Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0tn0yWRjYXBHAivVH5jvbXYEG7s.roa
File: 0tn0yWRjYXBHAivVH5jvbXYEG7s.roa (raw, json)
Hash identifier: IEIY/u2MzNPfppUXMnXXVRy6oFivsQHVmHcPtde/GeI=
Subject key identifier: D2:D9:F4:C9:64:63:61:70:47:02:2B:D5:1F:98:EF:6D:76:04:1B:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01922702858A18201278FE4D383605F9185D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0tn0yWRjYXBHAivVH5jvbXYEG7s.roa
Signing time: Wed 25 Sep 2024 02:28:49 +0000
ROA not before: Wed 25 Sep 2024 02:28:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214147
IP address blocks: 2a0e:97c0:1a0::/44 maxlen: 48
2a0e:97c0:1a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 04:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:27:02:85:8a:18:20:12:78:fe:4d:38:36:05:f9:18:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 25 02:28:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2d9f4c96463617047022bd51f98ef6d76041bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e9:07:e3:22:70:7b:82:20:4b:40:1e:37:6f:
6a:1c:40:59:5e:1d:63:3b:2b:dc:56:20:6f:4c:22:
a1:50:7d:50:0e:28:e6:20:70:9a:bf:f9:f1:bc:7e:
f3:d3:5f:61:fa:6a:3b:f3:eb:80:c8:ed:82:f5:da:
a9:e4:06:5b:ac:0b:9b:7c:8d:7e:11:5c:8e:56:d2:
11:7b:09:ec:8b:fd:59:54:df:64:30:57:1d:5d:d9:
dc:c7:68:6e:df:e0:29:6c:43:b8:0e:e1:7f:35:5f:
ce:23:86:7c:cb:3b:6f:4c:bf:fb:24:97:e9:f2:a6:
87:df:f0:41:2b:bf:cb:0b:49:07:92:a3:03:b0:ef:
ed:b4:2c:d5:0c:a0:76:77:3c:c2:bc:a8:cf:29:f0:
99:2e:b2:06:d7:9b:c8:5d:65:5c:69:a6:f3:2a:17:
b6:e3:ce:8b:83:cb:07:37:a2:11:34:7f:db:56:cb:
6a:4d:3d:62:55:4a:03:af:53:15:81:a9:6e:fd:25:
8d:df:6f:02:3e:d4:22:88:84:5c:15:fc:49:13:ad:
a2:bf:83:22:0c:3f:96:28:82:0f:bd:09:a0:88:8a:
70:3a:df:cd:1e:76:b6:92:f0:7e:ec:c3:25:c6:86:
58:b4:5a:91:60:27:83:a1:8d:51:8f:4e:f5:b4:cc:
61:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D9:F4:C9:64:63:61:70:47:02:2B:D5:1F:98:EF:6D:76:04:1B:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0tn0yWRjYXBHAivVH5jvbXYEG7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1a0::/44
Signature Algorithm: sha256WithRSAEncryption
b5:6d:ed:21:ae:5c:66:ef:01:b5:b7:d5:4b:a0:fc:63:ed:25:
95:8c:0c:85:cd:69:70:b3:09:5a:dd:ef:42:18:49:c7:0b:c9:
94:20:01:6d:9c:2b:a0:a8:3c:4d:e7:b5:87:d2:a2:9e:69:e3:
f7:6f:db:2d:f5:84:02:b2:26:1d:c6:42:b1:63:08:b1:c1:4c:
8e:53:37:24:39:9c:b3:34:3f:f8:66:1e:a1:05:10:8a:9b:00:
32:96:4e:cf:a6:ca:0d:b7:f3:8e:9c:9a:da:11:2c:d9:e2:d7:
c2:c0:76:ca:77:2c:45:79:7e:5c:84:88:be:6f:37:b1:eb:c5:
ad:a9:e5:00:79:1a:2b:ca:f9:04:60:05:74:31:fb:97:00:30:
a8:a4:3f:7e:a3:e9:17:ee:08:bd:94:77:72:60:cd:60:96:fa:
e1:4c:9a:1e:79:d1:a9:0f:8f:b5:cb:53:a9:b4:c0:af:1b:57:
92:2f:0e:86:b3:ea:a4:81:09:58:86:4a:05:89:6c:4b:80:e5:
77:d3:5f:b2:d1:97:3d:49:af:1b:1b:8b:dd:1f:bd:3c:67:31:
6d:72:b5:8f:04:d9:fb:05:e0:5f:47:94:6c:16:01:b2:df:0b:
4f:7a:13:34:65:5f:a8:71:26:2b:c4:5e:63:b7:47:a4:8a:94:
9c:76:6a:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZInAoWKGCASeP5NODYF+RhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTI1MDIyODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ5ZjRjOTY0NjM2MTcwNDcwMjJiZDUxZjk4ZWY2ZDc2MDQxYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OkH4yJwe4IgS0AeN29qHEBZXh1j
OyvcViBvTCKhUH1QDijmIHCav/nxvH7z019h+mo78+uAyO2C9dqp5AZbrAubfI1+
EVyOVtIRewnsi/1ZVN9kMFcdXdncx2hu3+ApbEO4DuF/NV/OI4Z8yztvTL/7JJfp
8qaH3/BBK7/LC0kHkqMDsO/ttCzVDKB2dzzCvKjPKfCZLrIG15vIXWVcaabzKhe2
486Lg8sHN6IRNH/bVstqTT1iVUoDr1MVgalu/SWN328CPtQiiIRcFfxJE62iv4Mi
DD+WKIIPvQmgiIpwOt/NHna2kvB+7MMlxoZYtFqRYCeDoY1Rj071tMxhtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNLZ9MlkY2FwRwIr1R+Y7212BBu7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMHRuMHlXUmpZWEJIQWl2Vkg1anZiWFlFRzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAGg
MA0GCSqGSIb3DQEBCwUAA4IBAQC1be0hrlxm7wG1t9VLoPxj7SWVjAyFzWlwswla
3e9CGEnHC8mUIAFtnCugqDxN57WH0qKeaeP3b9st9YQCsiYdxkKxYwixwUyOUzck
OZyzND/4Zh6hBRCKmwAylk7PpsoNt/OOnJraESzZ4tfCwHbKdyxFeX5chIi+bzex
68WtqeUAeRoryvkEYAV0MfuXADCopD9+o+kX7gi9lHdyYM1glvrhTJoeedGpD4+1
y1OptMCvG1eSLw6Gs+qkgQlYhkoFiWxLgOV301+y0Zc9Sa8bG4vdH708ZzFtcrWP
BNn7BeBfR5RsFgGy3wtPehM0ZV+ocSYrxF5jt0ekipScdmo2
-----END CERTIFICATE-----
Generated at Wed Sep 25 06:32:31 2024 by rpki-client on console-ams.rpki-client.org