Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-KDD4OLKWiQZDawNXRU1SOLDJeg.roa
File: 1-KDD4OLKWiQZDawNXRU1SOLDJeg.roa (raw, json)
Hash identifier: BFiwHxqRscPwLzIfpNNNCMm0rWLhgfnaIaqYNRFKa2I=
Subject key identifier: F8:A0:C3:E0:E2:CA:5A:24:19:0D:AC:0D:5D:15:35:48:E2:C3:25:E8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AA652772CD175B17B8F400743C998D6E5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-KDD4OLKWiQZDawNXRU1SOLDJeg.roa
Signing time: Mon 18 Sep 2023 03:25:36 +0000
ROA not before: Mon 18 Sep 2023 03:25:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47553
IP address blocks: 2a0e:97c6:6800::/38 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Nov 2023 23:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a6:52:77:2c:d1:75:b1:7b:8f:40:07:43:c9:98:d6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 18 03:25:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8a0c3e0e2ca5a24190dac0d5d153548e2c325e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:71:96:eb:f8:2b:c0:19:4c:db:ce:fc:9e:57:
83:f4:db:2f:02:30:66:38:9b:1f:5f:eb:93:63:2d:
1e:f9:52:a9:d9:6a:37:b7:72:87:db:60:33:f3:45:
29:a6:36:6c:10:53:3f:03:79:cf:cd:f0:be:ff:b0:
97:86:9c:19:15:04:c6:f2:97:d9:fb:50:f8:34:31:
d5:49:ae:95:2e:2e:21:f1:0d:35:d0:ad:2c:59:29:
bd:c3:3a:38:4d:1f:4c:f5:96:a6:a5:32:47:b3:cb:
60:1b:d7:e7:d0:aa:b2:18:2b:13:bf:5f:2a:26:92:
1e:1a:4e:2f:0a:f2:a8:64:a6:be:7f:74:52:2f:12:
c3:69:95:14:e0:60:f6:93:97:a4:ae:33:4d:52:75:
d6:27:17:44:f3:c3:c9:c0:63:8d:ca:bd:23:ec:87:
34:65:df:a6:da:a7:06:2a:7c:e8:d3:d4:99:61:38:
4f:9d:6e:17:1d:4b:61:ed:a5:3c:45:23:57:e0:11:
6e:d7:7f:57:29:a2:03:cc:83:04:52:79:d5:86:b7:
5b:4e:9e:87:3f:68:ae:cd:67:20:5c:4e:be:2d:de:
1b:c8:5f:6d:ee:3b:9b:40:67:6d:5b:5e:be:b3:29:
9a:41:1b:6a:29:39:61:99:61:e5:ac:e2:13:4b:7c:
24:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A0:C3:E0:E2:CA:5A:24:19:0D:AC:0D:5D:15:35:48:E2:C3:25:E8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-KDD4OLKWiQZDawNXRU1SOLDJeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:6800::/38
Signature Algorithm: sha256WithRSAEncryption
54:52:f2:d7:79:40:1a:ce:5e:81:7d:a2:99:fe:02:86:32:92:
83:0b:41:81:7c:0b:86:9d:64:96:71:a6:5b:f7:4b:95:0a:af:
2b:9f:d3:a0:52:49:db:ce:fa:16:c7:b2:68:71:b1:15:9b:34:
e7:ec:4b:d7:db:7d:4e:81:f8:e0:07:02:4b:ea:39:56:5c:7a:
a4:1c:f2:87:eb:28:4f:fa:c3:71:12:fe:dc:54:13:e4:ef:76:
bb:b4:36:7d:dd:b7:27:43:cf:56:bd:24:a6:64:b0:b9:0d:16:
a1:b4:e4:d4:7c:1a:aa:2c:83:c4:64:3e:84:22:22:59:fb:59:
b8:b1:ab:50:5b:f2:96:57:96:37:94:dc:67:48:4d:77:ba:31:
20:df:03:1b:86:59:4f:68:29:55:f6:ea:a3:20:7f:91:db:8e:
42:e3:36:57:9d:c3:ad:46:93:72:fe:32:2a:58:ef:51:17:72:
63:61:7f:a4:6c:9c:b7:6b:de:3f:6e:9b:e1:1a:bd:dd:c6:31:
ec:f3:d5:3d:fe:41:ce:62:e8:d7:b3:67:85:0d:0b:fb:5b:dd:
b7:f0:e4:57:88:e1:ae:de:5c:ee:2a:ea:b8:fb:96:76:79:89:
e3:22:72:b2:49:c9:5f:6e:7e:2b:fa:0b:84:ae:54:ff:6a:3f:
53:fa:b1:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYqmUncs0XWxe49AB0PJmNblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTE4MDMyNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEwYzNlMGUyY2E1YTI0MTkwZGFjMGQ1ZDE1MzU0OGUyYzMyNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXGW6/grwBlM2878nleD9NsvAjBm
OJsfX+uTYy0e+VKp2Wo3t3KH22Az80UppjZsEFM/A3nPzfC+/7CXhpwZFQTG8pfZ
+1D4NDHVSa6VLi4h8Q010K0sWSm9wzo4TR9M9ZampTJHs8tgG9fn0KqyGCsTv18q
JpIeGk4vCvKoZKa+f3RSLxLDaZUU4GD2k5ekrjNNUnXWJxdE88PJwGONyr0j7Ic0
Zd+m2qcGKnzo09SZYThPnW4XHUth7aU8RSNX4BFu139XKaIDzIMEUnnVhrdbTp6H
P2iuzWcgXE6+Ld4byF9t7jubQGdtW16+symaQRtqKTlhmWHlrOITS3wk+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPigw+DiylokGQ2sDV0VNUjiwyXoMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1LREQ0T0xLV2lRWkRhd05YUlUxU09MREplZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioOl8Zo
MA0GCSqGSIb3DQEBCwUAA4IBAQBUUvLXeUAazl6BfaKZ/gKGMpKDC0GBfAuGnWSW
caZb90uVCq8rn9OgUknbzvoWx7JocbEVmzTn7EvX231OgfjgBwJL6jlWXHqkHPKH
6yhP+sNxEv7cVBPk73a7tDZ93bcnQ89WvSSmZLC5DRahtOTUfBqqLIPEZD6EIiJZ
+1m4satQW/KWV5Y3lNxnSE13ujEg3wMbhllPaClV9uqjIH+R245C4zZXncOtRpNy
/jIqWO9RF3JjYX+kbJy3a94/bpvhGr3dxjHs89U9/kHOYujXs2eFDQv7W9238ORX
iOGu3lzuKuq4+5Z2eYnjInKySclfbn4r+guErlT/aj9T+rGl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org