Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ERR8uTmNC3vaCiEfoE9Go0dctDc.roa
File: ERR8uTmNC3vaCiEfoE9Go0dctDc.roa (raw, json)
Hash identifier: UW08JFIGDRMMl++T6JrEqhh61Cc3MH2jVkAZz5IaPs8=
Subject key identifier: 11:14:7C:B9:39:8D:0B:7B:DA:0A:21:1F:A0:4F:46:A3:47:5C:B4:37
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191824F5491BB31F0C207057C9EB472BF7A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ERR8uTmNC3vaCiEfoE9Go0dctDc.roa
Signing time: Sat 24 Aug 2024 02:55:22 +0000
ROA not before: Sat 24 Aug 2024 02:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 2a09:6281::/32 maxlen: 32
2a09:6282::/32 maxlen: 32
2a09:6283::/32 maxlen: 32
2a09:e2c4::/32 maxlen: 32
2a09:e2c5::/32 maxlen: 32
2a09:e2c6::/32 maxlen: 32
2a09:e2c7::/32 maxlen: 32
2a10:4102::/32 maxlen: 32
2a10:4106::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c300::/32 maxlen: 32
2a12:c301::/32 maxlen: 32
2a12:c302::/32 maxlen: 32
2a12:c303::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 Aug 2024 03:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:82:4f:54:91:bb:31:f0:c2:07:05:7c:9e:b4:72:bf:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 24 02:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11147cb9398d0b7bda0a211fa04f46a3475cb437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:26:8d:0b:34:f2:5e:71:72:86:c2:5a:fa:aa:
fc:0a:45:3d:f1:d7:b0:75:bf:89:8c:98:81:b3:9e:
6a:4f:20:85:df:fb:74:37:48:51:96:cf:96:84:c7:
f5:cd:86:5f:92:aa:74:ad:ec:48:df:aa:0b:6d:1c:
c7:7d:3a:b6:7c:37:7b:ee:11:43:c7:d3:d6:e0:37:
e9:b7:09:e8:da:b2:95:14:ab:57:ce:9b:d0:24:9c:
8c:09:09:78:89:66:5e:2b:ec:43:e3:44:8b:80:fa:
14:4e:b4:7f:37:5a:85:1d:62:22:99:89:7a:d1:ab:
48:86:fe:60:79:bc:9f:7b:ba:33:cd:26:20:75:d2:
e5:21:56:93:7b:69:5f:67:8c:46:7e:af:94:2b:ec:
f2:63:82:68:fc:46:23:f9:11:d7:6d:d0:3c:54:d1:
63:c0:bd:1f:8e:7a:dc:b0:6e:18:91:96:b4:cb:0d:
4b:d0:2a:0e:f6:5f:a9:5a:4b:70:d4:4f:98:9d:19:
1c:6e:77:53:5f:ee:a7:73:11:ae:21:d7:a8:d4:20:
d5:75:68:e1:e3:bf:ff:98:1a:8e:d8:00:2f:b8:6f:
5d:a8:89:b1:35:60:11:14:64:c7:1f:90:e8:30:33:
02:5e:73:79:2d:34:a1:2e:4a:78:0f:b8:1f:e3:18:
dd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:14:7C:B9:39:8D:0B:7B:DA:0A:21:1F:A0:4F:46:A3:47:5C:B4:37
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ERR8uTmNC3vaCiEfoE9Go0dctDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6281::-2a09:6283:ffff:ffff:ffff:ffff:ffff:ffff
2a09:e2c4::/30
2a10:4102::/32
2a10:4106::/32
2a12:c300::/30
Signature Algorithm: sha256WithRSAEncryption
a6:5a:a3:7a:99:7e:7a:a7:a2:00:cc:91:c3:db:16:c0:e0:2a:
71:c1:b3:3e:10:b2:53:5d:09:98:37:7e:8b:80:8e:10:7c:1a:
36:5f:96:8a:b0:59:5c:ec:2f:df:be:a3:d4:a1:a6:0e:b5:dc:
73:6a:80:90:db:6b:3d:64:bc:05:b9:b9:dc:10:63:a5:db:f8:
45:4e:09:25:5c:06:91:94:7b:de:4d:93:fb:1b:0b:f5:84:f5:
0e:12:6e:b7:d8:7a:7c:36:0c:23:00:e9:4a:3a:92:50:85:c6:
a8:d2:56:c1:57:a7:e6:76:01:84:75:35:da:99:f1:06:24:9c:
d5:25:eb:ef:1d:97:58:ae:26:53:0a:54:29:01:23:b1:05:1d:
5e:26:48:88:93:14:43:8f:33:eb:4b:75:94:26:07:51:fc:85:
59:b6:9e:d1:2e:01:69:32:5c:35:e5:2d:9e:d0:9f:9e:69:b4:
b4:c5:ed:47:6a:3f:60:ec:59:e6:d5:cd:b2:c1:b3:67:73:74:
61:ad:11:85:80:92:97:51:cc:40:1e:c0:86:c1:17:cc:f4:d1:
4c:f3:4b:04:23:92:04:05:f5:e9:61:1f:d9:79:68:ce:a8:b4:
40:be:b8:59:50:e6:25:3c:3d:e8:69:34:14:85:f9:19:f7:89:
56:e5:fb:f6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZGCT1SRuzHwwgcFfJ60cr96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwODI0MDI1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE0N2NiOTM5OGQwYjdiZGEwYTIxMWZhMDRmNDZhMzQ3NWNiNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCaNCzTyXnFyhsJa+qr8CkU98dew
db+JjJiBs55qTyCF3/t0N0hRls+WhMf1zYZfkqp0rexI36oLbRzHfTq2fDd77hFD
x9PW4Dfptwno2rKVFKtXzpvQJJyMCQl4iWZeK+xD40SLgPoUTrR/N1qFHWIimYl6
0atIhv5gebyfe7ozzSYgddLlIVaTe2lfZ4xGfq+UK+zyY4Jo/EYj+RHXbdA8VNFj
wL0fjnrcsG4YkZa0yw1L0CoO9l+pWktw1E+YnRkcbndTX+6ncxGuIdeo1CDVdWjh
47//mBqO2AAvuG9dqImxNWARFGTHH5DoMDMCXnN5LTShLkp4D7gf4xjdRwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBEUfLk5jQt72gohH6BPRqNHXLQ3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRVJSOHVUbU5DM3ZhQ2lFZm9FOUdvMGRjdERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsMA4DBQAqCWKB
AwUCKgligAMFAioJ4sQDBQAqEEECAwUAKhBBBgMFAioSwwAwDQYJKoZIhvcNAQEL
BQADggEBAKZao3qZfnqnogDMkcPbFsDgKnHBsz4QslNdCZg3fouAjhB8GjZfloqw
WVzsL9++o9Shpg613HNqgJDbaz1kvAW5udwQY6Xb+EVOCSVcBpGUe95Nk/sbC/WE
9Q4SbrfYenw2DCMA6Uo6klCFxqjSVsFXp+Z2AYR1NdqZ8QYknNUl6+8dl1iuJlMK
VCkBI7EFHV4mSIiTFEOPM+tLdZQmB1H8hVm2ntEuAWkyXDXlLZ7Qn55ptLTF7Udq
P2DsWebVzbLBs2dzdGGtEYWAkpdRzEAewIbBF8z00UzzSwQjkgQF9elhH9l5aM6o
tEC+uFlQ5iU8PehpNBSF+Rn3iVbl+/Y=
-----END CERTIFICATE-----
Generated at Fri Aug 30 04:40:55 2024 by rpki-client on console-fra.rpki-client.org