Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-f6lUsri5pAmKhmJvHrAwPaZodE.roa
File: 1-f6lUsri5pAmKhmJvHrAwPaZodE.roa (raw, json)
Hash identifier: M7wD4Swrm6NE0pZ1DWh1zrW2tRouM/JA7aIKv3iFhdg=
Subject key identifier: F9:FE:A5:52:CA:E2:E6:90:26:2A:19:89:BC:7A:C0:C0:F6:99:A1:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40B5E3F1F7EB3F343F300F38C735CA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-f6lUsri5pAmKhmJvHrAwPaZodE.roa
Signing time: Mon 23 Jan 2023 10:51:00 +0000
ROA not before: Mon 23 Jan 2023 10:51:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212793
IP address blocks: 2a10:2f01:2d0::/44 maxlen: 48
2a10:2f01:350::/44 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a0f:e401:130::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
2a10:2f01:354::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Jan 2023 16:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:b5:e3:f1:f7:eb:3f:34:3f:30:0f:38:c7:35:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:51:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9fea552cae2e690262a1989bc7ac0c0f699a1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:44:6c:1f:86:50:97:51:d6:21:73:b4:b6:1d:
ad:71:04:68:a0:b2:dd:ff:58:3b:bf:f6:84:33:72:
2c:7e:27:f9:c6:6b:78:37:a8:d2:f1:83:4b:5f:fa:
98:cf:5a:04:f0:4f:97:97:69:33:27:4d:e8:06:8a:
be:cb:c8:ef:8c:80:f1:0f:62:62:6a:51:b1:1c:82:
ac:7a:e4:06:ea:65:8d:6b:c7:1c:33:bc:bf:f7:ca:
70:33:0f:1f:d3:06:33:65:e2:18:cc:23:dd:5c:4b:
d3:6b:27:47:9f:95:62:1d:6f:92:ab:b4:ee:68:21:
c0:a3:a6:d2:ab:6e:ee:3b:a1:f5:e0:cd:7c:d1:73:
ff:89:2c:6d:07:55:50:e5:09:a8:8f:41:41:bf:b7:
04:3e:67:50:c9:3c:9b:2e:87:53:34:67:1a:83:ff:
16:4e:93:09:ca:c3:05:ec:c8:2d:49:9a:aa:de:61:
30:5d:75:46:ed:ef:5f:e4:06:90:80:2a:61:9e:ad:
33:3a:64:2d:1b:4d:57:be:19:37:1e:a4:51:81:12:
60:52:25:05:1b:31:ce:ea:96:34:a4:83:c3:7a:5f:
22:8f:44:0c:5e:a2:54:4f:20:14:59:73:97:d0:a2:
eb:26:4c:5b:2a:1a:75:b3:3a:25:07:dc:07:30:40:
bd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FE:A5:52:CA:E2:E6:90:26:2A:19:89:BC:7A:C0:C0:F6:99:A1:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-f6lUsri5pAmKhmJvHrAwPaZodE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e401:130::/44
2a10:2f00:147::/48
2a10:2f01:2d0::/44
2a10:2f01:350::/44
Signature Algorithm: sha256WithRSAEncryption
99:2b:1c:65:99:e8:ff:4c:6a:c6:8b:18:54:8a:81:13:fd:bc:
b8:2b:e8:cb:13:25:78:bf:53:b0:25:f7:af:30:ce:54:ed:cc:
d1:d6:09:b7:ab:2e:c8:f7:36:4b:0d:8b:14:be:d1:39:de:98:
69:c1:db:2b:3e:b1:2a:ca:f5:97:ff:ad:f0:c3:1c:3d:96:ac:
7d:5a:46:41:50:2b:ea:17:da:a5:7e:2b:99:db:1c:29:ba:c4:
24:79:e0:be:99:87:22:5c:49:9c:b6:0f:f0:c4:6d:da:30:b1:
ff:d0:c0:c2:a3:b5:c8:30:7e:52:5d:8e:a7:40:4d:56:ef:8c:
58:44:7c:28:7e:b9:52:9e:1a:58:81:e2:25:99:cb:61:5a:c0:
93:45:6f:c2:da:83:89:61:7e:86:fd:7e:d6:ed:6b:8e:88:bc:
93:01:f4:31:73:78:95:3c:08:c5:a3:7b:1d:d0:35:7c:93:5c:
d1:04:59:a1:93:5f:46:69:ae:2a:46:8d:d1:1e:9a:d3:d0:5f:
4b:71:42:88:e4:6a:85:29:19:97:e0:5a:06:0c:2a:b8:15:75:
48:f7:da:63:29:b3:63:94:62:11:7c:ca:a9:2f:b1:f3:3a:53:
71:cd:f2:2f:b7:b6:cb:66:71:c6:f1:ee:84:4b:4b:d0:41:5b:
9c:e5:62:c3
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYXeQLXj8ffrPzQ/MA84xzXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZlYTU1MmNhZTJlNjkwMjYyYTE5ODliYzdhYzBjMGY2OTlhMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhERsH4ZQl1HWIXO0th2tcQRooLLd
/1g7v/aEM3Isfif5xmt4N6jS8YNLX/qYz1oE8E+Xl2kzJ03oBoq+y8jvjIDxD2Ji
alGxHIKseuQG6mWNa8ccM7y/98pwMw8f0wYzZeIYzCPdXEvTaydHn5ViHW+Sq7Tu
aCHAo6bSq27uO6H14M180XP/iSxtB1VQ5Qmoj0FBv7cEPmdQyTybLodTNGcag/8W
TpMJysMF7MgtSZqq3mEwXXVG7e9f5AaQgCphnq0zOmQtG01Xvhk3HqRRgRJgUiUF
GzHO6pY0pIPDel8ij0QMXqJUTyAUWXOX0KLrJkxbKhp1szolB9wHMEC90wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPn+pVLK4uaQJioZibx6wMD2maHRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1mNmxVc3JpNXBBbUtobUp2SHJBd1BhWm9kRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHBCoP5AEB
MAMHACoQLwABRwMHBCoQLwEC0AMHBCoQLwEDUDANBgkqhkiG9w0BAQsFAAOCAQEA
mSscZZno/0xqxosYVIqBE/28uCvoyxMleL9TsCX3rzDOVO3M0dYJt6suyPc2Sw2L
FL7ROd6YacHbKz6xKsr1l/+t8MMcPZasfVpGQVAr6hfapX4rmdscKbrEJHngvpmH
IlxJnLYP8MRt2jCx/9DAwqO1yDB+Ul2Op0BNVu+MWER8KH65Up4aWIHiJZnLYVrA
k0VvwtqDiWF+hv1+1u1rjoi8kwH0MXN4lTwIxaN7HdA1fJNc0QRZoZNfRmmuKkaN
0R6a09BfS3FCiORqhSkZl+BaBgwquBV1SPfaYymzY5RiEXzKqS+x8zpTcc3yL7e2
y2ZxxvHuhEtL0EFbnOViww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org