Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0oKduxK8nxaD1ANFzuPTPXjzOtE.roa
File: 0oKduxK8nxaD1ANFzuPTPXjzOtE.roa (raw, json)
Hash identifier: OdSjdZTgjRy4bXdUYhPKarHTgB2EaZey1KK9LMKogA4=
Subject key identifier: D2:82:9D:BB:12:BC:9F:16:83:D4:03:45:CE:E3:D3:3D:78:F3:3A:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185ED58BD269D48669C9FD25B2C3B288ED1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0oKduxK8nxaD1ANFzuPTPXjzOtE.roa
Signing time: Thu 26 Jan 2023 09:11:33 +0000
ROA not before: Thu 26 Jan 2023 09:11:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:600::/44 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 28 Jan 2023 04:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:58:bd:26:9d:48:66:9c:9f:d2:5b:2c:3b:28:8e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 26 09:11:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2829dbb12bc9f1683d40345cee3d33d78f33ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:75:85:81:7d:94:d3:99:67:27:e7:e9:27:
db:0f:40:71:e6:45:73:19:cf:a8:7b:cd:69:7c:c5:
9c:de:86:dd:73:23:9c:67:75:96:df:bc:0d:ef:dc:
18:64:c8:93:09:27:49:65:b9:e3:3b:d9:08:6c:f2:
ef:bc:f9:c1:7b:a0:cd:5e:b8:19:59:6d:b4:53:db:
fa:75:a4:54:d0:2c:bb:6b:c6:a2:a8:89:09:cb:8a:
9e:10:b1:f1:e2:c9:44:17:40:64:3b:11:79:41:75:
fc:f3:5a:0b:40:85:90:b3:fe:a5:4b:67:cf:a1:2a:
48:90:0f:f9:31:5f:88:24:f3:3a:90:41:d1:7e:78:
12:d5:09:06:97:3d:69:78:af:07:b4:c5:fb:8b:58:
7f:b1:d5:82:15:3b:2d:54:8b:d4:cd:db:53:96:69:
f5:a1:21:62:91:cc:d3:23:c5:8f:a2:cb:d7:e1:c1:
87:b3:0f:0e:e5:cd:1e:db:98:25:d0:de:df:2a:8a:
f9:7e:30:db:ef:8a:9a:9f:47:23:73:70:c9:81:f3:
59:8a:3a:47:db:a8:37:da:9a:42:f7:fb:ee:67:b0:
82:bf:ef:0c:a4:3c:11:6d:a6:a9:08:4e:0e:c3:c8:
d8:55:10:54:dd:df:6c:7d:b3:c7:4a:f3:81:13:76:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:82:9D:BB:12:BC:9F:16:83:D4:03:45:CE:E3:D3:3D:78:F3:3A:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0oKduxK8nxaD1ANFzuPTPXjzOtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:600::/44
2a0e:b107:800::/44
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
87:df:0f:57:f6:85:9b:8e:0d:55:f7:d2:e4:35:31:07:ba:59:
82:61:58:55:f0:a3:41:16:19:bc:cd:65:f8:71:44:90:1a:3d:
c4:c0:4a:e5:d9:89:f6:89:2d:70:b9:05:f6:d3:5d:64:70:ce:
64:47:71:1d:9d:36:62:f7:27:5d:34:fe:60:7c:a6:24:ef:3e:
6c:aa:20:99:e0:5b:63:f5:31:93:e6:17:e0:83:1f:90:96:ad:
80:eb:5c:84:10:00:26:e8:0f:a3:56:6f:4a:72:f8:3c:9d:4d:
01:56:9d:13:93:d3:33:4d:3e:bc:c5:2c:47:4c:1d:62:df:42:
51:82:c9:91:5b:b4:b1:35:8c:4d:67:00:f4:e9:36:7f:e5:6f:
5e:3c:14:a8:10:d5:4d:78:7d:56:39:a3:5e:c1:c1:1c:58:43:
e2:76:79:30:52:3a:50:cb:51:97:88:75:a5:20:9f:57:16:16:
52:de:86:c4:3f:f2:8c:fb:71:eb:2b:e6:91:9f:58:13:4d:bc:
8d:73:02:f6:86:b0:ca:13:d5:e9:6a:be:8c:b8:a3:11:05:87:
c3:62:49:3e:b8:a4:76:c8:6e:7f:13:30:4c:90:ee:e5:f9:c6:
95:58:34:81:c5:98:9c:e1:be:8d:c1:74:66:bf:00:cd:99:a2:
60:cd:e6:52
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXtWL0mnUhmnJ/SWyw7KI7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI2MDkxMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjgyOWRiYjEyYmM5ZjE2ODNkNDAzNDVjZWUzZDMzZDc4ZjMzYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCl1hYF9lNOZZyfn6SfbD0Bx5kVz
Gc+oe81pfMWc3obdcyOcZ3WW37wN79wYZMiTCSdJZbnjO9kIbPLvvPnBe6DNXrgZ
WW20U9v6daRU0Cy7a8aiqIkJy4qeELHx4slEF0BkOxF5QXX881oLQIWQs/6lS2fP
oSpIkA/5MV+IJPM6kEHRfngS1QkGlz1peK8HtMX7i1h/sdWCFTstVIvUzdtTlmn1
oSFikczTI8WPosvX4cGHsw8O5c0e25gl0N7fKor5fjDb74qan0cjc3DJgfNZijpH
26g32ppC9/vuZ7CCv+8MpDwRbaapCE4Ow8jYVRBU3d9sfbPHSvOBE3a17wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNKCnbsSvJ8Wg9QDRc7j0z148zrRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMG9LZHV4SzhueGFEMUFORnp1UFRQWGp6T3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6xBwYA
AwcEKg6xBwgAAwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEBCwUAA4IBAQCH
3w9X9oWbjg1V99LkNTEHulmCYVhV8KNBFhm8zWX4cUSQGj3EwErl2Yn2iS1wuQX2
011kcM5kR3EdnTZi9yddNP5gfKYk7z5sqiCZ4Ftj9TGT5hfggx+Qlq2A61yEEAAm
6A+jVm9Kcvg8nU0BVp0Tk9MzTT68xSxHTB1i30JRgsmRW7SxNYxNZwD06TZ/5W9e
PBSoENVNeH1WOaNewcEcWEPidnkwUjpQy1GXiHWlIJ9XFhZS3obEP/KM+3HrK+aR
n1gTTbyNcwL2hrDKE9Xpar6MuKMRBYfDYkk+uKR2yG5/EzBMkO7l+caVWDSBxZic
4b6NwXRmvwDNmaJgzeZS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org