Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/pkaKQssh__XSeGbuldQDgbk0ZuE.roa
File: pkaKQssh__XSeGbuldQDgbk0ZuE.roa (raw, json)
Hash identifier: MDZWoPZ5G9WCrjc9fm40CqWJbKtBAPwoENQrVMJsXyc=
Subject key identifier: A6:46:8A:42:CB:21:FF:F5:D2:78:66:EE:95:D4:03:81:B9:34:66:E1
Certificate issuer: /CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Certificate serial: 0191EB0833D96CFAE6513BFA692A1DE33CFA
Authority key identifier: 76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/pkaKQssh__XSeGbuldQDgbk0ZuE.roa
Signing time: Fri 13 Sep 2024 10:57:48 +0000
ROA not before: Fri 13 Sep 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:7681::/32 maxlen: 32
2a11:7684::/32 maxlen: 32
2a11:8301::/32 maxlen: 32
2a11:8304::/32 maxlen: 32
2a11:cd07::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 13 Sep 2024 13:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:08:33:d9:6c:fa:e6:51:3b:fa:69:2a:1d:e3:3c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=763d457e5d3cc0acd8a74f8b10e2686bfbc496cb
Validity
Not Before: Sep 13 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6468a42cb21fff5d27866ee95d40381b93466e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c5:9f:29:91:76:d7:49:df:c2:e1:a7:41:00:
da:39:03:df:24:e3:54:ce:06:9e:46:b8:07:cc:78:
28:b6:78:fe:84:31:5f:57:69:c2:77:44:ca:83:fb:
92:46:7c:0d:6c:12:ee:09:08:4c:a5:dd:a4:c6:02:
d1:37:3c:5e:97:56:45:86:0d:b0:bd:11:91:44:14:
0b:58:d7:ee:21:b1:d4:21:c7:f8:c1:1e:ac:10:2e:
d5:2a:88:2b:9d:60:67:e5:bb:a4:ad:fc:b9:ba:50:
0b:c9:92:68:0c:8a:89:14:e5:b0:df:2e:a1:a1:19:
43:4c:f0:3b:9d:14:21:a6:88:f8:92:77:99:a5:72:
76:c4:db:cb:c5:7a:6b:55:88:c8:f1:42:c6:ab:2c:
1e:2c:69:e0:9e:40:a3:ce:2f:ef:fe:b8:1b:30:ff:
c9:27:69:92:e1:fe:98:18:33:d0:a4:e5:b4:52:69:
ad:bc:c7:84:95:64:c3:eb:09:a3:92:77:d4:44:94:
08:c9:26:48:9f:8f:10:7a:59:f3:78:58:3f:37:f5:
ac:a6:9c:8a:86:60:20:4b:4e:48:13:18:e8:35:55:
b2:56:a4:71:5c:a2:fb:4b:6e:28:c6:a6:19:5a:ef:
de:01:07:bd:b3:0b:7e:e3:dd:97:98:06:1a:15:a2:
3f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:46:8A:42:CB:21:FF:F5:D2:78:66:EE:95:D4:03:81:B9:34:66:E1
X509v3 Authority Key Identifier:
keyid:76:3D:45:7E:5D:3C:C0:AC:D8:A7:4F:8B:10:E2:68:6B:FB:C4:96:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dj1Ffl08wKzYp0-LEOJoa_vElss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/pkaKQssh__XSeGbuldQDgbk0ZuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ccc94b-c287-4e5f-8604-7e594f2494cc/1/dj1Ffl08wKzYp0-LEOJoa_vElss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7681::/32
2a11:7684::/32
2a11:8301::/32
2a11:8304::/32
2a11:cd07::/32
Signature Algorithm: sha256WithRSAEncryption
20:b4:03:70:f0:2b:a5:51:f8:82:f7:bf:e4:19:53:55:eb:b9:
95:96:6c:1a:d0:74:0f:96:90:19:a1:29:d1:88:f3:22:20:19:
ed:9b:d1:be:10:df:e8:eb:36:55:f8:64:36:3d:43:17:1e:77:
c6:28:11:f9:77:47:9b:ce:ef:67:26:ef:51:07:56:11:25:46:
1c:c0:31:a2:d2:4a:92:e8:4b:cf:1d:af:1d:5f:9f:f0:af:77:
51:15:60:01:65:db:5d:e7:a5:53:e4:fd:0c:64:2c:4d:07:18:
a6:50:39:05:24:27:ff:40:a1:ff:89:6f:b7:0c:e9:f3:13:82:
a8:fa:1a:30:9d:b6:c1:a4:80:60:fe:64:2f:d9:73:51:c3:f9:
33:e8:08:3e:0b:96:97:14:b6:36:57:6c:e7:17:77:32:92:14:
4a:6f:67:ec:a8:06:0a:fd:39:19:9a:bc:df:93:98:50:10:07:
53:29:43:58:8e:16:e4:24:ba:07:96:99:64:fd:0a:4e:76:46:
b3:b6:8e:2a:17:eb:e9:06:83:23:07:8a:cc:82:9f:77:c3:d0:
e9:ae:1e:5d:95:0b:7b:25:9c:2b:dc:95:fd:f3:3b:93:d6:94:
de:e2:42:c8:3b:35:ca:68:23:0f:db:bb:76:7f:93:89:20:a7:
13:f4:96:c8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZHrCDPZbPrmUTv6aSod4zz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2M2Q0NTdlNWQzY2MwYWNkOGE3NGY4YjEwZTI2ODZiZmJj
NDk2Y2IwHhcNMjQwOTEzMTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ2OGE0MmNiMjFmZmY1ZDI3ODY2ZWU5NWQ0MDM4MWI5MzQ2NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksWfKZF210nfwuGnQQDaOQPfJONU
zgaeRrgHzHgotnj+hDFfV2nCd0TKg/uSRnwNbBLuCQhMpd2kxgLRNzxel1ZFhg2w
vRGRRBQLWNfuIbHUIcf4wR6sEC7VKogrnWBn5bukrfy5ulALyZJoDIqJFOWw3y6h
oRlDTPA7nRQhpoj4kneZpXJ2xNvLxXprVYjI8ULGqyweLGngnkCjzi/v/rgbMP/J
J2mS4f6YGDPQpOW0UmmtvMeElWTD6wmjknfURJQIySZIn48QelnzeFg/N/WsppyK
hmAgS05IExjoNVWyVqRxXKL7S24oxqYZWu/eAQe9swt+492XmAYaFaI/4wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKZGikLLIf/10nhm7pXUA4G5NGbhMB8GA1UdIwQY
MBaAFHY9RX5dPMCs2KdPixDiaGv7xJbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQt
N2U1OTRmMjQ5NGNjLzEvcGthS1Fzc2hfX1hTZUdidWxkUURnYmswWnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jY2M5NGItYzI4Ny00ZTVmLTg2MDQtN2U1OTRmMjQ5NGNj
LzEvZGoxRmZsMDh3S3pZcDAtTEVPSm9hX3ZFbHNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhF2gQMF
ACoRdoQDBQAqEYMBAwUAKhGDBAMFACoRzQcwDQYJKoZIhvcNAQELBQADggEBACC0
A3DwK6VR+IL3v+QZU1XruZWWbBrQdA+WkBmhKdGI8yIgGe2b0b4Q3+jrNlX4ZDY9
Qxced8YoEfl3R5vO72cm71EHVhElRhzAMaLSSpLoS88drx1fn/Cvd1EVYAFl213n
pVPk/QxkLE0HGKZQOQUkJ/9Aof+Jb7cM6fMTgqj6GjCdtsGkgGD+ZC/Zc1HD+TPo
CD4LlpcUtjZXbOcXdzKSFEpvZ+yoBgr9ORmavN+TmFAQB1MpQ1iOFuQkugeWmWT9
Ck52RrO2jioX6+kGgyMHisyCn3fD0OmuHl2VC3slnCvclf3zO5PWlN7iQsg7Ncpo
Iw/bu3Z/k4kgpxP0lsg=
-----END CERTIFICATE-----
Generated at Fri Sep 13 16:31:14 2024 by rpki-client on console-fra.rpki-client.org