Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/4nUAbvq1fonA_Qj3fHUiB4yBPuw.roa
File: 4nUAbvq1fonA_Qj3fHUiB4yBPuw.roa (raw, json)
Hash identifier: zBJbKiActiYHKab4FkpDx0/pjVcwEUdMR2sw3n4xZqM=
Subject key identifier: E2:75:00:6E:FA:B5:7E:89:C0:FD:08:F7:7C:75:22:07:8C:81:3E:EC
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 018CC5DC5A0896B8A40FF3B0846388748095
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/4nUAbvq1fonA_Qj3fHUiB4yBPuw.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601:f000::/36 maxlen: 36
2a11:601:d000::/36 maxlen: 36
2a11:600:150::/48 maxlen: 48
2a11:600:78::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 17:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5a:08:96:b8:a4:0f:f3:b0:84:63:88:74:80:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e275006efab57e89c0fd08f77c7522078c813eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:22:96:87:8a:70:cc:ab:b9:39:dd:2b:e6:
74:fb:d5:2b:cc:13:7e:b5:87:40:76:2f:a7:36:77:
84:31:58:7d:41:62:47:ad:66:50:eb:6c:49:d8:df:
05:82:ec:8e:21:82:91:db:57:5b:c3:84:eb:37:87:
ce:9d:9b:d2:6d:59:e7:50:af:ac:e0:9a:53:42:9d:
f1:bf:1f:ee:4a:42:35:5c:28:a0:f6:1e:e5:d5:a1:
11:ab:57:d2:5e:f3:4a:1e:0d:5e:14:64:d2:18:68:
45:e7:ff:da:08:aa:bd:43:92:f0:79:27:dc:a8:29:
a1:46:0f:6d:48:66:f6:84:b1:03:20:aa:00:1c:f8:
50:10:10:10:b6:c2:69:63:00:07:b2:b6:bc:2f:38:
25:b4:d5:75:79:a1:52:fb:ee:54:08:6f:5e:be:7a:
64:75:60:ac:57:4f:5d:d4:ec:f5:0d:3e:06:a6:5f:
f4:bd:ba:6b:4a:ea:66:73:1f:66:ce:d4:c1:a8:f2:
46:ad:c1:4e:7d:21:44:25:03:c4:63:02:6b:ff:2c:
cd:10:10:dd:a8:db:c3:06:58:4e:5c:c2:b1:87:eb:
50:bd:f5:a8:9e:30:78:e3:67:f9:35:a1:28:6c:ad:
52:be:21:7b:56:5d:84:61:49:e1:6e:8a:38:15:3b:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:75:00:6E:FA:B5:7E:89:C0:FD:08:F7:7C:75:22:07:8C:81:3E:EC
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/4nUAbvq1fonA_Qj3fHUiB4yBPuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:78::/48
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
0b:60:94:79:65:d6:d9:41:da:3d:24:e8:a4:c9:e2:21:1f:7f:
17:6d:98:ee:eb:a2:09:41:f0:bf:5b:e9:f5:2a:eb:5d:6b:c2:
ec:2a:26:8e:5d:6f:bc:be:75:02:c2:4f:fd:e5:03:ec:fc:a0:
3e:e2:ce:6c:e5:5c:f1:37:7f:1a:ad:4f:2e:c1:25:88:3e:61:
15:d4:2d:5e:20:5b:8b:73:d3:67:d3:22:a8:2b:c4:fb:e3:55:
8e:73:e4:1a:10:14:13:b7:46:fd:77:c6:89:05:21:12:c2:fa:
95:40:5e:98:2e:34:6a:5b:ed:95:b0:f4:a8:02:8d:6f:ec:d2:
d5:8e:b8:e5:61:61:67:87:d4:9f:07:d1:59:f0:53:cf:05:75:
8e:03:22:20:bb:1e:e0:c1:e2:47:f1:3b:a8:b4:03:81:45:e2:
d8:fd:77:fd:cc:1a:7b:f3:e4:79:d3:1d:fb:c9:0b:72:a8:67:
f4:d6:a7:2b:c7:95:a0:e7:b8:48:c3:1e:f9:16:9a:1e:65:c0:
03:b0:26:13:16:63:14:40:96:7e:90:44:4f:61:e9:e8:18:80:
9f:6a:87:59:65:8c:2c:60:2f:d7:12:06:06:4f:e8:41:79:f7:
96:d0:e7:ad:d7:94:66:a0:da:91:24:ad:03:dd:e6:40:19:1f:
bc:79:39:9b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3FoIlrikD/OwhGOIdICVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc1MDA2ZWZhYjU3ZTg5YzBmZDA4Zjc3Yzc1MjIwNzhjODEzZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGQiloeKcMyruTndK+Z0+9UrzBN+
tYdAdi+nNneEMVh9QWJHrWZQ62xJ2N8FguyOIYKR21dbw4TrN4fOnZvSbVnnUK+s
4JpTQp3xvx/uSkI1XCig9h7l1aERq1fSXvNKHg1eFGTSGGhF5//aCKq9Q5LweSfc
qCmhRg9tSGb2hLEDIKoAHPhQEBAQtsJpYwAHsra8LzgltNV1eaFS++5UCG9evnpk
dWCsV09d1Oz1DT4Gpl/0vbprSupmcx9mztTBqPJGrcFOfSFEJQPEYwJr/yzNEBDd
qNvDBlhOXMKxh+tQvfWonjB442f5NaEobK1SviF7Vl2EYUnhboo4FTtc2QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOJ1AG76tX6JwP0I93x1IgeMgT7sMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvNG5VQWJ2cTFmb25BX1FqM2ZIVWlCNHlCUHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcAKhEGAAB4
AwcBKhEGAAFQAwYEKhEGAdADBgQqEQYB8DANBgkqhkiG9w0BAQsFAAOCAQEAC2CU
eWXW2UHaPSTopMniIR9/F22Y7uuiCUHwv1vp9SrrXWvC7Comjl1vvL51AsJP/eUD
7PygPuLObOVc8Td/Gq1PLsEliD5hFdQtXiBbi3PTZ9MiqCvE++NVjnPkGhAUE7dG
/XfGiQUhEsL6lUBemC40alvtlbD0qAKNb+zS1Y645WFhZ4fUnwfRWfBTzwV1jgMi
ILse4MHiR/E7qLQDgUXi2P13/cwae/PkedMd+8kLcqhn9NanK8eVoOe4SMMe+Raa
HmXAA7AmExZjFECWfpBET2Hp6BiAn2qHWWWMLGAv1xIGBk/oQXn3ltDnrdeUZqDa
kSStA93mQBkfvHk5mw==
-----END CERTIFICATE-----
Generated at Thu Jan 11 20:58:31 2024 by rpki-client on console-fra.rpki-client.org