Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0S91zwE5p-Ke8CHcwy6IQi0Lc44.roa
File: 0S91zwE5p-Ke8CHcwy6IQi0Lc44.roa (raw, json)
Hash identifier: OPObPlXW8EXZc0lX/IaonN7x+YGxcGvAtNKvS6t5Gp4=
Subject key identifier: D1:2F:75:CF:01:39:A7:E2:9E:F0:21:DC:C3:2E:88:42:2D:0B:73:8E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B0D14A69331AD6A8BEBEAD16FE305
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0S91zwE5p-Ke8CHcwy6IQi0Lc44.roa
Signing time: Tue 24 Jan 2023 16:09:56 +0000
ROA not before: Tue 24 Jan 2023 16:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212995
IP address blocks: 2a10:2f01:2a0::/44 maxlen: 48
2a10:cc44:180::/44 maxlen: 48
2a0e:b107:b80::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:0d:14:a6:93:31:ad:6a:8b:eb:ea:d1:6f:e3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d12f75cf0139a7e29ef021dcc32e88422d0b738e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:31:58:ad:4e:91:53:26:74:52:05:19:58:
f0:d8:72:f3:a9:2d:ac:78:b5:00:8e:eb:69:e7:0e:
0a:fb:16:c0:a4:ac:89:20:74:6f:a3:15:05:5b:b4:
e8:06:7e:ec:25:46:b7:60:b5:96:e9:88:6d:00:c2:
14:f6:fe:e7:c3:87:dd:df:e8:d2:6d:9f:71:47:3d:
dd:fa:67:ca:c3:06:5e:ad:0a:0a:a9:a9:c8:3d:a0:
bf:8b:5b:6b:82:87:18:bb:f9:63:21:dc:12:db:3f:
dc:8b:37:a6:c4:c9:11:91:13:49:a2:ae:9b:d1:7a:
55:6c:96:0c:41:36:d2:65:d6:ae:e6:91:2e:2d:f4:
a4:a8:8b:62:fe:5e:74:b8:99:27:7c:8f:23:fd:97:
5b:e0:56:4c:f5:7c:8b:e2:2a:1f:4b:38:ce:5f:d1:
31:dc:b2:da:66:17:8b:10:28:a6:2d:a3:44:64:5d:
44:93:31:8e:3f:dc:7e:67:90:35:d5:f7:8e:57:af:
42:19:3c:64:bb:eb:24:ce:55:e1:d9:72:b2:6c:76:
b0:e1:20:90:35:af:58:0a:bd:a7:6f:c6:17:23:34:
57:c7:2f:6e:7e:18:64:d3:cf:28:97:d9:61:c1:51:
73:e8:8c:34:7f:db:3c:f7:a3:44:25:04:af:e4:22:
80:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2F:75:CF:01:39:A7:E2:9E:F0:21:DC:C3:2E:88:42:2D:0B:73:8E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0S91zwE5p-Ke8CHcwy6IQi0Lc44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:b80::/44
2a10:2f01:2a0::/44
2a10:cc44:180::/44
Signature Algorithm: sha256WithRSAEncryption
bf:d6:eb:e5:14:75:55:92:14:df:22:8f:c4:48:9a:73:92:9a:
a0:d1:cb:3f:52:c9:4a:73:b4:c7:bb:ac:31:ea:f3:f0:35:f0:
9a:c2:14:ca:90:04:d4:92:9a:a7:21:65:20:ca:d0:32:1b:c2:
0e:fd:3f:ce:65:e6:d2:5d:ba:03:56:63:2e:78:94:65:bc:b6:
80:88:9d:7c:b6:e5:48:0a:31:c9:bd:01:3d:37:29:b5:23:9d:
95:b4:9e:79:a2:1f:d2:c2:9f:36:16:44:96:31:94:9f:4c:c9:
02:36:6d:01:8f:aa:e5:f2:f9:74:56:f6:fd:11:57:46:1e:14:
55:47:20:19:08:e3:4a:2f:00:ae:36:4a:dd:d6:e5:63:38:92:
dd:fe:af:2a:ff:43:4f:ed:59:a3:6d:fb:e8:fb:77:19:1b:2a:
56:a7:66:17:d9:08:32:0f:e2:11:b6:11:1a:0a:bc:3c:94:5b:
e3:85:45:d3:6d:c4:0c:31:9e:97:4f:87:83:ab:4c:12:a6:0b:
62:c3:94:c2:94:8d:7a:16:07:7f:35:83:8c:3d:31:64:a5:4f:
95:d9:d5:19:43:86:7d:3f:e9:f2:f1:0b:1e:c8:d7:c4:fd:08:
8e:9a:93:72:90:62:0d:d9:68:bd:4f:8d:aa:64:4f:3b:f2:3c:
51:c3:2c:be
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXkiw0UppMxrWqL6+rRb+MFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJmNzVjZjAxMzlhN2UyOWVmMDIxZGNjMzJlODg0MjJkMGI3MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptgxWK1OkVMmdFIFGVjw2HLzqS2s
eLUAjutp5w4K+xbApKyJIHRvoxUFW7ToBn7sJUa3YLWW6YhtAMIU9v7nw4fd3+jS
bZ9xRz3d+mfKwwZerQoKqanIPaC/i1trgocYu/ljIdwS2z/cizemxMkRkRNJoq6b
0XpVbJYMQTbSZdau5pEuLfSkqIti/l50uJknfI8j/Zdb4FZM9XyL4iofSzjOX9Ex
3LLaZheLECimLaNEZF1EkzGOP9x+Z5A11feOV69CGTxku+skzlXh2XKybHaw4SCQ
Na9YCr2nb8YXIzRXxy9ufhhk088ol9lhwVFz6Iw0f9s896NEJQSv5CKANQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNEvdc8BOafinvAh3MMuiEItC3OOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFM5MXp3RTVwLUtlOENIY3d5NklRaTBMYzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBwuA
AwcEKhAvAQKgAwcEKhDMRAGAMA0GCSqGSIb3DQEBCwUAA4IBAQC/1uvlFHVVkhTf
Io/ESJpzkpqg0cs/UslKc7THu6wx6vPwNfCawhTKkATUkpqnIWUgytAyG8IO/T/O
ZebSXboDVmMueJRlvLaAiJ18tuVICjHJvQE9Nym1I52VtJ55oh/Swp82FkSWMZSf
TMkCNm0Bj6rl8vl0Vvb9EVdGHhRVRyAZCONKLwCuNkrd1uVjOJLd/q8q/0NP7Vmj
bfvo+3cZGypWp2YX2QgyD+IRthEaCrw8lFvjhUXTbcQMMZ6XT4eDq0wSpgtiw5TC
lI16Fgd/NYOMPTFkpU+V2dUZQ4Z9P+ny8QseyNfE/QiOmpNykGIN2Wi9T42qZE87
8jxRwyy+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org