Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XGHYbmYx5e3BF7LKx00M4QG4uw.roa
File: 1-XGHYbmYx5e3BF7LKx00M4QG4uw.roa (raw, json)
Hash identifier: iaugSnRO4JJzXEqNq6woftsZzDTp038hXhaoqGd6LdA=
Subject key identifier: F9:71:87:61:B9:98:C7:97:B7:04:5E:CB:2B:1D:34:33:84:06:E2:EC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7A7F53ED97232135D05136F7C4A79
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XGHYbmYx5e3BF7LKx00M4QG4uw.roa
Signing time: Mon 02 Jan 2023 05:15:08 +0000
ROA not before: Mon 02 Jan 2023 05:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202256
IP address blocks: 2a0e:97c6:4000::/34 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jan 2023 05:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:a7:f5:3e:d9:72:32:13:5d:05:13:6f:7c:4a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9718761b998c797b7045ecb2b1d34338406e2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:0b:89:25:65:18:3d:6b:d0:8d:c0:6f:cb:
86:de:5a:dd:a3:67:4b:b2:4e:cf:08:ec:c3:51:84:
98:7b:f2:f9:dd:16:ac:83:1f:04:04:25:49:c2:8b:
2e:78:01:61:a9:b2:95:7c:0a:32:11:ff:9f:ec:e9:
aa:c9:01:3c:f3:f0:2a:bb:cf:38:06:a2:e6:72:8a:
2f:d2:08:25:ee:dd:17:83:a1:a9:36:de:b6:cf:71:
2f:94:6a:46:87:a2:5f:4f:d6:27:25:69:15:c9:f9:
73:30:94:ad:d8:83:17:e9:8f:ee:30:af:a5:4d:2b:
e8:9c:55:cc:d7:91:a8:7a:1a:a5:66:8e:03:5c:52:
18:bf:be:90:b5:6d:c6:e0:42:ee:56:d1:83:69:1a:
96:92:92:51:0d:bd:54:45:43:82:fc:7a:78:e0:d1:
37:7e:9b:ad:93:cf:21:e8:01:a6:e6:98:25:5a:f8:
8a:c4:e1:85:59:2d:61:9e:79:c2:6a:e2:32:5b:1d:
b8:3e:30:d9:b0:15:f8:f5:a2:fc:92:b8:9f:ab:0f:
1d:5f:67:05:76:89:fc:b9:89:a3:5f:f6:71:6b:4e:
66:1b:e2:09:f0:bf:cd:2a:55:d3:76:68:42:34:99:
9c:ab:7e:e0:42:13:1c:2e:c0:61:52:99:c0:7a:5e:
5e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:71:87:61:B9:98:C7:97:B7:04:5E:CB:2B:1D:34:33:84:06:E2:EC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-XGHYbmYx5e3BF7LKx00M4QG4uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:4000::/34
Signature Algorithm: sha256WithRSAEncryption
cb:4f:54:19:82:d4:3e:a0:61:90:a4:81:d8:36:39:59:7c:d8:
6a:c9:3b:73:80:06:f9:a1:01:e5:6f:08:32:92:31:34:27:4b:
0b:9e:30:68:cc:79:31:cc:62:92:36:b6:f0:48:fc:7f:d3:b2:
90:30:79:0d:0a:79:de:71:7d:3d:16:51:e7:0f:23:4d:a7:ba:
3a:cc:0a:33:fb:9f:de:df:3c:34:b3:82:f9:47:2f:f2:c8:68:
c6:cb:67:30:5f:7c:6c:5a:70:c0:62:d3:4b:11:ff:61:3a:a7:
d5:f3:94:93:11:4d:85:4a:34:36:63:44:dc:3b:d3:65:04:50:
18:05:d7:27:08:e1:8e:c0:ff:58:37:d8:53:f5:bf:11:8f:de:
a6:99:a7:15:5e:ef:59:06:79:d7:68:d3:aa:df:2b:e6:e5:3e:
e8:05:d5:e7:f9:7b:ee:d6:ae:e6:1e:de:17:ca:70:cb:3f:31:
3c:51:51:5c:fc:14:fd:24:62:04:70:d2:3a:c0:b7:d4:eb:e5:
1b:b8:82:e0:2d:84:6b:24:6d:d1:d2:d1:17:4e:3b:9c:2e:4f:
df:84:58:d6:92:f5:30:a7:c8:78:d4:55:24:7d:ac:5f:4c:9d:
12:8c:fb:08:f9:6b:7c:3c:d2:68:77:bc:62:c1:b2:c8:11:66:
38:61:e9:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56f1PtlyMhNdBRNvfEp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcxODc2MWI5OThjNzk3YjcwNDVlY2IyYjFkMzQzMzg0MDZlMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQLiSVlGD1r0I3Ab8uG3lrdo2dL
sk7PCOzDUYSYe/L53Rasgx8EBCVJwosueAFhqbKVfAoyEf+f7OmqyQE88/Aqu884
BqLmcoov0ggl7t0Xg6GpNt62z3EvlGpGh6JfT9YnJWkVyflzMJSt2IMX6Y/uMK+l
TSvonFXM15GoehqlZo4DXFIYv76QtW3G4ELuVtGDaRqWkpJRDb1URUOC/Hp44NE3
fputk88h6AGm5pglWviKxOGFWS1hnnnCauIyWx24PjDZsBX49aL8krifqw8dX2cF
don8uYmjX/Zxa05mG+IJ8L/NKlXTdmhCNJmcq37gQhMcLsBhUpnAel5ebwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPlxh2G5mMeXtwReyysdNDOEBuLsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1YR0hZYm1ZeDVlM0JGN0xLeDAwTTRRRzR1dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBioOl8ZA
MA0GCSqGSIb3DQEBCwUAA4IBAQDLT1QZgtQ+oGGQpIHYNjlZfNhqyTtzgAb5oQHl
bwgykjE0J0sLnjBozHkxzGKSNrbwSPx/07KQMHkNCnnecX09FlHnDyNNp7o6zAoz
+5/e3zw0s4L5Ry/yyGjGy2cwX3xsWnDAYtNLEf9hOqfV85STEU2FSjQ2Y0TcO9Nl
BFAYBdcnCOGOwP9YN9hT9b8Rj96mmacVXu9ZBnnXaNOq3yvm5T7oBdXn+Xvu1q7m
Ht4XynDLPzE8UVFc/BT9JGIEcNI6wLfU6+UbuILgLYRrJG3R0tEXTjucLk/fhFjW
kvUwp8h41FUkfaxfTJ0SjPsI+Wt8PNJod7xiwbLIEWY4YenH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org