Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0TONZvc_z5_NprXKhBs31YYtFBo.roa
File: 0TONZvc_z5_NprXKhBs31YYtFBo.roa (raw, json)
Hash identifier: wxzz4iVjLT62tQySiEng8EHkNHSkMBTqw1YskOEmt2E=
Subject key identifier: D1:33:8D:66:F7:3F:CF:9F:CD:A6:B5:CA:84:1B:37:D5:86:2D:14:1A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185F723B26000ED5D5FD7111C3A708FED6F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0TONZvc_z5_NprXKhBs31YYtFBo.roa
Signing time: Sat 28 Jan 2023 06:49:49 +0000
ROA not before: Sat 28 Jan 2023 06:49:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:660::/44 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 31 Jan 2023 15:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:23:b2:60:00:ed:5d:5f:d7:11:1c:3a:70:8f:ed:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 06:49:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1338d66f73fcf9fcda6b5ca841b37d5862d141a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:e7:94:8f:ff:13:37:cf:bf:30:d5:f2:f8:
3b:21:c9:d1:3e:da:74:a5:b7:3c:9c:00:8c:3a:5e:
70:82:35:9e:2a:6b:71:15:fb:4c:a6:51:2e:e9:d8:
b7:21:02:bc:f6:05:2c:6a:ae:ed:30:a4:3a:74:78:
eb:79:e8:cb:43:df:de:19:a9:55:9f:56:88:bd:81:
ff:49:0e:a4:f0:19:e1:06:9a:d2:18:a7:21:a2:67:
f7:dd:3f:46:bb:69:2a:de:da:71:35:47:ae:4c:7b:
b9:cb:c9:2d:51:95:30:f5:43:0e:8b:15:39:a6:a3:
a4:b6:35:b0:32:57:a4:07:88:31:76:41:a8:50:c1:
32:23:03:02:ea:0d:44:6f:cf:a1:ab:4c:9d:67:bd:
87:00:54:1a:d9:1e:76:2d:50:2e:07:94:0e:6f:3c:
54:5c:77:0b:39:b9:ae:c6:49:a0:63:14:d5:fd:52:
2c:0b:a5:73:f3:6e:25:a9:e2:d4:74:83:f8:dd:32:
1b:f4:5b:cb:7f:cf:46:81:be:f2:65:a6:cc:fc:87:
6c:89:61:f2:c6:af:ef:89:5e:dd:bd:f5:8b:a6:1d:
b9:ed:b4:49:22:7b:f8:9b:78:d5:95:bd:7d:07:2d:
28:5b:d4:31:ed:f2:59:0f:3a:ef:51:35:c1:aa:89:
34:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:33:8D:66:F7:3F:CF:9F:CD:A6:B5:CA:84:1B:37:D5:86:2D:14:1A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0TONZvc_z5_NprXKhBs31YYtFBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:660::/44
2a0e:b107:800::/44
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
9e:cd:f7:c7:21:7c:7d:a1:68:63:7a:9c:ec:26:da:48:fc:94:
b5:9d:3f:8e:d8:83:a0:90:b4:a8:d0:26:d7:d9:7a:f0:c2:68:
47:b0:d6:8f:a5:16:d8:3e:1a:3e:5a:4b:75:5a:0b:ad:a6:2c:
e5:3f:07:c3:7c:bd:89:31:39:1f:f6:ec:1b:e9:74:00:89:9e:
99:c7:30:77:f0:f1:dd:ac:22:74:28:02:63:7f:56:56:db:23:
fd:0e:ba:29:37:e3:f0:b4:a0:01:6d:58:ca:d4:35:e6:b1:65:
fe:06:65:1c:e3:82:18:ba:cd:c5:23:38:51:38:d7:66:d7:c3:
2d:45:c2:eb:5b:6a:32:56:3f:d2:a9:2b:d3:b6:4b:05:13:c7:
24:60:b4:28:ca:1f:df:0f:53:21:78:f8:ad:0c:4f:a8:6d:be:
1b:b1:72:1a:d9:1d:8e:c7:38:c6:94:14:b6:36:95:8c:6b:16:
0e:91:2a:8b:18:22:3b:50:ae:84:35:2e:5f:cf:ac:cc:6a:7c:
c5:95:87:b1:d6:d8:7f:4b:23:20:a1:eb:1e:66:7e:aa:78:38:
8d:55:9f:02:cb:68:9e:3a:02:c6:4b:32:8c:a6:65:7c:7f:cf:
49:a1:a5:ac:59:67:04:e6:af:10:cd:b7:85:0f:b1:70:a1:44:
f1:98:04:3f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYX3I7JgAO1dX9cRHDpwj+1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI4MDY0OTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMzOGQ2NmY3M2ZjZjlmY2RhNmI1Y2E4NDFiMzdkNTg2MmQxNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK3nlI//EzfPvzDV8vg7IcnRPtp0
pbc8nACMOl5wgjWeKmtxFftMplEu6di3IQK89gUsaq7tMKQ6dHjreejLQ9/eGalV
n1aIvYH/SQ6k8BnhBprSGKchomf33T9Gu2kq3tpxNUeuTHu5y8ktUZUw9UMOixU5
pqOktjWwMlekB4gxdkGoUMEyIwMC6g1Eb8+hq0ydZ72HAFQa2R52LVAuB5QObzxU
XHcLObmuxkmgYxTV/VIsC6Vz824lqeLUdIP43TIb9FvLf89Ggb7yZabM/IdsiWHy
xq/viV7dvfWLph257bRJInv4m3jVlb19By0oW9Qx7fJZDzrvUTXBqok0BQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNEzjWb3P8+fzaa1yoQbN9WGLRQaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFRPTlp2Y196NV9OcHJYS2hCczMxWVl0RkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6xBwZg
AwcEKg6xBwgAAwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEBCwUAA4IBAQCe
zffHIXx9oWhjepzsJtpI/JS1nT+O2IOgkLSo0CbX2XrwwmhHsNaPpRbYPho+Wkt1
WgutpizlPwfDfL2JMTkf9uwb6XQAiZ6ZxzB38PHdrCJ0KAJjf1ZW2yP9DropN+Pw
tKABbVjK1DXmsWX+BmUc44IYus3FIzhRONdm18MtRcLrW2oyVj/SqSvTtksFE8ck
YLQoyh/fD1MhePitDE+obb4bsXIa2R2OxzjGlBS2NpWMaxYOkSqLGCI7UK6ENS5f
z6zManzFlYex1th/SyMgoeseZn6qeDiNVZ8Cy2ieOgLGSzKMpmV8f89JoaWsWWcE
5q8QzbeFD7FwoUTxmAQ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org