Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0G-ocVeQAb6jMOchI6I_qerxQH4.roa
File: 0G-ocVeQAb6jMOchI6I_qerxQH4.roa (raw, json)
Hash identifier: aZ+7WaG8SWyNz0qFeGGwSMAcOXI39L7xVP58ngixUco=
Subject key identifier: D0:6F:A8:71:57:90:01:BE:A3:30:E7:21:23:A2:3F:A9:EA:F1:40:7E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD23858BF584B23F0CFB2AFCF9C552
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0G-ocVeQAb6jMOchI6I_qerxQH4.roa
Signing time: Tue 02 Jan 2024 10:34:24 +0000
ROA not before: Tue 02 Jan 2024 10:34:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210397
IP address blocks: 2a0e:97c0:780::/44 maxlen: 48
2a0e:97c0:780::/48 maxlen: 48
2a0e:97c0:78b::/48 maxlen: 48
2a0e:97c0:781::/48 maxlen: 48
2a0e:97c0:78c::/48 maxlen: 48
2a0e:97c0:78f::/48 maxlen: 48
2a0e:97c0:78a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Feb 2024 23:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:23:85:8b:f5:84:b2:3f:0c:fb:2a:fc:f9:c5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d06fa871579001bea330e72123a23fa9eaf1407e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c2:6f:f2:cc:fd:e2:e6:e1:11:f8:b0:aa:ce:
46:75:1a:18:ee:a4:fe:e1:6a:42:63:db:80:e6:7d:
a7:95:5b:b1:a3:fc:c4:39:cb:f7:6b:98:61:f7:a2:
13:af:e6:fb:48:c2:a5:38:90:6c:af:af:9f:3f:f1:
9d:e9:51:b9:69:ed:56:ed:ba:55:42:b2:c4:af:66:
2a:e9:c9:fa:27:b0:2c:7e:72:ec:43:11:eb:25:74:
dd:97:44:58:22:b3:81:1a:2a:39:d3:6e:b2:81:c1:
fd:14:e4:b0:3a:5e:20:ff:e5:8b:4a:a6:3e:2e:64:
5b:d8:38:b9:a0:70:b3:20:3f:1a:3c:30:45:12:69:
0b:f3:3e:b8:7e:05:98:fa:dc:44:01:cc:cd:dd:58:
b3:5c:61:31:55:84:78:bb:9b:43:26:9a:8c:ed:43:
5a:31:6c:f9:46:93:d4:60:89:3d:fc:be:00:55:aa:
31:5d:41:87:9a:f0:a7:1a:73:3e:22:99:c4:68:65:
20:fb:0f:c2:8c:f8:7c:44:0f:f4:12:d1:e1:5d:55:
ec:0b:2f:39:0d:1f:f7:0b:87:65:d2:83:40:37:52:
5e:19:f7:3d:62:ab:f9:1b:e0:28:1b:43:89:d4:7f:
7f:b9:f2:ad:d5:40:73:43:a7:b9:b2:78:a6:21:26:
17:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6F:A8:71:57:90:01:BE:A3:30:E7:21:23:A2:3F:A9:EA:F1:40:7E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0G-ocVeQAb6jMOchI6I_qerxQH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:780::/44
Signature Algorithm: sha256WithRSAEncryption
3f:57:91:99:0b:95:0c:52:d8:a1:88:40:57:d5:11:ec:a8:b2:
c9:78:f0:b2:13:e9:b9:61:61:c5:36:90:39:50:38:6e:c7:7e:
66:a4:2a:1a:17:ff:94:b1:4c:cb:16:b2:e3:f6:72:1c:8f:1f:
10:c6:ae:08:27:a4:fd:86:ea:73:b0:16:56:7d:93:87:7b:3a:
ab:dd:b4:60:41:f4:e4:7b:e6:66:14:01:51:c1:e5:13:5b:52:
eb:bb:3b:46:3b:8b:ec:9a:68:67:a5:29:26:48:aa:80:57:2c:
69:07:51:f2:55:1b:0b:73:e1:03:9b:8a:38:04:c2:7b:86:ef:
1c:50:03:f3:12:74:c6:df:74:66:bc:91:15:75:10:2f:64:bc:
05:87:62:d2:4e:17:7f:13:f2:53:03:42:bf:92:7b:55:82:85:
eb:6c:65:8b:49:aa:a3:a8:3e:4e:e6:90:82:68:a6:b8:61:a7:
71:33:14:4e:5d:19:31:52:77:b1:3f:12:1a:9a:d4:14:16:33:
de:b7:3d:f9:40:83:c1:f1:a9:19:b4:d7:9d:e0:50:7d:5f:96:
23:7d:39:5b:2c:eb:cf:a7:47:13:3d:ae:9f:21:e2:dc:1b:5a:
44:44:ab:7c:88:71:19:e6:68:4b:0e:5f:7a:23:bc:41:d6:a1:
06:a2:b6:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvSOFi/WEsj8M+yr8+cVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZmYTg3MTU3OTAwMWJlYTMzMGU3MjEyM2EyM2ZhOWVhZjE0MDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sJv8sz94ubhEfiwqs5GdRoY7qT+
4WpCY9uA5n2nlVuxo/zEOcv3a5hh96ITr+b7SMKlOJBsr6+fP/Gd6VG5ae1W7bpV
QrLEr2Yq6cn6J7AsfnLsQxHrJXTdl0RYIrOBGio5026ygcH9FOSwOl4g/+WLSqY+
LmRb2Di5oHCzID8aPDBFEmkL8z64fgWY+txEAczN3VizXGExVYR4u5tDJpqM7UNa
MWz5RpPUYIk9/L4AVaoxXUGHmvCnGnM+IpnEaGUg+w/CjPh8RA/0EtHhXVXsCy85
DR/3C4dl0oNAN1JeGfc9Yqv5G+AoG0OJ1H9/ufKt1UBzQ6e5snimISYX+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNBvqHFXkAG+ozDnISOiP6nq8UB+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMEctb2NWZVFBYjZqTU9jaEk2SV9xZXJ4UUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAeA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/V5GZC5UMUtihiEBX1RHsqLLJePCyE+m5YWHF
NpA5UDhux35mpCoaF/+UsUzLFrLj9nIcjx8Qxq4IJ6T9hupzsBZWfZOHezqr3bRg
QfTke+ZmFAFRweUTW1LruztGO4vsmmhnpSkmSKqAVyxpB1HyVRsLc+EDm4o4BMJ7
hu8cUAPzEnTG33RmvJEVdRAvZLwFh2LSThd/E/JTA0K/kntVgoXrbGWLSaqjqD5O
5pCCaKa4YadxMxROXRkxUnexPxIamtQUFjPetz35QIPB8akZtNed4FB9X5YjfTlb
LOvPp0cTPa6fIeLcG1pERKt8iHEZ5mhLDl96I7xB1qEGoraM
-----END CERTIFICATE-----
Generated at Thu Feb 22 02:26:27 2024 by rpki-client on console-fra.rpki-client.org