Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8R46XWh4obu5L_YSeKmd5KhnHz8.roa
File: 8R46XWh4obu5L_YSeKmd5KhnHz8.roa (raw, json)
Hash identifier: UhKdUAUhHIMdxkbDZ2rRI4ycpt9HjalGIB9pyjOdIM0=
Subject key identifier: F1:1E:3A:5D:68:78:A1:BB:B9:2F:F6:12:78:A9:9D:E4:A8:67:1F:3F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018F1157F768A15E6CBCA7BDF82A01752C71
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8R46XWh4obu5L_YSeKmd5KhnHz8.roa
Signing time: Wed 24 Apr 2024 18:22:08 +0000
ROA not before: Wed 24 Apr 2024 18:22:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:e8c0::/29 maxlen: 29
2a11:ea80::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:1040::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:8580::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9300::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Apr 2024 19:14:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:57:f7:68:a1:5e:6c:bc:a7:bd:f8:2a:01:75:2c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 24 18:22:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f11e3a5d6878a1bbb92ff61278a99de4a8671f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c7:c0:c5:e8:f0:f3:cf:b7:21:69:5a:a8:47:
66:89:30:9f:9b:c6:0e:4f:35:55:40:b7:7c:ea:ad:
9f:d0:83:11:bf:01:ea:63:89:8b:f3:1c:12:59:95:
43:e8:46:f9:d8:f0:14:75:d1:21:79:b5:fc:38:ac:
a3:bd:db:33:62:0a:a4:7c:06:a1:b3:16:ca:ac:c0:
64:05:60:51:47:ea:1c:c6:16:91:df:03:ff:6b:d7:
1f:86:10:d6:d4:22:fe:a1:05:fe:0d:b6:45:d8:79:
1d:e7:0a:9c:26:4a:7d:1c:0a:5b:98:6b:6f:39:53:
76:85:db:68:3a:66:41:c0:1c:b2:1d:25:ed:ed:cf:
ef:c8:cd:4f:de:07:f2:f1:a9:4b:3d:99:bd:fb:25:
1d:de:79:81:6d:45:cf:4e:07:30:5d:94:9c:38:fc:
5a:e5:7e:83:26:c6:1f:63:10:53:00:c2:5d:3b:f5:
cc:f2:db:eb:4a:e2:31:39:05:e8:ab:08:a5:59:31:
83:0e:ab:07:4e:ab:35:6c:3c:39:f6:05:23:6b:42:
e9:b8:ef:ac:78:95:1a:aa:d3:89:d2:14:8c:e3:73:
46:24:f4:f8:c8:af:8f:0c:87:85:3d:9a:92:95:7f:
9b:4c:1f:6b:ef:bd:49:6a:c1:c5:50:6a:94:0f:a6:
38:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:3A:5D:68:78:A1:BB:B9:2F:F6:12:78:A9:9D:E4:A8:67:1F:3F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8R46XWh4obu5L_YSeKmd5KhnHz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e8c0::/29
2a11:ea80::/29
2a11:ff40::/29
2a12:1040::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:8580::/29
2a12:8a00::/29
2a12:9300::/29
2a12:d080::/29
Signature Algorithm: sha256WithRSAEncryption
2b:1f:f5:8f:3c:78:fd:f7:0d:e6:fc:a5:8f:af:f5:95:3b:73:
2b:43:d0:eb:e0:dd:86:79:35:f0:52:6a:92:b6:38:0a:98:4c:
fe:b5:c3:9d:62:fa:a7:32:b4:43:6b:de:44:33:c7:f8:1f:a0:
f1:38:9f:58:b0:fb:6d:59:bc:34:c0:f8:26:cc:ae:69:a8:1d:
65:df:16:f1:08:12:a0:b9:bf:c8:56:ac:2a:d0:2b:20:00:83:
f2:6e:24:b7:ef:48:ef:30:9f:c7:eb:9a:ef:4c:c7:54:98:e1:
6b:9d:b1:4f:42:a3:c2:69:d8:32:6c:b2:29:c1:44:e2:62:80:
99:42:21:ab:3f:4d:a5:56:35:47:da:c3:98:99:e3:e3:90:d3:
79:12:55:6a:c7:7c:6d:f6:4f:0c:16:63:a4:db:60:b2:a8:31:
06:16:3a:24:8a:28:b5:91:c4:83:3f:87:30:db:70:18:04:ee:
3f:8c:a3:9b:46:36:87:22:2f:9b:7b:4a:54:83:2d:5b:02:96:
dc:c6:d9:bd:52:4b:2b:68:4a:4a:50:9d:f2:b7:be:dc:8b:c1:
22:5b:dc:bc:9b:e7:4c:ec:f4:30:71:36:4c:83:93:e2:0b:ef:
9f:64:f1:e0:af:6c:b6:e4:0e:af:bd:61:b0:59:b7:8c:57:c7:
25:48:5e:82
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY8RV/dooV5svKe9+CoBdSxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDI0MTgyMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFlM2E1ZDY4NzhhMWJiYjkyZmY2MTI3OGE5OWRlNGE4NjcxZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMfAxejw88+3IWlaqEdmiTCfm8YO
TzVVQLd86q2f0IMRvwHqY4mL8xwSWZVD6Eb52PAUddEhebX8OKyjvdszYgqkfAah
sxbKrMBkBWBRR+ocxhaR3wP/a9cfhhDW1CL+oQX+DbZF2Hkd5wqcJkp9HApbmGtv
OVN2hdtoOmZBwByyHSXt7c/vyM1P3gfy8alLPZm9+yUd3nmBbUXPTgcwXZScOPxa
5X6DJsYfYxBTAMJdO/XM8tvrSuIxOQXoqwilWTGDDqsHTqs1bDw59gUja0LpuO+s
eJUaqtOJ0hSM43NGJPT4yK+PDIeFPZqSlX+bTB9r771JasHFUGqUD6Y4JwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPEeOl1oeKG7uS/2EnipneSoZx8/MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOFI0NlhXaDRvYnU1TF9ZU2VLbWQ1S2huSHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKhHowAMF
AyoR6oADBQMqEf9AAwUDKhIQQAMFAyoSLoADBQMqEjwAAwUDKhKFgAMFAyoSigAD
BQMqEpMAAwUDKhLQgDANBgkqhkiG9w0BAQsFAAOCAQEAKx/1jzx4/fcN5vylj6/1
lTtzK0PQ6+Ddhnk18FJqkrY4CphM/rXDnWL6pzK0Q2veRDPH+B+g8TifWLD7bVm8
NMD4JsyuaagdZd8W8QgSoLm/yFasKtArIACD8m4kt+9I7zCfx+ua70zHVJjha52x
T0KjwmnYMmyyKcFE4mKAmUIhqz9NpVY1R9rDmJnj45DTeRJVasd8bfZPDBZjpNtg
sqgxBhY6JIootZHEgz+HMNtwGATuP4yjm0Y2hyIvm3tKVIMtWwKW3MbZvVJLK2hK
SlCd8re+3IvBIlvcvJvnTOz0MHE2TIOT4gvvn2Tx4K9stuQOr71hsFm3jFfHJUhe
gg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 02:29:23 2024 by rpki-client on console.sobornost.net