Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1Aayf_XDdA8tHj8au6tOzor8PHU.roa
File: 1Aayf_XDdA8tHj8au6tOzor8PHU.roa (raw, json)
Hash identifier: LB4JM2L1j8SELfDxDI+RZRXSLsdYKaWSr1MeZrDRYsM=
Subject key identifier: D4:06:B2:7F:F5:C3:74:0F:2D:1E:3F:1A:BB:AB:4E:CE:8A:FC:3C:75
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B0FA9502AAE6935EBB1F7542AA588
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1Aayf_XDdA8tHj8au6tOzor8PHU.roa
Signing time: Tue 24 Jan 2023 16:09:56 +0000
ROA not before: Tue 24 Jan 2023 16:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213215
IP address blocks: 2a0e:b107:a20::/44 maxlen: 48
2a0e:b107:6e3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:0f:a9:50:2a:ae:69:35:eb:b1:f7:54:2a:a5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d406b27ff5c3740f2d1e3f1abbab4ece8afc3c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:b9:56:8f:df:b6:4b:bd:89:7e:35:d7:13:
8d:f1:83:ce:7a:a0:7f:ac:a4:83:cb:ff:07:ed:f2:
c3:98:b1:46:1c:67:5a:0e:59:51:90:e1:c6:96:2f:
86:eb:86:4b:12:e9:e4:7a:59:33:bf:ba:77:2e:83:
ec:60:f7:77:0d:08:65:ff:6b:8b:b9:cf:c1:3f:0d:
32:08:df:dc:d3:dd:4f:a1:45:25:1c:6b:30:c6:a0:
33:b1:f6:d2:af:04:e5:dd:45:72:33:11:4f:cf:49:
01:f3:e4:dd:53:a6:b9:0e:2d:00:96:cb:2b:b0:d0:
9c:d0:21:1f:77:c2:a2:02:11:fa:e5:58:12:ca:c2:
d2:1f:77:e1:07:30:12:23:4c:64:cd:c6:ec:a5:0b:
1a:8e:f5:49:6b:47:e7:ad:44:cb:f0:4d:8c:79:bc:
1b:85:a6:61:55:5e:67:34:39:d5:02:24:d8:b0:aa:
28:20:e1:2a:10:6e:1e:d2:df:0b:4b:1c:58:08:fc:
66:66:e8:46:56:06:0e:6a:98:21:0a:ab:34:c2:1b:
8c:41:a3:e4:7e:9f:75:95:f0:37:9d:cc:d7:e9:bc:
47:b1:c7:81:8d:5e:92:90:5e:5a:74:3f:fc:2f:95:
53:f7:7d:58:36:54:0d:72:16:b6:d6:81:9a:3e:c2:
a3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:06:B2:7F:F5:C3:74:0F:2D:1E:3F:1A:BB:AB:4E:CE:8A:FC:3C:75
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1Aayf_XDdA8tHj8au6tOzor8PHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:6e3::/48
2a0e:b107:a20::/44
Signature Algorithm: sha256WithRSAEncryption
15:4c:40:55:e8:fc:f6:f7:b4:c9:71:d3:e2:72:4a:2e:22:9c:
18:8b:69:75:34:85:f0:4e:86:0f:7c:0a:4c:92:18:0d:0e:c3:
d6:2a:68:4a:2b:a1:b9:45:02:56:b4:07:6e:cb:35:f5:3d:51:
59:dd:92:10:bd:f4:d1:61:00:c1:31:b1:e5:5f:9f:38:26:b4:
17:cb:9d:3b:dc:df:b4:15:db:50:3f:0b:63:5c:69:61:49:b1:
7a:04:d5:26:31:7c:e0:49:c1:b8:90:5d:af:3b:7c:fe:1f:0f:
17:a1:27:87:e5:a9:84:34:af:9b:44:b8:e7:4a:b2:58:2d:ab:
03:83:52:e2:be:7c:6b:a1:8f:8a:57:70:d9:29:56:c1:f2:5e:
c6:57:63:19:9c:13:53:4f:87:16:81:a0:70:9c:26:84:16:04:
37:40:50:52:f4:ca:ee:62:b6:e4:b0:56:ac:97:1f:f1:1c:28:
f1:6a:70:03:a4:b3:fa:9b:3f:8a:d6:cf:4d:ad:1b:ff:0a:6a:
e3:1b:2d:61:ff:e6:d4:13:37:30:a5:89:7b:a8:44:8b:48:76:
42:f3:f8:cd:92:43:31:c7:c6:a6:70:de:fb:46:78:dd:61:22:
dc:fc:a5:e7:f2:15:61:a0:c4:b0:da:bd:5b:e3:ef:92:8c:64:
d0:2d:24:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiw+pUCquaTXrsfdUKqWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDA2YjI3ZmY1YzM3NDBmMmQxZTNmMWFiYmFiNGVjZThhZmMzYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAora5Vo/ftku9iX411xON8YPOeqB/
rKSDy/8H7fLDmLFGHGdaDllRkOHGli+G64ZLEunkelkzv7p3LoPsYPd3DQhl/2uL
uc/BPw0yCN/c091PoUUlHGswxqAzsfbSrwTl3UVyMxFPz0kB8+TdU6a5Di0Alssr
sNCc0CEfd8KiAhH65VgSysLSH3fhBzASI0xkzcbspQsajvVJa0fnrUTL8E2Mebwb
haZhVV5nNDnVAiTYsKooIOEqEG4e0t8LSxxYCPxmZuhGVgYOapghCqs0whuMQaPk
fp91lfA3nczX6bxHsceBjV6SkF5adD/8L5VT931YNlQNcha21oGaPsKj2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNQGsn/1w3QPLR4/GrurTs6K/Dx1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMUFheWZfWERkQTh0SGo4YXU2dE96b3I4UEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwbj
AwcEKg6xBwogMA0GCSqGSIb3DQEBCwUAA4IBAQAVTEBV6Pz297TJcdPickouIpwY
i2l1NIXwToYPfApMkhgNDsPWKmhKK6G5RQJWtAduyzX1PVFZ3ZIQvfTRYQDBMbHl
X584JrQXy5073N+0FdtQPwtjXGlhSbF6BNUmMXzgScG4kF2vO3z+Hw8XoSeH5amE
NK+bRLjnSrJYLasDg1LivnxroY+KV3DZKVbB8l7GV2MZnBNTT4cWgaBwnCaEFgQ3
QFBS9MruYrbksFaslx/xHCjxanADpLP6mz+K1s9NrRv/CmrjGy1h/+bUEzcwpYl7
qESLSHZC8/jNkkMxx8amcN77RnjdYSLc/KXn8hVhoMSw2r1b4++SjGTQLSQF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org