Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/SH7JqYVsaIuCr_GfbY7SyC1u04A.roa
File: SH7JqYVsaIuCr_GfbY7SyC1u04A.roa (raw, json)
Hash identifier: A+SGbfVqgbJ6bTlSr5yA/lyFcz1kUeoMrggjBScu9OM=
Subject key identifier: 48:7E:C9:A9:85:6C:68:8B:82:AF:F1:9F:6D:8E:D2:C8:2D:6E:D3:80
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019338F0912F92C0D83ACA1332E924ADA0B1
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/SH7JqYVsaIuCr_GfbY7SyC1u04A.roa
Signing time: Sun 17 Nov 2024 07:05:10 +0000
ROA not before: Sun 17 Nov 2024 07:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:4b41::/32 maxlen: 32
2a12:a340::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
2a13:8580::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Nov 2024 12:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:38:f0:91:2f:92:c0:d8:3a:ca:13:32:e9:24:ad:a0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 17 07:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=487ec9a9856c688b82aff19f6d8ed2c82d6ed380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b2:a7:bb:30:a6:86:63:51:aa:da:b5:53:11:
62:96:6c:35:46:7e:79:e5:2d:7e:ab:68:17:b9:9f:
30:95:48:d7:85:c5:b3:fb:d1:fc:35:68:e6:1e:c7:
a7:90:38:0c:6e:af:28:35:38:22:c1:21:e4:28:c8:
5c:9a:60:70:24:70:19:6b:7d:5e:1b:38:ad:a3:f5:
18:b8:68:32:44:c6:71:30:29:89:3f:e3:45:a9:0f:
10:ca:f8:66:43:69:5e:7b:b0:96:df:77:1c:71:7e:
d0:8b:b3:fe:e5:ae:a2:43:40:f0:83:43:d5:d0:55:
46:59:29:78:5d:fa:c8:fa:e3:6e:11:43:63:7a:2d:
93:3e:13:ba:c1:30:4c:1c:89:dd:a9:f2:19:2e:33:
74:ff:64:cf:fd:ac:f1:b3:76:86:b5:7c:5b:5b:eb:
82:59:51:a2:15:24:c3:83:29:ee:8d:46:a8:c5:5d:
d3:6e:bf:67:94:47:0b:bb:0c:72:ec:16:8c:31:42:
f0:be:75:20:a6:c2:ce:f5:9e:e4:44:0d:05:bc:e3:
fe:41:6d:c4:69:c9:aa:70:d1:d3:8f:ce:4a:01:b7:
23:cb:de:4e:eb:15:74:61:a4:42:78:6d:45:ec:6a:
ea:70:0e:d2:fc:4e:30:2b:97:0c:62:ea:34:a4:9f:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7E:C9:A9:85:6C:68:8B:82:AF:F1:9F:6D:8E:D2:C8:2D:6E:D3:80
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/SH7JqYVsaIuCr_GfbY7SyC1u04A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b41::/32
2a12:a340::/32
2a12:c304::/30
2a13:8580::/32
Signature Algorithm: sha256WithRSAEncryption
76:21:27:98:96:88:dd:81:da:a1:3f:75:5d:14:b0:f6:cc:3c:
c8:24:80:42:f0:a7:9f:1e:ac:c0:93:c1:c7:ad:08:e1:b5:0a:
73:05:4b:d7:a3:8e:ee:5d:fc:8d:fe:dd:bb:6f:a1:9c:c7:2f:
68:ea:a1:22:98:4d:79:a2:66:c7:33:cb:5b:cc:6f:a9:d3:b3:
44:f7:e4:90:4b:ca:89:b9:94:5d:56:f3:dd:3a:08:ea:55:d8:
f9:db:c5:5b:19:b1:d4:10:af:98:fd:7c:10:72:43:21:2e:22:
b0:60:e7:32:7a:b9:64:df:35:3e:fa:8c:ab:d5:ee:36:c4:10:
fd:55:5e:a3:90:e0:f8:fa:12:53:87:c8:ed:6c:e4:dd:f8:38:
46:a8:06:ac:44:b8:40:26:d2:55:5f:da:b3:05:57:73:ec:4d:
65:cb:a8:31:d4:04:b1:44:b7:db:65:fc:68:66:cf:77:02:6a:
5d:a4:46:83:27:b6:a1:31:21:1d:6a:3f:8e:ca:af:46:2f:28:
ef:4e:2e:cc:dd:af:f9:fa:95:30:69:af:46:f5:c0:74:7b:e7:
6e:d7:d0:8d:d6:0d:c2:f8:b9:3d:b2:dc:25:15:40:40:08:b0:
13:ab:b6:b6:2a:00:b8:3b:ea:30:6a:39:5e:6a:22:d9:0d:93:
26:d1:46:88
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZM48JEvksDYOsoTMukkraCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTE3MDcwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODdlYzlhOTg1NmM2ODhiODJhZmYxOWY2ZDhlZDJjODJkNmVkMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bKnuzCmhmNRqtq1UxFilmw1Rn55
5S1+q2gXuZ8wlUjXhcWz+9H8NWjmHsenkDgMbq8oNTgiwSHkKMhcmmBwJHAZa31e
Gzito/UYuGgyRMZxMCmJP+NFqQ8QyvhmQ2lee7CW33cccX7Qi7P+5a6iQ0Dwg0PV
0FVGWSl4XfrI+uNuEUNjei2TPhO6wTBMHIndqfIZLjN0/2TP/azxs3aGtXxbW+uC
WVGiFSTDgynujUaoxV3Tbr9nlEcLuwxy7BaMMULwvnUgpsLO9Z7kRA0FvOP+QW3E
acmqcNHTj85KAbcjy95O6xV0YaRCeG1F7GrqcA7S/E4wK5cMYuo0pJ+joQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEh+yamFbGiLgq/xn22O0sgtbtOAMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvU0g3SnFZVnNhSXVDcl9HZmJZN1N5QzF1MDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFLQQMF
ACoSo0ADBQIqEsMEAwUAKhOFgDANBgkqhkiG9w0BAQsFAAOCAQEAdiEnmJaI3YHa
oT91XRSw9sw8yCSAQvCnnx6swJPBx60I4bUKcwVL16OO7l38jf7du2+hnMcvaOqh
IphNeaJmxzPLW8xvqdOzRPfkkEvKibmUXVbz3ToI6lXY+dvFWxmx1BCvmP18EHJD
IS4isGDnMnq5ZN81PvqMq9XuNsQQ/VVeo5Dg+PoSU4fI7Wzk3fg4RqgGrES4QCbS
VV/aswVXc+xNZcuoMdQEsUS322X8aGbPdwJqXaRGgye2oTEhHWo/jsqvRi8o704u
zN2v+fqVMGmvRvXAdHvnbtfQjdYNwvi5PbLcJRVAQAiwE6u2tioAuDvqMGo5Xmoi
2Q2TJtFGiA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:55 2024 by rpki-client on console-fra.rpki-client.org