Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/63lj2xnglGxEnrjPEXyvMe6mNq0.roa
File: 63lj2xnglGxEnrjPEXyvMe6mNq0.roa (raw, json)
Hash identifier: GbFzbRr2gOjyrFYuvnA9MtaLZg+kmR5oAcfLrU39L5c=
Subject key identifier: EB:79:63:DB:19:E0:94:6C:44:9E:B8:CF:11:7C:AF:31:EE:A6:36:AD
Certificate issuer: /CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Certificate serial: 01856F14A6E6BD1EFB0BFCCB936E9AD56A8C
Authority key identifier: 4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/63lj2xnglGxEnrjPEXyvMe6mNq0.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9512
IP address blocks: 2a00:fd80:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a6:e6:bd:1e:fb:0b:fc:cb:93:6e:9a:d5:6a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb7963db19e0946c449eb8cf117caf31eea636ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:96:25:58:d1:f8:4e:f5:a1:0a:40:5d:be:98:
97:d0:a4:86:d8:f5:69:90:45:7d:88:b0:dd:a0:1c:
4f:cb:eb:86:fc:0f:7f:12:84:fd:16:33:68:5e:f5:
53:02:6f:73:ed:d1:0c:96:7b:52:37:f6:35:be:dd:
7e:5c:08:39:8b:03:13:c8:9e:60:4c:b5:ce:2f:af:
38:fa:c6:ca:37:14:71:18:90:a5:43:91:08:84:db:
ec:a9:47:84:a9:33:b6:b7:90:b1:b1:71:53:eb:72:
d7:56:45:7e:6f:ca:5c:0e:d1:1b:52:42:ad:71:e4:
95:d1:fe:8b:35:d7:7b:b1:de:39:1b:4f:ed:af:ab:
47:6c:7f:f6:aa:83:9d:26:84:1c:85:89:7e:9d:68:
3a:62:a9:dc:9a:98:ef:87:f1:e7:f2:05:da:ad:1d:
83:06:68:0b:8d:27:21:5e:9e:7a:1c:f8:d9:a0:9a:
72:47:a9:50:88:ae:d8:fa:7c:47:7f:b1:10:20:9b:
c5:11:53:49:aa:e8:55:a9:fa:fa:55:a1:ab:21:25:
b6:09:f1:8e:2f:1a:8c:1d:be:3e:15:c6:fa:ec:e1:
0e:7b:07:4d:a3:b5:ac:42:c4:75:dd:92:5e:38:73:
49:cc:68:73:f3:e5:c9:38:ca:57:41:58:9b:b0:8f:
a8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:79:63:DB:19:E0:94:6C:44:9E:B8:CF:11:7C:AF:31:EE:A6:36:AD
X509v3 Authority Key Identifier:
keyid:4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/63lj2xnglGxEnrjPEXyvMe6mNq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:fd80:aaaa::/48
Signature Algorithm: sha256WithRSAEncryption
9c:00:0e:a1:d2:da:35:18:66:23:48:ce:e3:86:b3:00:60:a8:
21:e9:b7:6e:d1:38:2b:6c:55:da:1a:9f:61:1d:68:9e:ee:af:
51:69:d6:fb:df:13:b8:fe:a1:59:34:f1:6c:2d:a2:00:8f:b7:
dc:52:69:4f:12:dc:8c:ee:a0:ae:c4:fa:f0:2c:f0:fe:b3:55:
3a:e4:d0:cd:73:6c:3a:c4:8c:ea:62:33:5e:1a:c9:33:37:0f:
49:85:3a:4a:b7:d7:75:fe:9f:26:21:da:cf:13:5c:38:85:cd:
f2:df:ac:ad:80:c1:78:8a:a5:f8:2a:5c:bf:09:94:a9:95:54:
6c:64:9f:9c:61:63:7d:a9:e7:a6:4c:00:2b:fb:24:ae:91:ce:
92:43:9d:fb:d6:a2:9e:db:67:5a:26:af:de:f0:b3:cb:30:53:
19:be:e0:29:35:5d:87:2d:ca:80:7b:11:0e:6f:a3:b0:6a:a8:
5f:3e:4b:20:b1:f3:cc:c0:1d:34:8d:5c:38:4e:58:2a:ab:d4:
e4:36:3e:f6:81:f8:58:16:27:f4:a2:dc:d1:07:98:08:86:95:
4c:fa:9e:6c:cd:22:8b:7f:6a:e8:10:40:d0:8a:ea:d7:b5:86:
30:d8:52:77:ec:5a:2f:eb:d8:9a:f8:37:38:d1:66:59:8e:a7:
a5:ea:ac:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvFKbmvR77C/zLk26a1WqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzdjY2Q3YTk0NDE1ZGZjNjhjY2NhODc0ZTk0YzJlOGMy
MjIwMmQwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc5NjNkYjE5ZTA5NDZjNDQ5ZWI4Y2YxMTdjYWYzMWVlYTYzNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpYlWNH4TvWhCkBdvpiX0KSG2PVp
kEV9iLDdoBxPy+uG/A9/EoT9FjNoXvVTAm9z7dEMlntSN/Y1vt1+XAg5iwMTyJ5g
TLXOL684+sbKNxRxGJClQ5EIhNvsqUeEqTO2t5CxsXFT63LXVkV+b8pcDtEbUkKt
ceSV0f6LNdd7sd45G0/tr6tHbH/2qoOdJoQchYl+nWg6Yqncmpjvh/Hn8gXarR2D
BmgLjSchXp56HPjZoJpyR6lQiK7Y+nxHf7EQIJvFEVNJquhVqfr6VaGrISW2CfGO
LxqMHb4+Fcb67OEOewdNo7WsQsR13ZJeOHNJzGhz8+XJOMpXQVibsI+oXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOt5Y9sZ4JRsRJ64zxF8rzHupjatMB8GA1UdIwQY
MBaAFE13zNepRBXfxozMqHTpTC6MIiAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjIt
MTBlNTdmNTZhMTdhLzEvNjNsajJ4bmdsR3hFbnJqUEVYeXZNZTZtTnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjItMTBlNTdmNTZhMTdh
LzEvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD9gKqq
MA0GCSqGSIb3DQEBCwUAA4IBAQCcAA6h0to1GGYjSM7jhrMAYKgh6bdu0TgrbFXa
Gp9hHWie7q9Radb73xO4/qFZNPFsLaIAj7fcUmlPEtyM7qCuxPrwLPD+s1U65NDN
c2w6xIzqYjNeGskzNw9JhTpKt9d1/p8mIdrPE1w4hc3y36ytgMF4iqX4Kly/CZSp
lVRsZJ+cYWN9qeemTAAr+ySukc6SQ5371qKe22daJq/e8LPLMFMZvuApNV2HLcqA
exEOb6OwaqhfPksgsfPMwB00jVw4Tlgqq9TkNj72gfhYFif0otzRB5gIhpVM+p5s
zSKLf2roEEDQiurXtYYw2FJ37Fov69ia+Dc40WZZjqel6qxC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org