Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lkQFYY8Disq_FOpLlEurKGhe32g.roa
File: lkQFYY8Disq_FOpLlEurKGhe32g.roa (raw, json)
Hash identifier: FDAfCxru+ZRKK0B9AWywx6Gv7BqCzHt3UWmcwpo0Csg=
Subject key identifier: 96:44:05:61:8F:03:8A:CA:BF:14:EA:4B:94:4B:AB:28:68:5E:DF:68
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F54B93E5A82EC30275D7768D9BADA2FD6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lkQFYY8Disq_FOpLlEurKGhe32g.roa
Signing time: Tue 07 May 2024 20:22:57 +0000
ROA not before: Tue 07 May 2024 20:22:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214953
IP address blocks: 2a10:2f01:403::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 07:45:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:b9:3e:5a:82:ec:30:27:5d:77:68:d9:ba:da:2f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 7 20:22:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=964405618f038acabf14ea4b944bab28685edf68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:80:aa:2c:c2:5b:3d:cf:10:6f:8e:1d:06:
eb:e9:ef:83:80:da:7d:ad:85:f5:67:24:89:f2:8e:
21:f9:7c:b7:f9:f1:fb:c5:06:2b:49:5e:f5:6b:1d:
9d:16:a6:9b:7b:7d:b4:4e:a7:af:18:b5:e1:0c:0d:
e5:d4:04:46:0e:5f:4f:14:f4:06:f7:87:d1:fd:93:
7e:00:2f:56:d8:12:d2:0b:c5:b9:d1:9a:5f:4e:fa:
1e:ab:c4:5d:44:e3:fc:8c:32:c8:bd:0f:05:f7:d2:
a6:c1:86:f6:c8:a6:b3:38:2a:0a:10:e9:d6:88:6b:
7d:6c:04:51:9d:32:fe:35:5e:80:db:db:c4:ae:6e:
de:03:d6:a7:24:95:53:78:f5:c1:e6:e1:cd:4e:d4:
2e:52:12:bc:82:b9:1b:07:cd:90:51:f1:9e:d6:7c:
22:5d:5d:f2:81:36:c7:bd:ae:07:ce:dc:26:0c:c9:
06:8d:2c:d0:35:d6:67:a0:27:da:4e:87:84:ae:cc:
1b:15:2d:70:c5:11:44:2c:69:75:c9:d0:c7:7f:2c:
0f:00:6e:0c:97:9f:1a:4d:33:94:e6:c3:78:df:13:
8f:1d:8a:6e:43:19:39:9f:ab:4e:65:8b:8a:4a:2d:
cc:13:50:03:45:f7:3e:2a:6e:94:ce:56:97:4c:6b:
56:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:44:05:61:8F:03:8A:CA:BF:14:EA:4B:94:4B:AB:28:68:5E:DF:68
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lkQFYY8Disq_FOpLlEurKGhe32g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f01:403::/48
Signature Algorithm: sha256WithRSAEncryption
4f:e0:70:38:8d:58:50:33:70:4b:fe:50:cd:74:a3:83:00:64:
fa:87:bd:72:f0:b1:9d:db:b6:51:e8:d4:03:90:7e:b9:2a:c8:
06:ba:8b:af:27:9d:aa:e4:55:d1:c1:d1:55:ee:52:f9:a3:0a:
c6:e2:6d:7f:02:30:10:82:3f:66:06:a0:fe:ad:50:7f:f4:e7:
32:38:12:50:ce:15:71:95:90:51:ef:e6:6e:3c:08:34:30:13:
b4:d0:c9:2e:83:f5:17:11:b5:ba:01:8b:57:41:13:98:ca:da:
10:25:ae:e3:6f:8b:f6:c8:2b:6d:8b:13:43:f2:81:3e:42:3e:
63:4d:65:c0:1b:05:8e:6e:a3:f5:71:6e:3d:64:e1:7d:7e:3b:
97:46:de:33:90:57:f7:13:60:c3:73:f0:c9:74:6c:79:64:af:
fb:d6:7a:7f:ea:87:b7:24:e5:57:67:59:a7:48:97:e0:2e:a6:
f1:32:2f:9d:b7:8b:bb:02:04:7c:96:93:76:f6:47:df:3c:cb:
38:a6:fb:85:60:60:1f:70:03:87:3a:45:19:81:7c:a1:a7:91:
90:cb:c4:27:7a:59:aa:ef:c3:69:1a:50:8c:91:3b:c3:71:fc:
d8:fd:ed:7d:b6:a4:13:70:ef:36:21:b7:47:dd:c1:9b:68:05:
46:e1:85:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY9UuT5aguwwJ113aNm62i/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTA3MjAyMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQ0MDU2MThmMDM4YWNhYmYxNGVhNGI5NDRiYWIyODY4NWVkZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl+AqizCWz3PEG+OHQbr6e+DgNp9
rYX1ZySJ8o4h+Xy3+fH7xQYrSV71ax2dFqabe320TqevGLXhDA3l1ARGDl9PFPQG
94fR/ZN+AC9W2BLSC8W50ZpfTvoeq8RdROP8jDLIvQ8F99KmwYb2yKazOCoKEOnW
iGt9bARRnTL+NV6A29vErm7eA9anJJVTePXB5uHNTtQuUhK8grkbB82QUfGe1nwi
XV3ygTbHva4HztwmDMkGjSzQNdZnoCfaToeErswbFS1wxRFELGl1ydDHfywPAG4M
l58aTTOU5sN43xOPHYpuQxk5n6tOZYuKSi3ME1ADRfc+Km6UzlaXTGtWCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJZEBWGPA4rKvxTqS5RLqyhoXt9oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbGtRRllZOERpc3FfRk9wTGxFdXJLR2hlMzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAQQD
MA0GCSqGSIb3DQEBCwUAA4IBAQBP4HA4jVhQM3BL/lDNdKODAGT6h71y8LGd27ZR
6NQDkH65KsgGuouvJ52q5FXRwdFV7lL5owrG4m1/AjAQgj9mBqD+rVB/9OcyOBJQ
zhVxlZBR7+ZuPAg0MBO00Mkug/UXEbW6AYtXQROYytoQJa7jb4v2yCttixND8oE+
Qj5jTWXAGwWObqP1cW49ZOF9fjuXRt4zkFf3E2DDc/DJdGx5ZK/71np/6oe3JOVX
Z1mnSJfgLqbxMi+dt4u7AgR8lpN29kffPMs4pvuFYGAfcAOHOkUZgXyhp5GQy8Qn
elmq78NpGlCMkTvDcfzY/e19tqQTcO82IbdH3cGbaAVG4YXP
-----END CERTIFICATE-----
Generated at Fri May 10 10:50:12 2024 by rpki-client on console-fra.rpki-client.org