Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/X7iuRdgZ1Td7kP-P8tLkq0YWdvs.roa
File: X7iuRdgZ1Td7kP-P8tLkq0YWdvs.roa (raw, json)
Hash identifier: QvPgzRJJUrvtTSZ/81z0anXRtWe4HguZqe1c8fRUiNw=
Subject key identifier: 5F:B8:AE:45:D8:19:D5:37:7B:90:FF:8F:F2:D2:E4:AB:46:16:76:FB
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 01915B76DF6D668C75949A30FBFE966EFACC
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/X7iuRdgZ1Td7kP-P8tLkq0YWdvs.roa
Signing time: Fri 16 Aug 2024 13:53:22 +0000
ROA not before: Fri 16 Aug 2024 13:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a11:4040::/29 maxlen: 29
2a11:6540::/29 maxlen: 29
2a11:6580::/29 maxlen: 29
2a11:6d00::/29 maxlen: 29
2a11:84c0::/29 maxlen: 29
2a11:9f40::/29 maxlen: 29
2a11:a180::/29 maxlen: 29
2a12:2040::/29 maxlen: 29
2a12:2fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Aug 2024 21:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:76:df:6d:66:8c:75:94:9a:30:fb:fe:96:6e:fa:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Aug 16 13:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fb8ae45d819d5377b90ff8ff2d2e4ab461676fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:32:bf:67:24:29:bb:98:d3:d0:70:53:d6:40:
02:87:4c:cf:11:93:48:84:9c:ab:e4:e5:31:2a:ca:
a5:ff:9d:43:44:8f:7d:5c:c9:30:3a:07:d8:9a:24:
6a:06:f1:2c:19:85:b4:e7:5e:fb:67:db:a4:73:9a:
af:97:05:19:82:17:c0:8d:c6:41:af:fb:d6:19:2b:
06:b7:c3:57:0b:70:42:f8:a8:32:14:b6:e4:25:e6:
fd:63:71:00:ac:40:89:57:94:5d:ed:0a:42:b0:1e:
18:13:9f:fd:9e:14:22:f8:60:e6:4e:e7:18:21:7e:
7c:66:fb:6a:36:4a:de:26:14:4e:45:9a:58:5e:83:
7d:1a:16:77:73:29:a4:b7:18:b9:d5:d8:ee:91:83:
d4:9c:e7:a6:81:c1:b7:95:6a:13:47:d7:24:6a:bc:
bf:bf:c1:24:ff:d0:11:a5:3c:2a:e4:c3:3a:c6:7e:
93:1b:fe:24:0d:f6:d3:77:8a:d0:5b:b4:e7:79:ae:
c7:84:29:ff:fe:3d:06:6e:95:b2:ff:5d:b0:b4:4d:
91:07:49:6e:b6:87:b5:d2:9c:6a:8c:5b:c1:ef:d4:
50:c6:d0:18:c4:a7:37:6e:e6:13:0a:d7:da:b5:0a:
b5:52:8b:fe:26:95:ea:d3:f9:5e:20:a2:0b:9d:c8:
20:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B8:AE:45:D8:19:D5:37:7B:90:FF:8F:F2:D2:E4:AB:46:16:76:FB
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/X7iuRdgZ1Td7kP-P8tLkq0YWdvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4040::/29
2a11:6540::/29
2a11:6580::/29
2a11:6d00::/29
2a11:84c0::/29
2a11:9f40::/29
2a11:a180::/29
2a12:2040::/29
2a12:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:6f:8b:30:0a:7a:86:ae:8e:73:3c:1b:d1:b5:d0:8c:37:3c:
64:f6:31:6b:c5:2f:14:4f:85:d4:12:dc:6a:2c:99:0b:6b:a4:
d0:48:ce:e4:4b:a3:f4:9e:72:55:e5:dc:c9:8e:e4:84:6f:fb:
13:58:0f:46:45:dc:e5:51:e7:b5:6a:94:9c:0b:98:83:ab:63:
d8:ef:a2:40:d3:1f:6b:db:8e:4b:83:fd:4a:b4:2e:9d:53:9b:
61:a6:99:d8:fa:35:95:e6:3b:6c:d4:07:05:aa:1b:75:11:73:
bf:9e:58:10:0a:a9:ee:eb:e8:52:07:fc:d6:09:0f:0f:4d:35:
20:04:55:5d:fa:79:4c:15:19:e8:1e:8e:26:b5:38:83:5c:70:
4f:0e:a0:ce:b0:8c:69:3f:94:eb:45:28:33:71:88:90:e9:81:
88:a2:a0:8f:a4:1d:7f:e3:7b:98:b2:7c:e0:c9:69:f7:46:9b:
93:32:6c:47:49:cf:06:9f:2c:2a:de:50:3b:f3:70:ff:ed:d3:
a3:b2:bf:1f:f4:ec:8e:64:da:95:76:70:92:6f:c4:3a:13:09:
03:53:fc:3e:8e:26:28:4f:6b:ad:48:cc:0e:6b:12:14:47:18:
94:eb:52:fb:27:c3:1d:3a:7f:0f:6f:e1:4c:79:17:61:87:aa:
cb:0c:44:8b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZFbdt9tZox1lJow+/6WbvrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwODE2MTM1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmI4YWU0NWQ4MTlkNTM3N2I5MGZmOGZmMmQyZTRhYjQ2MTY3NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDK/ZyQpu5jT0HBT1kACh0zPEZNI
hJyr5OUxKsql/51DRI99XMkwOgfYmiRqBvEsGYW05177Z9ukc5qvlwUZghfAjcZB
r/vWGSsGt8NXC3BC+KgyFLbkJeb9Y3EArECJV5Rd7QpCsB4YE5/9nhQi+GDmTucY
IX58ZvtqNkreJhRORZpYXoN9GhZ3cymktxi51djukYPUnOemgcG3lWoTR9ckary/
v8Ek/9ARpTwq5MM6xn6TG/4kDfbTd4rQW7Tnea7HhCn//j0GbpWy/12wtE2RB0lu
toe10pxqjFvB79RQxtAYxKc3buYTCtfatQq1Uov+JpXq0/leIKILncggkQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFF+4rkXYGdU3e5D/j/LS5KtGFnb7MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvWDdpdVJkZ1oxVGQ3a1AtUDh0TGtxMFlXZHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhFAQAMF
AyoRZUADBQMqEWWAAwUDKhFtAAMFAyoRhMADBQMqEZ9AAwUDKhGhgAMFAyoSIEAD
BQMqEi/AMA0GCSqGSIb3DQEBCwUAA4IBAQAab4swCnqGro5zPBvRtdCMNzxk9jFr
xS8UT4XUEtxqLJkLa6TQSM7kS6P0nnJV5dzJjuSEb/sTWA9GRdzlUee1apScC5iD
q2PY76JA0x9r245Lg/1KtC6dU5thppnY+jWV5jts1AcFqht1EXO/nlgQCqnu6+hS
B/zWCQ8PTTUgBFVd+nlMFRnoHo4mtTiDXHBPDqDOsIxpP5TrRSgzcYiQ6YGIoqCP
pB1/43uYsnzgyWn3RpuTMmxHSc8Gnywq3lA783D/7dOjsr8f9OyOZNqVdnCSb8Q6
EwkDU/w+jiYoT2utSMwOaxIURxiU61L7J8MdOn8Pb+FMeRdhh6rLDESL
-----END CERTIFICATE-----
Generated at Mon Aug 19 23:51:28 2024 by rpki-client on console-ams.rpki-client.org