Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ITw5-RH3R9yKcgClza_AAOn4D4.roa
File: 1ITw5-RH3R9yKcgClza_AAOn4D4.roa (raw, json)
Hash identifier: +2sicl3jpEtz90x2RBaUpIY29HF+Od+f4Wp3R4Pe6tI=
Subject key identifier: D4:84:F0:E7:E4:47:DD:1F:72:29:C8:02:97:36:BF:00:03:A7:E0:3E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187CA25B9038F19F511FE2BDFE3D1F0A9B2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ITw5-RH3R9yKcgClza_AAOn4D4.roa
Signing time: Fri 28 Apr 2023 23:14:42 +0000
ROA not before: Fri 28 Apr 2023 23:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212184
IP address blocks: 2a0e:b107:20b0::/44 maxlen: 48
2a10:2f00:192::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Apr 2023 04:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ca:25:b9:03:8f:19:f5:11:fe:2b:df:e3:d1:f0:a9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 28 23:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d484f0e7e447dd1f7229c8029736bf0003a7e03e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:e6:f6:ab:bd:50:dd:cf:5b:e1:77:5b:e1:
99:f3:e1:ea:6d:11:cd:0e:03:07:21:e7:51:f4:2f:
ec:5d:dc:52:9d:d1:76:0c:43:18:2d:bc:b1:3c:d7:
7c:a5:61:1b:92:3a:8f:6a:82:a3:8e:ea:78:b2:11:
df:46:9d:a4:74:86:60:ae:43:78:9e:7f:fa:98:57:
9c:c7:34:e1:05:e2:2b:27:10:e8:b2:ac:7b:f0:ce:
ba:c5:94:ad:fb:39:50:05:95:6a:03:d3:9d:7a:02:
f2:e0:f2:22:6a:74:fb:30:c6:a1:31:12:66:b4:26:
be:ca:f0:31:28:eb:84:c4:0f:e8:09:b9:72:03:fa:
34:6f:65:dc:cc:eb:73:9d:5a:1b:25:73:27:17:14:
00:70:9b:0d:e1:a9:22:dd:5c:06:41:32:10:e9:e6:
24:8b:41:55:53:07:01:97:40:2a:a6:3c:36:38:92:
d9:5d:4e:8d:40:66:22:e9:05:88:05:f8:0b:c2:27:
e5:ef:59:69:5c:2a:f2:b3:8d:21:86:50:bc:fc:87:
3d:de:cc:30:af:c2:d3:7b:6e:03:b1:d8:27:78:fd:
b4:29:e5:b2:3f:dc:7a:59:3e:a6:b9:cc:ef:2c:f9:
0c:96:5a:5b:44:3f:05:44:1f:8d:bf:52:b4:a6:8c:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:84:F0:E7:E4:47:DD:1F:72:29:C8:02:97:36:BF:00:03:A7:E0:3E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ITw5-RH3R9yKcgClza_AAOn4D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:20b0::/44
2a10:2f00:192::/48
Signature Algorithm: sha256WithRSAEncryption
22:ea:db:bf:31:8f:8a:e8:9f:f5:d6:b2:36:70:e6:72:33:fd:
87:08:2e:e1:5e:f1:07:ab:df:b4:bc:54:91:28:48:14:6b:e7:
24:81:41:1f:15:89:66:94:11:1b:9d:3f:a9:64:5e:7d:32:bf:
8e:b6:73:51:2a:af:3b:d8:6d:42:62:ff:f2:45:87:5a:24:b1:
e6:83:46:ce:cf:a5:79:29:35:99:51:36:6f:18:3c:99:f3:61:
de:3c:6e:37:ce:94:db:fa:65:09:42:13:2c:71:68:25:a5:d7:
f4:b9:25:90:74:2f:d7:78:a1:79:97:72:85:51:01:9b:9d:99:
50:ee:0e:dc:6f:45:2a:be:67:74:c8:f7:4b:b3:dd:bb:21:34:
de:d6:85:d7:03:45:ab:0a:a3:ce:b4:30:56:1d:97:4f:9a:8f:
ac:2b:de:9c:c1:3d:2b:12:7a:85:99:cc:cf:d0:70:b3:b6:73:
58:8e:ea:fd:f0:ae:7d:3e:f5:25:b6:0e:f8:dd:6b:a9:5e:e8:
33:02:71:13:c5:13:b2:5f:62:ec:9c:80:f1:df:09:b6:80:75:
10:c4:4c:86:95:85:40:19:78:2a:3d:bb:c4:fc:5b:9d:b7:ba:
8b:44:2e:d9:ba:f1:55:e1:e1:be:a2:8d:af:f8:ad:27:fc:fa:
60:a1:b8:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfKJbkDjxn1Ef4r3+PR8KmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI4MjMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg0ZjBlN2U0NDdkZDFmNzIyOWM4MDI5NzM2YmYwMDAzYTdlMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB3m9qu9UN3PW+F3W+GZ8+HqbRHN
DgMHIedR9C/sXdxSndF2DEMYLbyxPNd8pWEbkjqPaoKjjup4shHfRp2kdIZgrkN4
nn/6mFecxzThBeIrJxDosqx78M66xZSt+zlQBZVqA9OdegLy4PIianT7MMahMRJm
tCa+yvAxKOuExA/oCblyA/o0b2XczOtznVobJXMnFxQAcJsN4aki3VwGQTIQ6eYk
i0FVUwcBl0Aqpjw2OJLZXU6NQGYi6QWIBfgLwifl71lpXCrys40hhlC8/Ic93sww
r8LTe24DsdgneP20KeWyP9x6WT6muczvLPkMllpbRD8FRB+Nv1K0pow6AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNSE8OfkR90fcinIApc2vwADp+A+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMUlUdzUtUkgzUjl5S2NnQ2x6YV9BQU9uNEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xByCw
AwcAKhAvAAGSMA0GCSqGSIb3DQEBCwUAA4IBAQAi6tu/MY+K6J/11rI2cOZyM/2H
CC7hXvEHq9+0vFSRKEgUa+ckgUEfFYlmlBEbnT+pZF59Mr+OtnNRKq872G1CYv/y
RYdaJLHmg0bOz6V5KTWZUTZvGDyZ82HePG43zpTb+mUJQhMscWglpdf0uSWQdC/X
eKF5l3KFUQGbnZlQ7g7cb0Uqvmd0yPdLs927ITTe1oXXA0WrCqPOtDBWHZdPmo+s
K96cwT0rEnqFmczP0HCztnNYjur98K59PvUltg743WupXugzAnETxROyX2LsnIDx
3wm2gHUQxEyGlYVAGXgqPbvE/Fudt7qLRC7ZuvFV4eG+oo2v+K0n/Ppgobjr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org