Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/viZNH5sRd5CIaxUiWxbb44xXPlU.roa
File: viZNH5sRd5CIaxUiWxbb44xXPlU.roa (raw, json)
Hash identifier: ytWfGhtZ4YOyp/HO7NfLU+w5R7s/AosbZlpfcNjaBVE=
Subject key identifier: BE:26:4D:1F:9B:11:77:90:88:6B:15:22:5B:16:DB:E3:8C:57:3E:55
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019305BAFFDEE8943A893CE6C50E9678824C
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/viZNH5sRd5CIaxUiWxbb44xXPlU.roa
Signing time: Thu 07 Nov 2024 08:26:01 +0000
ROA not before: Thu 07 Nov 2024 08:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 2a11:4b40::/32 maxlen: 32
2a11:4b41::/32 maxlen: 32
2a12:a340::/32 maxlen: 32
2a12:c304::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 14 Nov 2024 11:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:ba:ff:de:e8:94:3a:89:3c:e6:c5:0e:96:78:82:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 7 08:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be264d1f9b117790886b15225b16dbe38c573e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5d:64:34:91:df:42:ae:74:fb:d9:0c:26:77:
bb:df:32:4e:af:64:fb:ce:75:1f:22:a3:c1:60:ee:
62:06:0a:dc:6f:94:1f:94:59:f1:29:36:71:b7:c5:
92:f3:fa:7d:99:5d:21:2f:d7:37:2f:31:2d:9d:63:
c0:53:64:60:22:5f:d3:0e:09:43:1f:e8:d0:d9:1c:
ce:e7:7e:7b:6e:ae:ac:f3:2b:6d:d3:95:80:f8:e5:
91:8f:e4:12:a6:92:d7:e9:b5:d4:3d:bd:b9:78:56:
b7:a6:5d:77:33:8e:31:55:c9:a8:70:60:a8:6f:d1:
23:e6:87:5e:92:54:9b:b1:be:c4:9d:c2:07:4f:a9:
5d:9b:15:52:52:8b:fe:32:a1:2b:08:ba:0b:5c:46:
ba:74:40:cc:a6:b7:77:b0:da:32:b8:c1:a5:94:cf:
0a:cd:3b:c3:c6:5e:d7:07:96:a5:2d:63:44:ec:70:
d9:44:03:9f:b4:81:19:91:7c:33:22:83:8e:b2:40:
cb:0c:0f:ef:db:1e:50:a8:cb:8e:89:60:ee:eb:11:
eb:fe:3e:98:2d:3a:7c:95:fa:78:25:fb:a0:7d:a4:
f0:ab:66:b2:bd:b7:ad:fc:65:b7:51:42:78:68:c9:
6a:34:c4:32:12:ad:74:48:67:01:04:21:c7:15:99:
ab:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:26:4D:1F:9B:11:77:90:88:6B:15:22:5B:16:DB:E3:8C:57:3E:55
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/viZNH5sRd5CIaxUiWxbb44xXPlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/31
2a12:a340::/32
2a12:c304::/30
Signature Algorithm: sha256WithRSAEncryption
16:e2:5f:b8:ae:6c:28:6d:5a:7a:eb:fe:83:ac:27:1c:08:48:
fc:3e:70:2c:2f:cb:86:ab:6b:bd:fc:db:04:ac:a7:c5:32:a9:
02:14:a1:f8:2f:e2:60:c4:2b:61:b7:21:4f:48:0b:d8:19:33:
36:79:a3:f2:ff:a7:59:03:d0:bf:40:67:12:8b:52:6d:b3:e3:
fb:43:34:b5:d2:72:ae:ee:55:df:61:40:e5:9d:3d:19:d0:f8:
e7:81:77:89:dd:b5:c2:66:a5:4a:32:60:23:fe:33:49:92:18:
a9:2d:75:4b:93:3d:0e:f0:a5:34:50:34:f6:b0:85:c2:aa:7d:
6f:e4:9e:68:19:f5:40:4c:cc:42:ff:fe:0c:67:42:4d:d4:a7:
db:39:43:78:33:58:b9:d0:ec:c3:bd:0f:09:bf:05:4d:b4:50:
1b:81:56:dc:55:6d:85:1e:b4:a2:61:f0:f9:14:37:60:3d:92:
cd:b9:a3:1e:16:2a:05:c2:20:a8:2e:49:1d:a4:8d:be:f0:ad:
96:2d:86:91:b0:a2:48:78:65:c4:9b:82:52:60:0f:8f:1b:76:
0d:2f:d2:65:42:cc:45:22:29:e7:1b:f1:c6:40:d2:de:6b:d1:
f2:25:37:1c:b9:8d:48:4b:3c:4f:40:66:2a:7b:bc:29:82:ce:
75:a3:bd:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMFuv/e6JQ6iTzmxQ6WeIJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTA3MDgyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTI2NGQxZjliMTE3NzkwODg2YjE1MjI1YjE2ZGJlMzhjNTczZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5F1kNJHfQq50+9kMJne73zJOr2T7
znUfIqPBYO5iBgrcb5QflFnxKTZxt8WS8/p9mV0hL9c3LzEtnWPAU2RgIl/TDglD
H+jQ2RzO5357bq6s8ytt05WA+OWRj+QSppLX6bXUPb25eFa3pl13M44xVcmocGCo
b9Ej5odeklSbsb7EncIHT6ldmxVSUov+MqErCLoLXEa6dEDMprd3sNoyuMGllM8K
zTvDxl7XB5alLWNE7HDZRAOftIEZkXwzIoOOskDLDA/v2x5QqMuOiWDu6xHr/j6Y
LTp8lfp4JfugfaTwq2ayvbet/GW3UUJ4aMlqNMQyEq10SGcBBCHHFZmr8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL4mTR+bEXeQiGsVIlsW2+OMVz5VMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdmlaTkg1c1JkNUNJYXhVaVd4YmI0NHhYUGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUBKhFLQAMF
ACoSo0ADBQIqEsMEMA0GCSqGSIb3DQEBCwUAA4IBAQAW4l+4rmwobVp66/6DrCcc
CEj8PnAsL8uGq2u9/NsErKfFMqkCFKH4L+JgxCthtyFPSAvYGTM2eaPy/6dZA9C/
QGcSi1Jts+P7QzS10nKu7lXfYUDlnT0Z0PjngXeJ3bXCZqVKMmAj/jNJkhipLXVL
kz0O8KU0UDT2sIXCqn1v5J5oGfVATMxC//4MZ0JN1KfbOUN4M1i50OzDvQ8JvwVN
tFAbgVbcVW2FHrSiYfD5FDdgPZLNuaMeFioFwiCoLkkdpI2+8K2WLYaRsKJIeGXE
m4JSYA+PG3YNL9JlQsxFIinnG/HGQNLea9HyJTccuY1ISzxPQGYqe7wpgs51o72o
-----END CERTIFICATE-----
Generated at Thu Nov 14 14:16:25 2024 by rpki-client on console-fra.rpki-client.org