyKbNaE3QN0lUucYhZ0+OUauGyyreLNgBxnBqDlbNnaeLj1tRDdOBc
KOhr2f63WRfLVpCFdJ7c/TB8kyYTTG5vv3W46O9wvgenUvsm5ZdIy0zJr+WL7yK5
lHjw9Jfd6MfjOFyVWCEOG/GcRyRrGGdukkjsiG/69fzTh1BBI3JzNm4iGSp80Owq
omHOxOynhlr0vUBFV+AbJsNwWznBHQpY83kZjvj08b5mwSkm/VxMfjji7R5SsIvx
JE52vyb5F16L/e33vJ7J+BrHojFIVHzPlwZDbv2i40krI7txfaqsFdqBjwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEzj9RGB05AHuhw3WD9ZPjgAkF7aMB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvVE9QMUVZSFRrQWU2SERkWVAxay1PQUNRWHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKhFAQAMF
AyoRZUADBQMqEWWAAwUDKhFtAAMFAyoRhMADBQMqEZ9AAwUDKhGhgAMFAyoSIEAD
BQMqEi/AAwUDKhI4wDANBgkqhkiG9w0BAQsFAAOCAQEAG0L80AYghasutuSJDPR6
0eWLjinv7VGnK5nYt6eL7lYDgvQFmzzIBiAjbTHZw/CORiIAL1I4ctC+bzS38Big
Mvhlzok2DTLe9bmm9E/ZnK8OCHXYBf1XiADYX5fE11LffbRMuw3fWDgg8vluyMIg
x6aPZDZctRGKdaTRlcIrrxX6xF56ZU6lY88JFD9vbcgkYK4nIe4XZkCs/VWwggGj
Z0+BYDuF2FvJVLepujLSjdDz/bhSemZoGUsc7CDJWqcygTzilPeroULYZxBeuRhJ
yRIySb3jaQN0cNEhg/vJfZJaIpVQ2W3evnKgKVfshcwlI8qXhnNJ6clXUCEwusqA
QA==
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:53:12 2024 by rpki-client on console-ams.rpki-client.org