Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/E0_5AT-jN71AUO2RENJsjZ6OQqo.roa
File: E0_5AT-jN71AUO2RENJsjZ6OQqo.roa (raw, json)
Hash identifier: tR0o0+THKQ6+R2TVIAG3koZJIQpwA6LjZHpKRC3xXgk=
Subject key identifier: 13:4F:F9:01:3F:A3:37:BD:40:50:ED:91:10:D2:6C:8D:9E:8E:42:AA
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019087FA2ED755C6A2CCFE3FBCF6BF112F6C
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/E0_5AT-jN71AUO2RENJsjZ6OQqo.roa
Signing time: Sat 06 Jul 2024 12:17:18 +0000
ROA not before: Sat 06 Jul 2024 12:17:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211027
IP address blocks: 2a09:3d00::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a0f:c582::/32 maxlen: 32
2a10:c340:7000::/36 maxlen: 36
2a11:200:2000::/36 maxlen: 36
2a11:780::/29 maxlen: 36
2a11:b80::/29 maxlen: 36
2a11:af00::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 11 Jul 2024 08:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:fa:2e:d7:55:c6:a2:cc:fe:3f:bc:f6:bf:11:2f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jul 6 12:17:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=134ff9013fa337bd4050ed9110d26c8d9e8e42aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d0:c3:3d:5c:19:66:d4:00:f5:18:d2:e3:be:
ae:a2:b6:38:58:ce:53:82:df:1f:65:38:8e:cf:51:
44:48:eb:49:25:8c:64:e1:bc:bc:7b:9e:ce:a2:e2:
39:b3:2f:d9:46:2f:20:ff:ca:08:88:a4:cc:85:46:
b8:74:00:b3:74:9f:57:f9:1f:98:80:eb:e6:73:88:
4f:71:a9:f0:d9:1a:ce:67:ad:52:53:97:3a:7c:fb:
d8:95:28:31:c1:53:b5:9c:1c:b7:dd:06:2b:71:7f:
29:80:7e:7c:57:0b:ca:7b:96:0a:c2:6a:c5:e0:4e:
b0:02:94:36:5e:bc:01:00:c8:c9:24:11:84:5f:93:
01:5f:98:9a:7a:85:8b:ac:46:db:b9:be:68:8f:d0:
ca:46:06:27:ef:1e:f4:f5:38:ab:7c:15:05:c2:63:
32:87:bc:01:3c:a0:74:58:a4:7a:72:7c:b1:06:85:
7a:8c:56:9d:f2:7c:83:6d:b5:c0:7a:09:62:cb:00:
e6:54:1a:a5:82:e2:de:fb:09:79:b8:5e:46:16:5f:
81:3a:e5:e8:b8:1a:f7:61:93:b4:52:a1:28:a9:33:
95:4e:aa:a9:2f:39:24:b8:db:0d:f3:c6:5e:34:87:
b0:4b:27:60:56:05:ff:7e:e8:73:a6:15:ca:ea:0f:
be:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:4F:F9:01:3F:A3:37:BD:40:50:ED:91:10:D2:6C:8D:9E:8E:42:AA
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/E0_5AT-jN71AUO2RENJsjZ6OQqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3d00::/29
2a09:b680::/29
2a0f:c582::/32
2a10:c340:7000::/36
2a11:200:2000::/36
2a11:780::/29
2a11:b80::/29
2a11:af00::/29
Signature Algorithm: sha256WithRSAEncryption
42:17:47:9f:f7:fa:1e:67:71:2a:5c:88:11:c0:5b:d4:2e:fd:
76:c2:b2:50:b3:47:55:98:d1:c8:67:1c:e3:f6:d0:db:76:fe:
23:b6:d2:fb:51:fb:d6:d1:b8:c0:cc:1a:38:ba:09:64:df:a3:
d5:e8:a9:84:43:c0:7c:f9:d0:e1:ec:9d:4f:c6:f0:9e:87:3e:
88:d5:96:90:e7:f4:72:2e:3e:9c:cd:2d:a2:e4:47:6e:07:42:
2f:04:0c:d6:43:8f:31:ba:2c:80:57:dc:75:5b:e7:0f:4d:70:
96:7a:b6:8e:de:c7:c1:a1:a3:d8:ce:27:02:c0:7c:bd:fb:ab:
02:17:92:8c:05:11:b2:89:3b:71:94:48:5d:1e:83:ff:47:33:
0d:21:9d:9e:5a:ad:a0:ae:23:7c:b5:e2:59:b1:54:31:51:53:
b5:bb:14:76:2c:ad:c6:42:e5:e7:a3:b5:ab:fc:d4:6e:6a:8f:
9d:fe:2e:1d:6b:24:9d:61:9f:63:42:2e:76:60:14:8e:be:1c:
81:4c:4d:ef:a1:c9:f6:94:95:9e:44:d2:fa:94:92:0c:8b:fa:
7c:0e:e5:35:15:5d:36:d5:aa:8b:14:86:72:7d:74:94:de:52:
76:83:2c:92:38:16:8f:42:2b:16:a6:33:bd:81:3d:87:88:30:
8b:4c:90:cd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZCH+i7XVcaizP4/vPa/ES9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNzA2MTIxNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzRmZjkwMTNmYTMzN2JkNDA1MGVkOTExMGQyNmM4ZDllOGU0MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29DDPVwZZtQA9RjS476uorY4WM5T
gt8fZTiOz1FESOtJJYxk4by8e57OouI5sy/ZRi8g/8oIiKTMhUa4dACzdJ9X+R+Y
gOvmc4hPcanw2RrOZ61SU5c6fPvYlSgxwVO1nBy33QYrcX8pgH58VwvKe5YKwmrF
4E6wApQ2XrwBAMjJJBGEX5MBX5iaeoWLrEbbub5oj9DKRgYn7x709TirfBUFwmMy
h7wBPKB0WKR6cnyxBoV6jFad8nyDbbXAegliywDmVBqlguLe+wl5uF5GFl+BOuXo
uBr3YZO0UqEoqTOVTqqpLzkkuNsN88ZeNIewSydgVgX/fuhzphXK6g++FQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBNP+QE/oze9QFDtkRDSbI2ejkKqMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRTBfNUFULWpONzFBVU8yUkVOSnNqWjZPUXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6AwUDKgk9AAMF
AyoJtoADBQAqD8WCAwYEKhDDQHADBgQqEQIAIAMFAyoRB4ADBQMqEQuAAwUDKhGv
ADANBgkqhkiG9w0BAQsFAAOCAQEAQhdHn/f6HmdxKlyIEcBb1C79dsKyULNHVZjR
yGcc4/bQ23b+I7bS+1H71tG4wMwaOLoJZN+j1eiphEPAfPnQ4eydT8bwnoc+iNWW
kOf0ci4+nM0touRHbgdCLwQM1kOPMbosgFfcdVvnD01wlnq2jt7HwaGj2M4nAsB8
vfurAheSjAURsok7cZRIXR6D/0czDSGdnlqtoK4jfLXiWbFUMVFTtbsUdiytxkLl
56O1q/zUbmqPnf4uHWsknWGfY0IudmAUjr4cgUxN76HJ9pSVnkTS+pSSDIv6fA7l
NRVdNtWqixSGcn10lN5SdoMskjgWj0IrFqYzvYE9h4gwi0yQzQ==
-----END CERTIFICATE-----
Generated at Thu Jul 11 10:21:57 2024 by rpki-client on console-ams.rpki-client.org