Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/AclBH9NMUSs52btKJPf6eMiIKwM.roa
File: AclBH9NMUSs52btKJPf6eMiIKwM.roa (raw, json)
Hash identifier: uIVS7NhX87ckfW1T7tn9JlGUPPVUTG/BxctFB91CXbA=
Subject key identifier: 01:C9:41:1F:D3:4C:51:2B:39:D9:BB:4A:24:F7:FA:78:C8:88:2B:03
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0192FDED51F3EE961A4D2949C550D75C9DB5
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/AclBH9NMUSs52btKJPf6eMiIKwM.roa
Signing time: Tue 05 Nov 2024 20:04:01 +0000
ROA not before: Tue 05 Nov 2024 20:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a11:ad80::/29 maxlen: 29
2a13:c0c0::/29 maxlen: 29
2a13:c140::/29 maxlen: 29
2a13:d240::/29 maxlen: 29
2a13:d2c0::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
2a14:5740::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:58c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 22 Nov 2024 19:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:ed:51:f3:ee:96:1a:4d:29:49:c5:50:d7:5c:9d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Nov 5 20:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c9411fd34c512b39d9bb4a24f7fa78c8882b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c9:e0:49:b4:6e:97:bd:69:f4:a1:3f:9b:7a:
f4:f7:94:a7:43:e5:65:e7:bf:33:41:2d:c5:42:7a:
b6:c8:3a:4f:2c:36:87:d3:61:04:f3:cf:d8:e6:60:
1e:d4:8f:30:b6:5e:b8:e8:01:f8:7c:5f:83:4a:00:
37:d9:24:d2:ae:f0:84:5a:6a:49:ab:ea:e0:bf:8e:
7d:39:dc:eb:2b:c7:f1:14:44:a3:7e:75:60:f6:5d:
f1:e9:b2:e4:cd:a4:9b:3c:bc:91:3e:74:53:28:a3:
59:18:85:c3:95:f0:56:3c:2d:19:9c:ba:19:68:cd:
2e:5a:23:87:77:c2:5c:6e:5e:29:df:75:8f:59:1f:
66:58:d8:00:f4:db:48:0a:0f:54:2e:93:11:08:6f:
87:40:df:f5:50:e1:e7:75:2e:ec:7d:8e:66:32:14:
50:ef:4d:a9:fb:72:cb:c3:84:2d:1f:c5:10:2a:00:
af:fc:70:d5:05:15:30:c3:9a:0c:59:b4:4e:61:77:
28:94:8d:f4:32:61:db:cb:4e:b2:e0:40:90:76:d9:
55:3e:37:34:8b:f6:7c:1f:df:d1:65:3b:63:9e:1e:
aa:f0:d0:0c:24:5d:19:b3:63:67:c8:90:34:a1:0d:
0b:e2:c7:ec:7a:5f:aa:4a:ac:73:f0:46:b6:04:ac:
8d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C9:41:1F:D3:4C:51:2B:39:D9:BB:4A:24:F7:FA:78:C8:88:2B:03
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/AclBH9NMUSs52btKJPf6eMiIKwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:ad80::/29
2a13:c0c0::/29
2a13:c140::/29
2a13:d240::/29
2a13:d2c0::/29
2a13:de40::/29
2a14:5740::/29
2a14:5840::/29
2a14:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:a4:ee:e2:53:4e:74:25:19:e1:97:ca:31:20:41:13:9a:0f:
43:36:df:d1:21:c4:84:8f:c8:31:09:c7:d3:ed:ef:66:ca:fd:
f2:d7:0a:37:6a:92:17:4a:fa:8e:e2:29:69:69:f1:39:9e:7e:
f3:1e:10:24:7d:9a:7b:9f:88:b7:32:81:7c:ca:50:d2:42:88:
e9:b2:ed:51:37:65:83:43:10:bc:ab:35:4a:4b:98:1a:a8:90:
ae:0e:96:d1:bc:3c:88:9f:cc:74:04:65:20:1d:92:4d:10:93:
b3:ba:b2:50:0b:6c:c9:f2:be:88:ca:b2:2d:e2:53:e5:a7:ec:
b8:fa:99:d2:3d:8b:82:f8:f8:e6:15:be:33:88:cc:4f:c8:d5:
76:c0:51:53:f6:dc:aa:4e:77:83:91:40:b7:53:93:7b:2b:d9:
98:e0:08:c5:7c:71:98:2f:15:6f:4e:96:ca:8e:53:2e:90:38:
e5:95:06:c8:cb:d5:f2:86:9a:eb:fe:5e:2a:a8:6d:9d:8c:25:
d8:67:03:eb:87:5e:ef:fa:07:d9:9e:0f:11:ac:b3:dc:c2:58:
e1:5e:05:ed:8c:fc:ad:b7:5c:11:e1:c3:aa:53:94:62:12:8f:
2e:7e:3c:72:f9:78:30:bf:8c:5b:3e:7c:40:76:bf:b5:07:c6:
bd:9b:77:d4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZL97VHz7pYaTSlJxVDXXJ21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMTA1MjAwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWM5NDExZmQzNGM1MTJiMzlkOWJiNGEyNGY3ZmE3OGM4ODgyYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ngSbRul71p9KE/m3r095SnQ+Vl
578zQS3FQnq2yDpPLDaH02EE88/Y5mAe1I8wtl646AH4fF+DSgA32STSrvCEWmpJ
q+rgv459OdzrK8fxFESjfnVg9l3x6bLkzaSbPLyRPnRTKKNZGIXDlfBWPC0ZnLoZ
aM0uWiOHd8Jcbl4p33WPWR9mWNgA9NtICg9ULpMRCG+HQN/1UOHndS7sfY5mMhRQ
702p+3LLw4QtH8UQKgCv/HDVBRUww5oMWbROYXcolI30MmHby06y4ECQdtlVPjc0
i/Z8H9/RZTtjnh6q8NAMJF0Zs2NnyJA0oQ0L4sfsel+qSqxz8Ea2BKyN1wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAHJQR/TTFErOdm7SiT3+njIiCsDMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvQWNsQkg5Tk1VU3M1MmJ0S0pQZjZlTWlJS3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhGtgAMF
AyoTwMADBQMqE8FAAwUDKhPSQAMFAyoT0sADBQMqE95AAwUDKhRXQAMFAyoUWEAD
BQMqFFjAMA0GCSqGSIb3DQEBCwUAA4IBAQCgpO7iU050JRnhl8oxIEETmg9DNt/R
IcSEj8gxCcfT7e9myv3y1wo3apIXSvqO4ilpafE5nn7zHhAkfZp7n4i3MoF8ylDS
Qojpsu1RN2WDQxC8qzVKS5gaqJCuDpbRvDyIn8x0BGUgHZJNEJOzurJQC2zJ8r6I
yrIt4lPlp+y4+pnSPYuC+PjmFb4ziMxPyNV2wFFT9tyqTneDkUC3U5N7K9mY4AjF
fHGYLxVvTpbKjlMukDjllQbIy9Xyhprr/l4qqG2djCXYZwPrh17v+gfZng8RrLPc
wljhXgXtjPytt1wR4cOqU5RiEo8ufjxy+Xgwv4xbPnxAdr+1B8a9m3fU
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:18 2025 by rpki-client