Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/2NNiHpgsSLFx5iYfBo90Z5UMwHA.roa
File: 2NNiHpgsSLFx5iYfBo90Z5UMwHA.roa (raw, json)
Hash identifier: rUqMjc00oidPtsbyXfWvzoLxJ+FpP9a3AUx+T8M7u3s=
Subject key identifier: D8:D3:62:1E:98:2C:48:B1:71:E6:26:1F:06:8F:74:67:95:0C:C0:70
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018DE5892B9A73390FCA271E72B2FB44211D
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/2NNiHpgsSLFx5iYfBo90Z5UMwHA.roa
Signing time: Mon 26 Feb 2024 13:09:48 +0000
ROA not before: Mon 26 Feb 2024 13:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1136
IP address blocks: 2a04:9a00:1200::/48 maxlen: 48
2a07:3500:1020::/48 maxlen: 48
2a07:3500:11a0::/48 maxlen: 48
2a07:3500:1ac0::/48 maxlen: 48
2a07:3500:1b30::/48 maxlen: 48
2a07:3500:1b48::/48 maxlen: 48
2a07:3500:1bc0::/48 maxlen: 48
2a07:3500:1c00::/48 maxlen: 48
2a07:3500:1da8::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:89:2b:9a:73:39:0f:ca:27:1e:72:b2:fb:44:21:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 26 13:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8d3621e982c48b171e6261f068f7467950cc070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d6:38:35:4d:98:49:4a:bb:4e:b0:a3:37:6d:
0f:0f:d7:68:70:ee:dd:e0:3e:19:1b:98:1b:3e:2e:
6a:fc:30:da:5f:99:4f:27:1f:ff:a9:ad:8b:e9:97:
0f:98:48:32:4b:90:b4:5e:92:18:50:31:06:23:ac:
6b:9f:42:7b:0e:87:b9:e4:74:95:c4:fb:79:44:53:
af:43:6d:e2:f8:40:96:52:92:07:e4:00:c5:83:a8:
27:be:79:4d:15:2b:f2:0c:04:58:ec:d2:34:96:2e:
c4:32:ba:1c:69:cb:f1:20:9e:f4:12:2c:46:30:7d:
b9:1e:79:85:1d:5c:1a:bd:aa:f7:6f:eb:dc:42:d4:
46:37:4c:2b:9b:04:87:72:63:51:63:fc:a5:ee:6d:
4b:70:da:4d:d8:ca:4a:f4:bc:1d:04:e0:3a:42:87:
bc:c6:0b:c5:7c:af:65:35:54:27:29:6e:ab:f1:36:
fc:8c:eb:00:ac:33:6e:3f:48:bc:c1:9e:70:1e:35:
c1:fd:65:87:fa:78:16:db:68:2c:93:ba:93:27:4b:
25:13:38:b2:38:fb:e1:eb:17:d3:94:81:28:b6:f9:
93:9f:bb:45:eb:0d:02:b6:b4:b1:0c:cb:bb:ec:e1:
cf:86:c4:bc:a7:62:27:b2:0d:28:1b:67:20:9d:be:
57:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D3:62:1E:98:2C:48:B1:71:E6:26:1F:06:8F:74:67:95:0C:C0:70
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/2NNiHpgsSLFx5iYfBo90Z5UMwHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1200::/48
2a07:3500:1020::/48
2a07:3500:11a0::/48
2a07:3500:1ac0::/48
2a07:3500:1b30::/48
2a07:3500:1b48::/48
2a07:3500:1bc0::/48
2a07:3500:1c00::/48
2a07:3500:1da8::/48
2a07:3502:10e0::/48
Signature Algorithm: sha256WithRSAEncryption
6f:88:2c:52:d7:35:dd:b6:9f:3a:35:1d:f3:94:46:06:71:d8:
6d:a5:d1:b6:3a:91:40:66:9a:d5:25:1f:e9:ad:39:21:09:10:
e2:b6:2f:be:29:70:ad:f5:24:be:63:71:ad:dd:a9:f1:53:24:
4b:da:6d:5e:aa:dd:b8:67:5c:e2:05:7c:b9:44:46:78:68:31:
06:0e:44:f2:3c:2f:54:06:60:73:f8:40:d1:ae:01:10:08:13:
04:34:45:d2:ed:43:db:b8:3d:fe:53:08:64:07:5b:09:fe:9d:
22:1c:1d:d1:37:ba:e2:e6:43:08:6d:53:21:83:30:0e:f0:7b:
77:43:ac:d1:67:e3:83:1d:42:cd:30:82:35:62:a8:0a:35:58:
47:f1:6c:39:e8:b5:87:f6:d0:da:60:8d:eb:b1:ed:3d:52:62:
05:1a:ed:08:8d:90:00:02:f5:18:b6:89:60:db:5d:bb:cf:d2:
35:89:53:b0:02:f7:e3:1f:35:83:c5:60:30:7f:98:5a:da:fe:
4d:1c:c7:56:0d:1b:25:a1:db:2f:4a:d1:59:9e:73:54:ba:71:
d0:e0:fa:00:7d:cf:33:02:d2:73:7a:58:ed:13:f7:68:23:50:
b4:64:30:62:7d:44:88:9a:f9:07:19:7f:f1:7a:6a:fa:fb:91:
84:fc:07:a5
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY3liSuaczkPyicecrL7RCEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMjI2MTMwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQzNjIxZTk4MmM0OGIxNzFlNjI2MWYwNjhmNzQ2Nzk1MGNjMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9Y4NU2YSUq7TrCjN20PD9docO7d
4D4ZG5gbPi5q/DDaX5lPJx//qa2L6ZcPmEgyS5C0XpIYUDEGI6xrn0J7Doe55HSV
xPt5RFOvQ23i+ECWUpIH5ADFg6gnvnlNFSvyDARY7NI0li7EMrocacvxIJ70EixG
MH25HnmFHVwavar3b+vcQtRGN0wrmwSHcmNRY/yl7m1LcNpN2MpK9LwdBOA6Qoe8
xgvFfK9lNVQnKW6r8Tb8jOsArDNuP0i8wZ5wHjXB/WWH+ngW22gsk7qTJ0slEziy
OPvh6xfTlIEotvmTn7tF6w0CtrSxDMu77OHPhsS8p2Insg0oG2cgnb5XXQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNjTYh6YLEixceYmHwaPdGeVDMBwMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvMk5OaUhwZ3NTTEZ4NWlZZkJvOTBaNVVNd0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcAKgSaABIA
AwcAKgc1ABAgAwcAKgc1ABGgAwcAKgc1ABrAAwcAKgc1ABswAwcAKgc1ABtIAwcA
Kgc1ABvAAwcAKgc1ABwAAwcAKgc1AB2oAwcAKgc1AhDgMA0GCSqGSIb3DQEBCwUA
A4IBAQBviCxS1zXdtp86NR3zlEYGcdhtpdG2OpFAZprVJR/prTkhCRDiti++KXCt
9SS+Y3Gt3anxUyRL2m1eqt24Z1ziBXy5REZ4aDEGDkTyPC9UBmBz+EDRrgEQCBME
NEXS7UPbuD3+UwhkB1sJ/p0iHB3RN7ri5kMIbVMhgzAO8Ht3Q6zRZ+ODHULNMII1
YqgKNVhH8Ww56LWH9tDaYI3rse09UmIFGu0IjZAAAvUYtolg2127z9I1iVOwAvfj
HzWDxWAwf5ha2v5NHMdWDRslodsvStFZnnNUunHQ4PoAfc8zAtJzeljtE/doI1C0
ZDBifUSImvkHGX/xemr6+5GE/Ael
-----END CERTIFICATE-----
Generated at Mon Apr 15 13:25:29 2024 by rpki-client on console-fra.rpki-client.org