Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/AFfTWqHXtRX5hyU9c3Co3DjTgCY.roa
File: AFfTWqHXtRX5hyU9c3Co3DjTgCY.roa (raw, json)
Hash identifier: SlowtvNHLjG3Zy18R0SlyvIPfUrVGL4i2mxNqqBxPC0=
Subject key identifier: 00:57:D3:5A:A1:D7:B5:15:F9:87:25:3D:73:70:A8:DC:38:D3:80:26
Certificate issuer: /CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Certificate serial: 01856F4B8667717A428B8D057F6D53A21F9E
Authority key identifier: 3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/AFfTWqHXtRX5hyU9c3Co3DjTgCY.roa
Signing time: Sun 01 Jan 2023 21:44:58 +0000
ROA not before: Sun 01 Jan 2023 21:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 2a11:1680:6::/48 maxlen: 48
2a11:1680:1e::/48 maxlen: 48
2a11:1680:9::/48 maxlen: 48
2a11:1680:7::/48 maxlen: 48
2a11:1680:10::/48 maxlen: 48
2a11:1680:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Mar 2023 09:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:86:67:71:7a:42:8b:8d:05:7f:6d:53:a2:1f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d92bc045ab9cc9f017e8bf7ffe423da804a614f
Validity
Not Before: Jan 1 21:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0057d35aa1d7b515f987253d7370a8dc38d38026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:63:72:90:8d:2e:63:84:c5:c4:22:f1:5e:f7:
a2:45:13:4c:ff:87:7b:fc:fb:69:93:32:4a:31:7e:
5f:33:a9:1b:c7:50:d8:7a:f0:81:68:c8:5a:b2:a1:
52:51:7e:4d:93:ce:48:8c:ae:2a:45:2d:c7:64:27:
d4:7a:e6:0a:aa:fe:45:58:07:c6:37:7a:40:5f:dd:
41:f4:8d:1d:f7:cf:40:78:68:9d:39:dd:3e:26:3b:
09:eb:49:45:01:28:30:78:45:99:40:87:ec:d1:9e:
72:e5:1b:0f:05:a5:1c:03:83:d0:92:6a:59:d9:e4:
57:fe:47:71:11:c0:2f:bf:08:36:34:99:71:54:45:
b5:56:26:0f:29:36:ec:d3:3b:04:50:20:87:9a:a1:
6a:16:b5:aa:fb:ed:b2:da:8d:93:83:34:da:e2:fa:
fe:a9:94:4b:17:4b:eb:2e:37:81:37:d3:82:5a:cf:
9a:03:5b:e3:66:bd:ea:41:a5:06:c5:a8:dd:97:a1:
77:88:aa:6d:11:9f:ac:25:37:34:94:8a:c9:05:dd:
a3:0e:10:c1:f7:5c:57:f4:09:cd:ac:23:68:01:3d:
ad:14:c1:a2:5c:59:84:36:40:43:85:07:b0:99:ab:
07:7a:68:0a:3f:f5:1d:34:7c:08:1d:ed:47:69:b4:
9b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:57:D3:5A:A1:D7:B5:15:F9:87:25:3D:73:70:A8:DC:38:D3:80:26
X509v3 Authority Key Identifier:
keyid:3D:92:BC:04:5A:B9:CC:9F:01:7E:8B:F7:FF:E4:23:DA:80:4A:61:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/AFfTWqHXtRX5hyU9c3Co3DjTgCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3626dc-221f-4b9a-bb68-3e3812ffa147/1/PZK8BFq5zJ8Bfov3_-Qj2oBKYU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1680:6::-2a11:1680:9:ffff:ffff:ffff:ffff:ffff
2a11:1680:10::/48
2a11:1680:1e::/48
Signature Algorithm: sha256WithRSAEncryption
0b:2d:a2:03:fb:ad:1c:72:a1:c1:41:0b:33:ca:12:52:33:6b:
bd:db:f4:66:ad:35:41:5f:50:41:63:67:52:42:8d:bf:d4:a2:
2d:7c:6d:80:7a:67:8c:0b:36:67:a9:b7:6d:dd:f1:31:2a:0b:
66:43:58:7e:4a:c9:84:5f:cc:37:db:29:3a:1f:1c:23:6b:75:
b2:80:96:08:9a:3f:8b:f5:81:71:7c:be:b7:d9:d6:3a:dd:cd:
0b:63:67:a2:65:d8:66:15:d3:97:00:94:3d:17:13:35:4a:e4:
ae:4b:07:63:0f:58:54:45:ba:94:29:80:63:58:7f:36:48:99:
08:03:e9:78:3c:c3:00:61:c4:d6:74:a2:4d:48:6b:7f:48:36:
91:3f:7b:bd:4a:26:ba:7c:62:32:25:3b:d8:4d:d2:8e:12:9f:
44:a3:86:39:89:d9:fb:77:f4:e4:d7:3a:6e:db:0d:bb:d7:ff:
29:03:76:0a:03:50:13:d6:ff:d4:0b:53:dd:90:2e:b3:b7:38:
13:77:12:5c:96:05:7a:76:61:32:56:b2:ff:fe:62:19:10:e2:
b5:64:53:97:3c:ff:92:88:a8:63:8f:5b:18:40:49:5a:fe:8d:
09:72:53:8d:6b:4e:f0:54:d8:4c:bd:ee:96:43:ae:dc:5c:78:
dd:f0:e1:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvS4ZncXpCi40Ff21Toh+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTJiYzA0NWFiOWNjOWYwMTdlOGJmN2ZmZTQyM2RhODA0
YTYxNGYwHhcNMjMwMTAxMjE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU3ZDM1YWExZDdiNTE1Zjk4NzI1M2Q3MzcwYThkYzM4ZDM4MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmNykI0uY4TFxCLxXveiRRNM/4d7
/PtpkzJKMX5fM6kbx1DYevCBaMhasqFSUX5Nk85IjK4qRS3HZCfUeuYKqv5FWAfG
N3pAX91B9I0d989AeGidOd0+JjsJ60lFASgweEWZQIfs0Z5y5RsPBaUcA4PQkmpZ
2eRX/kdxEcAvvwg2NJlxVEW1ViYPKTbs0zsEUCCHmqFqFrWq++2y2o2TgzTa4vr+
qZRLF0vrLjeBN9OCWs+aA1vjZr3qQaUGxajdl6F3iKptEZ+sJTc0lIrJBd2jDhDB
91xX9AnNrCNoAT2tFMGiXFmENkBDhQewmasHemgKP/UdNHwIHe1HabSbGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFABX01qh17UV+YclPXNwqNw404AmMB8GA1UdIwQY
MBaAFD2SvARaucyfAX6L9//kI9qASmFPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgt
M2UzODEyZmZhMTQ3LzEvQUZmVFdxSFh0Ulg1aHlVOWMzQ28zRGpUZ0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zNjI2ZGMtMjIxZi00YjlhLWJiNjgtM2UzODEyZmZhMTQ3
LzEvUFpLOEJGcTV6SjhCZm92M18tUWoyb0JLWVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwEqERaA
AAYDBwEqERaAAAgDBwAqERaAABADBwAqERaAAB4wDQYJKoZIhvcNAQELBQADggEB
AAstogP7rRxyocFBCzPKElIza73b9GatNUFfUEFjZ1JCjb/Uoi18bYB6Z4wLNmep
t23d8TEqC2ZDWH5KyYRfzDfbKTofHCNrdbKAlgiaP4v1gXF8vrfZ1jrdzQtjZ6Jl
2GYV05cAlD0XEzVK5K5LB2MPWFRFupQpgGNYfzZImQgD6Xg8wwBhxNZ0ok1Ia39I
NpE/e71KJrp8YjIlO9hN0o4Sn0SjhjmJ2ft39OTXOm7bDbvX/ykDdgoDUBPW/9QL
U92QLrO3OBN3ElyWBXp2YTJWsv/+YhkQ4rVkU5c8/5KIqGOPWxhASVr+jQlyU41r
TvBU2Ey97pZDrtxceN3w4WQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:07 2024 by rpki-client on console-fra.rpki-client.org