Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/mhWfXESYqoxqwm4RnQEg9yW2dhg.roa
File: mhWfXESYqoxqwm4RnQEg9yW2dhg.roa (raw, json)
Hash identifier: Env7NVrvydSv45+PUbVwlpC1gTEZjXulOcVaDG/YrU0=
Subject key identifier: 9A:15:9F:5C:44:98:AA:8C:6A:C2:6E:11:9D:01:20:F7:25:B6:76:18
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018F9BC365C6FC7A0D2A8B405536678FDAA2
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/mhWfXESYqoxqwm4RnQEg9yW2dhg.roa
Signing time: Tue 21 May 2024 15:27:04 +0000
ROA not before: Tue 21 May 2024 15:27:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:c0c0::/29 maxlen: 29
2a11:d900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 23 May 2024 11:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:c3:65:c6:fc:7a:0d:2a:8b:40:55:36:67:8f:da:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: May 21 15:27:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a159f5c4498aa8c6ac26e119d0120f725b67618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:99:9d:dc:b4:68:7a:31:03:fa:8a:35:9c:ce:
b5:c3:0e:59:38:53:74:01:0f:66:b9:c9:93:f7:bb:
ff:61:05:70:a1:ab:21:aa:17:43:18:2b:63:5a:ee:
91:3e:9f:29:5c:3d:82:97:38:0f:61:cc:8c:b8:6d:
cf:49:67:50:eb:a8:ba:5a:13:df:20:c8:a3:aa:31:
3d:0c:2e:2d:1a:05:f5:ff:87:b4:1e:10:25:c6:be:
bf:24:57:61:b7:1b:21:fa:a1:63:30:f8:ac:1c:12:
87:87:57:bc:48:e1:cb:78:69:02:f9:2d:d0:49:ff:
b5:47:80:d5:ba:5e:ea:72:f7:f9:96:f1:2a:bc:42:
a7:88:de:c9:bd:eb:7c:46:52:8b:e0:ab:18:ff:07:
84:18:82:a6:ea:3a:21:1f:91:fd:81:f9:82:15:42:
b3:41:c3:da:16:8d:0d:06:fb:c1:48:90:06:f3:08:
4e:61:7e:08:01:8c:67:84:df:88:0a:88:6c:9e:bc:
b9:d7:8a:06:a0:db:51:83:e1:86:92:30:42:06:30:
58:78:ab:77:9d:d6:2c:a5:59:55:98:4f:06:b2:91:
7a:2e:d2:fa:a6:93:0c:cd:85:2b:87:c3:14:8b:47:
ef:4f:9f:35:33:ba:e9:e0:5e:56:6e:eb:57:05:30:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:15:9F:5C:44:98:AA:8C:6A:C2:6E:11:9D:01:20:F7:25:B6:76:18
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/mhWfXESYqoxqwm4RnQEg9yW2dhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c0c0::/29
2a11:d900::/29
Signature Algorithm: sha256WithRSAEncryption
24:57:73:c8:15:5e:f8:a4:62:03:01:82:97:4b:62:f6:f1:94:
a7:d7:ca:30:94:2c:fc:44:37:62:58:38:d5:58:90:3c:16:86:
98:72:40:5d:c1:7c:a5:38:21:13:07:e3:2b:a1:eb:18:f7:93:
fd:47:e4:68:38:13:2a:3a:5e:d2:92:aa:ca:fc:a1:98:71:d8:
ac:23:47:18:66:1e:72:56:38:4e:f5:7d:c4:8d:4f:8b:3e:e5:
e9:19:06:e8:37:e7:b5:e5:dc:54:fa:5e:cd:49:5f:7a:b0:c2:
89:3a:43:d4:ee:e9:02:51:59:c1:6e:f1:ec:bb:69:e8:44:ba:
9d:fb:b0:7d:39:8a:ff:bd:ae:f7:2d:20:da:4d:0d:73:b3:ad:
96:54:0a:64:00:bd:62:9a:5b:a4:9c:bf:c2:db:61:b4:65:ce:
c1:a5:0e:0f:26:5a:02:28:56:2a:49:2f:7e:15:f9:15:28:07:
bc:e2:ab:15:5c:d6:8c:de:56:e4:41:c1:90:dc:9b:05:4e:c3:
79:18:cd:08:84:f2:73:b1:40:1e:69:30:c4:12:3f:c8:aa:d4:
5d:e4:a7:ce:f7:68:bc:9e:31:e0:e9:83:a3:d6:77:f6:6e:89:
f3:0b:dc:d5:99:dc:91:fe:7b:26:8b:7c:ec:1d:f8:16:d3:8a:
0f:ed:65:4f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+bw2XG/HoNKotAVTZnj9qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwNTIxMTUyNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE1OWY1YzQ0OThhYThjNmFjMjZlMTE5ZDAxMjBmNzI1YjY3NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35md3LRoejED+oo1nM61ww5ZOFN0
AQ9mucmT97v/YQVwoashqhdDGCtjWu6RPp8pXD2ClzgPYcyMuG3PSWdQ66i6WhPf
IMijqjE9DC4tGgX1/4e0HhAlxr6/JFdhtxsh+qFjMPisHBKHh1e8SOHLeGkC+S3Q
Sf+1R4DVul7qcvf5lvEqvEKniN7Jvet8RlKL4KsY/weEGIKm6johH5H9gfmCFUKz
QcPaFo0NBvvBSJAG8whOYX4IAYxnhN+ICohsnry514oGoNtRg+GGkjBCBjBYeKt3
ndYspVlVmE8GspF6LtL6ppMMzYUrh8MUi0fvT581M7rp4F5WbutXBTBuDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJoVn1xEmKqMasJuEZ0BIPcltnYYMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvbWhXZlhFU1lxb3hxd200Um5RRWc5eVcyZGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhHAwAMF
AyoR2QAwDQYJKoZIhvcNAQELBQADggEBACRXc8gVXvikYgMBgpdLYvbxlKfXyjCU
LPxEN2JYONVYkDwWhphyQF3BfKU4IRMH4yuh6xj3k/1H5Gg4Eyo6XtKSqsr8oZhx
2KwjRxhmHnJWOE71fcSNT4s+5ekZBug357Xl3FT6Xs1JX3qwwok6Q9Tu6QJRWcFu
8ey7aehEup37sH05iv+9rvctINpNDXOzrZZUCmQAvWKaW6Scv8LbYbRlzsGlDg8m
WgIoVipJL34V+RUoB7ziqxVc1ozeVuRBwZDcmwVOw3kYzQiE8nOxQB5pMMQSP8iq
1F3kp873aLyeMeDpg6PWd/ZuifML3NWZ3JH+eyaLfOwd+BbTig/tZU8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:52 2025 by rpki-client