Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-jRisBIfwn5yqbN4XTxjXyE7-O8.roa
File: 1-jRisBIfwn5yqbN4XTxjXyE7-O8.roa (raw, json)
Hash identifier: /zwroUkAHqhwK2vaohdxtVGSQtNessn4K/mre4aRcfs=
Subject key identifier: FA:34:62:B0:12:1F:C2:7E:72:A9:B3:78:5D:3C:63:5F:21:3B:F8:EF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40A78572FBF8057F2439C70E6A6EF3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-jRisBIfwn5yqbN4XTxjXyE7-O8.roa
Signing time: Mon 23 Jan 2023 10:50:57 +0000
ROA not before: Mon 23 Jan 2023 10:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:736::/48 maxlen: 48
2a0e:97c0:73f::/48 maxlen: 48
2a0e:97c0:76f::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Jan 2023 16:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:a7:85:72:fb:f8:05:7f:24:39:c7:0e:6a:6e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa3462b0121fc27e72a9b3785d3c635f213bf8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:79:49:57:4f:7e:61:91:64:be:9b:9c:f3:b8:
d4:e9:a5:f5:f8:0a:69:c7:a6:b8:1f:97:f2:75:79:
5b:92:e2:6f:cd:4f:18:6e:3b:56:bc:e1:e4:6f:d5:
86:74:33:c4:47:de:65:bd:e3:ed:2a:07:fe:7a:90:
21:0c:cc:f2:39:3b:be:09:e8:11:90:0f:d2:12:a8:
3e:ea:3b:f0:7d:8e:2b:5b:5d:95:15:ce:26:43:db:
33:34:60:2f:03:7b:c8:73:5b:38:a4:e8:37:6d:32:
28:aa:c2:86:27:23:2b:4f:3e:80:c2:5d:a2:7e:30:
03:73:11:70:5b:68:58:ad:cb:dd:fd:23:e3:91:00:
3c:6e:f3:d1:94:f9:67:79:33:90:8e:5b:fc:df:24:
d6:31:fa:59:a4:51:db:02:88:10:8e:bd:49:54:e7:
f2:5b:f9:80:35:9c:9f:29:3f:30:e5:9b:e6:d3:20:
c0:d1:84:3b:d4:46:a0:e5:9a:76:61:b8:19:55:c7:
a3:12:38:4d:52:2a:4e:53:2c:4a:e2:aa:9b:ce:5c:
8e:82:20:9f:06:a5:bf:a2:cc:5c:8b:6b:e2:d2:8c:
6c:e1:8f:fc:19:e8:69:8c:0c:47:3b:be:25:77:b8:
24:05:da:a5:77:a8:37:1d:46:63:b1:bf:1b:d4:fb:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:34:62:B0:12:1F:C2:7E:72:A9:B3:78:5D:3C:63:5F:21:3B:F8:EF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-jRisBIfwn5yqbN4XTxjXyE7-O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:736::/48
2a0e:97c0:73f::/48
2a0e:97c0:750::/48
2a0e:97c0:76f::/48
Signature Algorithm: sha256WithRSAEncryption
a8:17:22:b3:58:dc:27:77:99:cb:2f:64:54:2d:30:0c:5a:65:
18:d9:65:e2:7e:b9:7e:3e:7c:23:6d:dc:4b:7a:3f:f4:b3:31:
a8:e5:70:4e:47:8f:5c:e6:5b:14:96:7a:0d:ca:f1:85:67:41:
81:cf:af:b8:d7:f0:6d:eb:79:de:d6:5a:df:46:1a:65:1d:72:
e1:b0:0b:b0:e7:7c:3b:1a:a2:aa:0d:08:91:ce:d9:88:1a:ca:
8c:8e:f8:7f:91:8e:53:2c:38:5a:75:fd:c2:58:92:d5:07:04:
d6:26:8c:29:08:48:a5:94:1f:dd:de:11:f5:38:c9:51:cc:d0:
66:f6:fd:09:e2:e4:d0:e0:0a:7c:3b:c1:0e:a6:5b:61:9f:b4:
69:62:96:1f:06:a6:c0:75:6f:dd:15:05:a0:33:c1:19:5d:1a:
f1:7e:a0:41:1f:6b:f1:93:d9:5d:31:f1:fe:83:89:4e:41:ff:
cb:7e:4b:de:71:c6:5b:cd:9c:4e:e8:9a:d4:49:a3:f4:10:f9:
f2:96:a7:a5:93:bc:c7:aa:a2:40:92:9d:47:8e:c7:ae:9e:e1:
3a:a6:28:51:ec:1e:cf:1d:85:80:8a:57:4e:3b:75:62:bd:b4:
db:bd:33:f8:ca:8f:61:67:2d:b4:73:4c:06:55:0c:82:5a:f8:
b4:47:c1:d2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYXeQKeFcvv4BX8kOccOam7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTM0NjJiMDEyMWZjMjdlNzJhOWIzNzg1ZDNjNjM1ZjIxM2JmOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinlJV09+YZFkvpuc87jU6aX1+App
x6a4H5fydXlbkuJvzU8YbjtWvOHkb9WGdDPER95lvePtKgf+epAhDMzyOTu+CegR
kA/SEqg+6jvwfY4rW12VFc4mQ9szNGAvA3vIc1s4pOg3bTIoqsKGJyMrTz6Awl2i
fjADcxFwW2hYrcvd/SPjkQA8bvPRlPlneTOQjlv83yTWMfpZpFHbAogQjr1JVOfy
W/mANZyfKT8w5Zvm0yDA0YQ71Eag5Zp2YbgZVcejEjhNUipOUyxK4qqbzlyOgiCf
BqW/osxci2vi0oxs4Y/8GehpjAxHO74ld7gkBdqld6g3HUZjsb8b1PvrXQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPo0YrASH8J+cqmzeF08Y18hO/jvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1qUmlzQklmd241eXFiTjRYVHhqWHlFNy1POC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAIwJAMHACoOl8AH
NgMHACoOl8AHPwMHACoOl8AHUAMHACoOl8AHbzANBgkqhkiG9w0BAQsFAAOCAQEA
qBcis1jcJ3eZyy9kVC0wDFplGNll4n65fj58I23cS3o/9LMxqOVwTkePXOZbFJZ6
DcrxhWdBgc+vuNfwbet53tZa30YaZR1y4bALsOd8Oxqiqg0Ikc7ZiBrKjI74f5GO
Uyw4WnX9wliS1QcE1iaMKQhIpZQf3d4R9TjJUczQZvb9CeLk0OAKfDvBDqZbYZ+0
aWKWHwamwHVv3RUFoDPBGV0a8X6gQR9r8ZPZXTHx/oOJTkH/y35L3nHGW82cTuia
1Emj9BD58panpZO8x6qiQJKdR47Hrp7hOqYoUewezx2FgIpXTjt1Yr20270z+MqP
YWcttHNMBlUMglr4tEfB0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:51 2024 by rpki-client on console-ams.rpki-client.org