Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/1YOxG4hWO_5m_13iae770MiwzMw.roa
File: 1YOxG4hWO_5m_13iae770MiwzMw.roa (raw, json)
Hash identifier: KM0XpPdg9YA0f5p2Qs3YbdEhfLNX7zZUFtPOLE+1uoc=
Subject key identifier: D5:83:B1:1B:88:56:3B:FE:66:FF:5D:E2:69:EE:FB:D0:C8:B0:CC:CC
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0191E11B9CFB9EBA163FD3D1FDFBF827D5EB
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/1YOxG4hWO_5m_13iae770MiwzMw.roa
Signing time: Wed 11 Sep 2024 12:42:48 +0000
ROA not before: Wed 11 Sep 2024 12:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
2a06:5901:8100::/40 maxlen: 48
2a06:5901:8200::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Sep 2024 09:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:1b:9c:fb:9e:ba:16:3f:d3:d1:fd:fb:f8:27:d5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Sep 11 12:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d583b11b88563bfe66ff5de269eefbd0c8b0cccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:38:c0:e5:99:29:11:ec:5d:32:85:d5:63:08:
f4:26:f9:d1:c9:c6:82:de:75:64:a3:5a:09:2c:28:
2e:5b:c6:4c:b6:74:c2:f4:ff:39:9e:7b:dd:66:42:
ca:5d:cb:59:73:4c:fd:74:23:cc:22:85:d5:a0:b3:
b1:43:9e:a0:ec:4b:0c:9f:6f:08:ea:d6:ba:ad:55:
03:a4:e7:5d:a1:b0:91:73:74:b9:71:54:93:55:95:
08:75:1b:42:cf:77:2b:80:40:ae:0f:72:73:37:58:
9f:f7:b5:4f:64:d5:a0:75:3c:3a:f5:05:6f:79:8b:
12:fa:f8:b2:cb:f8:04:0d:91:3f:0e:27:35:d3:9b:
8a:a6:47:2d:5c:d7:6d:27:a8:4a:99:9e:a6:fe:7e:
09:72:e0:6d:66:ca:cb:49:60:a4:be:9c:43:19:8e:
66:5d:d6:45:59:2b:95:a1:6b:fc:a2:c3:2e:b8:9a:
eb:3a:ce:d8:3c:b7:fd:14:d1:5f:b9:a7:b7:bc:ab:
56:90:ef:ab:6d:eb:1a:0a:e7:34:73:00:0f:08:9f:
24:a9:00:af:19:7c:20:cc:82:3f:42:b6:da:d1:98:
61:e9:ca:66:3e:27:39:3e:d2:8b:e3:b3:60:f3:07:
4f:e7:d5:a4:52:92:59:c9:86:38:d3:a6:7f:ee:2b:
56:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:83:B1:1B:88:56:3B:FE:66:FF:5D:E2:69:EE:FB:D0:C8:B0:CC:CC
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/1YOxG4hWO_5m_13iae770MiwzMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.199.252.0/22
IPv6:
2a06:5901:8000::-2a06:5901:82ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ae:e0:97:02:48:35:bc:e7:97:46:cd:d5:f5:9b:9d:4a:d7:f1:
26:e1:ef:31:71:e7:0b:ef:74:61:1b:93:18:87:a9:cf:ca:82:
3f:c8:db:09:72:92:9b:1d:5e:c9:4a:0e:ac:90:c1:a5:ec:a8:
b7:3a:65:2e:2e:11:fb:f8:99:5a:41:31:40:ea:de:b5:16:be:
b9:9e:c4:dd:b1:ad:b6:45:aa:fa:9d:19:f2:1f:78:a5:8c:8f:
95:21:29:37:47:1b:d7:cb:8d:a8:56:8b:f2:5f:10:05:00:20:
12:45:da:23:11:e4:a2:f9:64:78:84:0a:b6:9a:cf:4e:80:35:
5a:1c:01:af:01:a6:09:ed:81:0d:f5:cd:5a:97:7d:5a:0e:e7:
95:58:44:f2:ce:6c:90:12:7c:f6:6a:82:0d:d5:90:97:cd:16:
7f:d5:43:e0:c4:58:d7:2c:79:47:01:11:40:51:16:e1:ba:6c:
20:f2:8f:52:60:bf:6c:e2:a3:86:5a:88:04:e8:62:44:00:ee:
4d:a8:2e:8d:29:43:12:15:b4:ec:a5:47:7f:c3:57:01:70:10:
92:6a:3e:f8:ad:1c:26:1e:1f:eb:5e:dc:42:e6:f2:d2:5f:68:
d0:d6:a1:4c:56:69:2b:54:41:77:3b:dc:1d:e4:b3:57:ff:31:
45:3b:1b:0b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHhG5z7nroWP9PR/fv4J9XrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwOTExMTI0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTgzYjExYjg4NTYzYmZlNjZmZjVkZTI2OWVlZmJkMGM4YjBjY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujjA5ZkpEexdMoXVYwj0JvnRycaC
3nVko1oJLCguW8ZMtnTC9P85nnvdZkLKXctZc0z9dCPMIoXVoLOxQ56g7EsMn28I
6ta6rVUDpOddobCRc3S5cVSTVZUIdRtCz3crgECuD3JzN1if97VPZNWgdTw69QVv
eYsS+viyy/gEDZE/Dic105uKpkctXNdtJ6hKmZ6m/n4JcuBtZsrLSWCkvpxDGY5m
XdZFWSuVoWv8osMuuJrrOs7YPLf9FNFfuae3vKtWkO+rbesaCuc0cwAPCJ8kqQCv
GXwgzII/Qrba0Zhh6cpmPic5PtKL47Ng8wdP59WkUpJZyYY406Z/7itWBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNWDsRuIVjv+Zv9d4mnu+9DIsMzMMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvMVlPeEc0aFdPXzVtXzEzaWFlNzcwTWl3ek13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCM8f8MBgE
AgACMBIwEAMGByoGWQGAAwYAKgZZAYIwDQYJKoZIhvcNAQELBQADggEBAK7glwJI
Nbznl0bN1fWbnUrX8Sbh7zFx5wvvdGEbkxiHqc/Kgj/I2wlykpsdXslKDqyQwaXs
qLc6ZS4uEfv4mVpBMUDq3rUWvrmexN2xrbZFqvqdGfIfeKWMj5UhKTdHG9fLjahW
i/JfEAUAIBJF2iMR5KL5ZHiECraaz06ANVocAa8BpgntgQ31zVqXfVoO55VYRPLO
bJASfPZqgg3VkJfNFn/VQ+DEWNcseUcBEUBRFuG6bCDyj1Jgv2zio4ZaiAToYkQA
7k2oLo0pQxIVtOylR3/DVwFwEJJqPvitHCYeH+te3ELm8tJfaNDWoUxWaStUQXc7
3B3ks1f/MUU7Gws=
-----END CERTIFICATE-----
Generated at Fri Sep 13 12:22:10 2024 by rpki-client on console-ams.rpki-client.org