Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3dBMJD7bwu2BlPPq4O5dEeTRrG8.roa
File: 3dBMJD7bwu2BlPPq4O5dEeTRrG8.roa (raw, json)
Hash identifier: TIMv1Zwji2DPi/2hxYczTfnEqEo+qBYgo0ZmzfkDNjc=
Subject key identifier: DD:D0:4C:24:3E:DB:C2:ED:81:94:F3:EA:E0:EE:5D:11:E4:D1:AC:6F
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01909E9DB73B5E212197AC703C7783A265DE
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3dBMJD7bwu2BlPPq4O5dEeTRrG8.roa
Signing time: Wed 10 Jul 2024 21:47:34 +0000
ROA not before: Wed 10 Jul 2024 21:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a11:1340::/29 maxlen: 29
2a11:2c40::/29 maxlen: 29
2a11:3180::/29 maxlen: 29
2a11:4340::/29 maxlen: 29
2a11:4a00::/29 maxlen: 29
2a11:6340::/29 maxlen: 29
2a11:7880::/29 maxlen: 29
2a11:8500::/29 maxlen: 29
2a12:3bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Aug 2024 14:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9e:9d:b7:3b:5e:21:21:97:ac:70:3c:77:83:a2:65:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jul 10 21:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddd04c243edbc2ed8194f3eae0ee5d11e4d1ac6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c1:c1:49:8b:be:a8:ef:70:ab:95:a2:0c:a8:
fa:e5:d2:3c:6f:31:49:ff:a9:43:fb:5b:04:37:43:
2c:f9:22:62:58:b0:9e:be:6d:2c:84:04:cc:7c:72:
49:91:c2:6a:ac:4b:be:e3:a7:3e:9e:ca:47:fc:12:
5b:3c:ab:d9:9e:a2:66:c5:b3:a2:c5:9f:a1:d3:24:
16:18:dc:be:27:5c:1d:6b:08:fb:8e:b9:4e:25:8d:
8a:8c:72:84:d2:5a:87:3b:4c:6a:69:22:df:58:d5:
1d:7a:74:c3:60:47:e7:a5:eb:5c:50:55:d2:6b:75:
d1:ca:b3:b5:e5:0b:e7:79:e5:9b:d8:86:68:ee:ef:
cc:c5:ae:f7:e5:27:25:a1:4d:15:a0:c6:dd:09:75:
c3:2a:16:08:95:4a:96:82:84:9d:3f:4f:ea:fc:cd:
7a:b6:1f:70:2c:e1:fa:28:6c:b1:6b:6e:9c:72:bc:
4e:fe:51:96:54:1e:67:76:dd:dd:bd:39:2a:b8:22:
bf:87:c0:39:b9:15:1c:0e:e6:2d:fa:43:45:9c:5f:
a5:c4:b2:6b:13:b0:b8:03:d3:f6:f9:71:76:ba:06:
91:82:26:1f:8e:df:6d:86:0b:74:f8:31:a6:07:8a:
ee:18:ec:ba:57:63:e2:95:5a:96:38:5c:45:bd:d2:
6a:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D0:4C:24:3E:DB:C2:ED:81:94:F3:EA:E0:EE:5D:11:E4:D1:AC:6F
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3dBMJD7bwu2BlPPq4O5dEeTRrG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1340::/29
2a11:2c40::/29
2a11:3180::/29
2a11:4340::/29
2a11:4a00::/29
2a11:6340::/29
2a11:7880::/29
2a11:8500::/29
2a12:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:41:8b:32:26:cf:e5:65:a5:e0:3d:17:62:7e:21:20:ac:df:
94:e7:08:31:b7:bf:e8:b7:ee:27:ee:b2:4b:07:1a:a8:c8:cf:
f0:59:99:95:50:d3:2c:73:99:64:f9:ef:6b:cd:94:5c:07:fa:
74:ec:b2:a8:c0:3b:a4:8b:2c:fd:a3:53:ff:ef:63:c6:93:0c:
f3:23:c5:27:64:38:85:c3:4e:4a:52:db:a5:4c:03:ca:07:b1:
43:ff:b6:9f:94:d4:3f:5a:af:b2:ae:20:aa:1b:99:6f:c3:5e:
b9:aa:2c:87:13:ed:e0:b5:85:b1:05:17:55:67:41:f1:4d:1e:
ec:0c:01:4f:59:bc:9c:41:1e:5f:46:60:89:90:0e:c6:d5:c9:
a7:a2:39:52:cb:2b:52:d3:06:21:dd:b6:9c:d0:90:6a:46:ab:
ad:67:8b:52:e9:8e:0b:d1:a4:3f:0b:1f:19:74:f9:a9:25:c4:
76:a5:4d:a4:36:78:3e:21:b4:a8:fe:d3:6b:43:93:1d:2a:ea:
20:e3:86:09:62:62:65:50:2c:64:7d:e4:3a:b3:dc:cb:88:fa:
8b:01:ad:55:4c:9a:0c:71:bf:a1:17:36:06:c7:c2:36:8e:2d:
f6:a9:1a:5c:4f:01:83:58:e8:3c:0f:c6:05:9f:9d:ef:64:08:
44:10:d4:45
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZCenbc7XiEhl6xwPHeDomXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwNzEwMjE0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQwNGMyNDNlZGJjMmVkODE5NGYzZWFlMGVlNWQxMWU0ZDFhYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cHBSYu+qO9wq5WiDKj65dI8bzFJ
/6lD+1sEN0Ms+SJiWLCevm0shATMfHJJkcJqrEu+46c+nspH/BJbPKvZnqJmxbOi
xZ+h0yQWGNy+J1wdawj7jrlOJY2KjHKE0lqHO0xqaSLfWNUdenTDYEfnpetcUFXS
a3XRyrO15QvneeWb2IZo7u/Mxa735ScloU0VoMbdCXXDKhYIlUqWgoSdP0/q/M16
th9wLOH6KGyxa26ccrxO/lGWVB5ndt3dvTkquCK/h8A5uRUcDuYt+kNFnF+lxLJr
E7C4A9P2+XF2ugaRgiYfjt9thgt0+DGmB4ruGOy6V2PilVqWOFxFvdJqkQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFN3QTCQ+28LtgZTz6uDuXRHk0axvMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvM2RCTUpEN2J3dTJCbFBQcTRPNWRFZVRSckc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhETQAMF
AyoRLEADBQMqETGAAwUDKhFDQAMFAyoRSgADBQMqEWNAAwUDKhF4gAMFAyoRhQAD
BQMqEjvAMA0GCSqGSIb3DQEBCwUAA4IBAQCcQYsyJs/lZaXgPRdifiEgrN+U5wgx
t7/ot+4n7rJLBxqoyM/wWZmVUNMsc5lk+e9rzZRcB/p07LKowDukiyz9o1P/72PG
kwzzI8UnZDiFw05KUtulTAPKB7FD/7aflNQ/Wq+yriCqG5lvw165qiyHE+3gtYWx
BRdVZ0HxTR7sDAFPWbycQR5fRmCJkA7G1cmnojlSyytS0wYh3bac0JBqRqutZ4tS
6Y4L0aQ/Cx8ZdPmpJcR2pU2kNng+IbSo/tNrQ5MdKuog44YJYmJlUCxkfeQ6s9zL
iPqLAa1VTJoMcb+hFzYGx8I2ji32qRpcTwGDWOg8D8YFn53vZAhEENRF
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:39:58 2024 by rpki-client on console-fra.rpki-client.org