Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/L02AP1p4Xem_DvwNWhMH5XaqCqc.roa
File: L02AP1p4Xem_DvwNWhMH5XaqCqc.roa (raw, json)
Hash identifier: 0ih+YpTM61y/WPrhq/bij0rPrLVjIPUNuJtv4ht/pI8=
Subject key identifier: 2F:4D:80:3F:5A:78:5D:E9:BF:0E:FC:0D:5A:13:07:E5:76:AA:0A:A7
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018D4910E434533CF271CF8D7BAAA459A46D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/L02AP1p4Xem_DvwNWhMH5XaqCqc.roa
Signing time: Sat 27 Jan 2024 03:57:40 +0000
ROA not before: Sat 27 Jan 2024 03:57:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Feb 2024 03:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:49:10:e4:34:53:3c:f2:71:cf:8d:7b:aa:a4:59:a4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 27 03:57:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f4d803f5a785de9bf0efc0d5a1307e576aa0aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:59:6a:8e:54:4d:c5:9f:1b:a0:3e:23:2f:b6:
1d:9b:e9:92:e5:04:1b:8c:13:16:de:3f:55:81:71:
97:55:d6:f2:b0:20:6c:d5:ab:27:62:a1:c5:eb:28:
9a:61:40:84:12:01:9d:f4:f4:51:94:b0:ac:1e:db:
00:64:08:a8:52:c0:5e:21:4b:68:66:5c:82:ec:91:
45:96:aa:e8:c7:95:8e:7d:5c:41:a2:07:58:b0:a5:
b9:35:eb:37:9b:0d:21:5a:b1:19:91:3c:19:cc:d2:
34:83:c4:41:a1:bc:b6:f0:ca:1c:de:19:7f:24:d0:
03:8d:54:5e:ed:61:22:e0:3a:24:0e:9b:00:1e:26:
33:93:1f:3b:43:6b:1e:97:99:8f:68:a7:a6:8c:be:
95:43:b3:c1:a1:ff:79:34:42:69:4f:a0:dc:f3:72:
fe:fd:8d:2e:34:15:04:51:7e:c0:36:dc:aa:9b:2f:
5a:8e:ee:d8:a9:5f:54:ea:9d:3c:fb:88:f2:6a:00:
d4:70:07:a0:48:68:dd:72:aa:af:bf:98:fe:31:37:
a8:ba:23:f1:b7:d8:57:96:29:7f:6c:b2:10:49:f3:
3f:0c:95:d2:2e:6a:1d:54:6a:fb:9e:c0:52:d9:e7:
7f:96:2c:5d:bb:a2:ed:25:41:6c:33:f1:65:2b:3f:
41:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4D:80:3F:5A:78:5D:E9:BF:0E:FC:0D:5A:13:07:E5:76:AA:0A:A7
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/L02AP1p4Xem_DvwNWhMH5XaqCqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a11:4b44::/30
2a12:a343::/32
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
8c:28:db:89:7d:79:e0:c8:4d:ea:ff:a8:10:a1:fe:f9:52:07:
78:8c:3a:c1:f0:08:af:c1:f2:68:8c:31:82:d1:5f:f8:00:5f:
2e:f8:c5:6c:84:ae:70:5d:0d:7d:2a:78:8f:80:a9:dc:30:0b:
79:9a:78:92:52:92:72:fd:ac:06:5c:fb:3f:6c:f0:ed:45:21:
5a:ba:7c:a6:ac:f9:e9:19:03:21:66:48:cb:dd:49:b2:7d:3b:
11:09:22:b1:9b:17:5f:2e:4f:bb:28:f2:95:5f:6b:59:71:71:
6c:8b:2c:00:8f:b4:cd:28:b9:07:ed:15:b0:4f:a6:3a:8d:31:
f3:c6:f2:6b:93:92:fc:a4:59:9a:d6:50:d3:bd:56:33:c4:00:
5b:2f:d9:42:79:a5:b1:1a:88:31:f1:67:59:d7:4d:76:96:db:
63:23:ec:0d:fa:33:eb:cd:53:ac:e1:48:da:1c:fc:1c:20:e7:
4d:e6:4b:1f:49:94:3d:6d:b1:c7:77:d4:f3:de:95:04:be:07:
ad:35:90:47:b2:34:07:61:00:5c:80:10:f5:bd:e0:ff:e7:c2:
9a:fe:0c:a9:24:f6:27:36:ee:f1:01:20:d7:5b:56:8d:42:c0:
2d:d8:7e:81:bb:9a:aa:e1:3a:59:86:95:2d:d5:cf:30:db:df:
fd:b1:3c:ad
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY1JEOQ0Uzzycc+Ne6qkWaRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTI3MDM1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRkODAzZjVhNzg1ZGU5YmYwZWZjMGQ1YTEzMDdlNTc2YWEwYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFlqjlRNxZ8boD4jL7Ydm+mS5QQb
jBMW3j9VgXGXVdbysCBs1asnYqHF6yiaYUCEEgGd9PRRlLCsHtsAZAioUsBeIUto
ZlyC7JFFlqrox5WOfVxBogdYsKW5Nes3mw0hWrEZkTwZzNI0g8RBoby28Moc3hl/
JNADjVRe7WEi4DokDpsAHiYzkx87Q2sel5mPaKemjL6VQ7PBof95NEJpT6Dc83L+
/Y0uNBUEUX7ANtyqmy9aju7YqV9U6p08+4jyagDUcAegSGjdcqqvv5j+MTeouiPx
t9hXlil/bLIQSfM/DJXSLmodVGr7nsBS2ed/lixdu6LtJUFsM/FlKz9BNQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC9NgD9aeF3pvw78DVoTB+V2qgqnMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTDAyQVAxcDRYZW1fRHZ3TldoTUg1WGFxQ3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFLQAMF
AioRS0QDBQAqEqNDAwUAKhKjRjANBgkqhkiG9w0BAQsFAAOCAQEAjCjbiX154MhN
6v+oEKH++VIHeIw6wfAIr8HyaIwxgtFf+ABfLvjFbISucF0NfSp4j4Cp3DALeZp4
klKScv2sBlz7P2zw7UUhWrp8pqz56RkDIWZIy91Jsn07EQkisZsXXy5PuyjylV9r
WXFxbIssAI+0zSi5B+0VsE+mOo0x88bya5OS/KRZmtZQ071WM8QAWy/ZQnmlsRqI
MfFnWddNdpbbYyPsDfoz681TrOFI2hz8HCDnTeZLH0mUPW2xx3fU896VBL4HrTWQ
R7I0B2EAXIAQ9b3g/+fCmv4MqST2Jzbu8QEg11tWjULALdh+gbuaquE6WYaVLdXP
MNvf/bE8rQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org