Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1N0VlSygBgl5i3VPry5riNC7-ok.roa
File: 1N0VlSygBgl5i3VPry5riNC7-ok.roa (raw, json)
Hash identifier: sdgvabWFN6bJPJx/hrpm74kYdhvNe3wbB9stEZTDHgg=
Subject key identifier: D4:DD:15:95:2C:A0:06:09:79:8B:75:4F:AF:2E:6B:88:D0:BB:FA:89
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC4A1448533B1B972B5AE15717895
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1N0VlSygBgl5i3VPry5riNC7-ok.roa
Signing time: Tue 24 Jan 2023 16:09:37 +0000
ROA not before: Tue 24 Jan 2023 16:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140731
IP address blocks: 2a0e:b107:c30::/44 maxlen: 48
2a0e:b107:11b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Feb 2023 11:36:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c4:a1:44:85:33:b1:b9:72:b5:ae:15:71:78:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4dd15952ca00609798b754faf2e6b88d0bbfa89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:72:00:28:a8:47:db:0a:aa:fa:81:74:1c:
bf:62:6c:53:df:3f:76:87:b5:58:f9:0c:33:63:2d:
58:a7:1b:71:6b:c8:0a:94:d0:7f:9e:fe:cc:e3:55:
5b:02:19:df:c8:00:6f:3d:d1:a2:24:71:43:51:d7:
a0:01:2d:a7:db:2e:14:23:5c:af:7d:84:ab:43:f7:
ea:8c:fd:7d:46:21:2e:d0:bd:c4:03:4b:e3:24:ee:
1c:16:1b:c4:ee:b3:79:be:4a:33:ca:19:f5:b4:8b:
4f:94:81:dd:87:be:ee:32:8d:c7:58:c7:b2:88:be:
ce:07:06:46:22:0b:5d:3f:64:32:87:c4:82:45:6a:
41:3d:67:a7:0e:b0:75:5c:bf:dc:5b:1b:a7:d1:be:
b3:2c:18:2d:c9:ba:f3:ba:22:17:2f:e8:fc:e1:ce:
66:c3:a9:54:28:6c:45:a0:45:b6:e0:79:26:b8:5a:
5d:8c:2c:7e:dc:2b:4f:da:81:49:52:f7:cc:d5:ac:
3c:9d:b0:05:37:bb:00:b1:c1:ee:d3:2e:a7:40:d3:
f0:7f:0e:27:20:fa:74:a7:4e:e5:a7:51:eb:c1:38:
ef:83:c1:7c:f5:af:4a:a0:c8:f6:0f:db:9b:5f:b2:
fd:33:1e:a0:21:46:d4:a9:d0:ed:eb:ac:3d:60:ac:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DD:15:95:2C:A0:06:09:79:8B:75:4F:AF:2E:6B:88:D0:BB:FA:89
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1N0VlSygBgl5i3VPry5riNC7-ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:c30::/44
2a0e:b107:11b0::/44
Signature Algorithm: sha256WithRSAEncryption
0e:2f:db:29:c5:14:db:0c:ec:44:ad:7a:b8:ff:93:9d:4c:45:
24:19:ab:1b:26:75:ec:51:0a:28:93:c5:a0:b2:13:2c:28:9b:
58:0e:d0:fa:3d:66:c7:b5:b0:c6:e4:f4:fe:e2:cc:e3:5f:f0:
c5:43:80:5b:de:02:ef:d7:fd:4d:2d:80:2c:b6:03:e0:11:fe:
c2:91:00:d5:d6:ba:0a:97:03:c7:ad:f2:32:b8:e4:3b:de:50:
ec:ba:64:03:02:74:f7:d3:cd:b7:4c:08:99:87:90:a2:cd:cf:
bb:24:36:76:2f:ff:f8:48:43:88:84:92:4c:cb:32:33:1e:fb:
34:aa:e0:69:c4:01:53:4c:11:53:db:ef:aa:e9:6b:69:01:3c:
7f:37:3b:83:d8:24:55:8b:bf:05:de:a2:fc:b1:f5:c6:21:68:
39:18:7f:aa:3f:5c:11:e5:72:07:ea:ba:e0:50:1b:5d:02:aa:
1d:e3:ef:2e:89:53:af:fd:9f:bb:94:28:9a:2e:71:55:99:42:
5f:d8:ca:90:28:31:a6:f1:2e:8a:1d:52:f3:40:ea:9f:b3:22:
4f:c7:34:a6:73:0d:14:c7:9b:15:6a:44:54:23:5e:66:69:0d:
77:a3:fa:64:01:c6:1f:2f:f1:02:3e:c8:e1:1d:c8:2d:e0:cf:
96:ab:8c:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkisShRIUzsblyta4VcXiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRkMTU5NTJjYTAwNjA5Nzk4Yjc1NGZhZjJlNmI4OGQwYmJmYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIJyACioR9sKqvqBdBy/YmxT3z92
h7VY+QwzYy1Ypxtxa8gKlNB/nv7M41VbAhnfyABvPdGiJHFDUdegAS2n2y4UI1yv
fYSrQ/fqjP19RiEu0L3EA0vjJO4cFhvE7rN5vkozyhn1tItPlIHdh77uMo3HWMey
iL7OBwZGIgtdP2Qyh8SCRWpBPWenDrB1XL/cWxun0b6zLBgtybrzuiIXL+j84c5m
w6lUKGxFoEW24HkmuFpdjCx+3CtP2oFJUvfM1aw8nbAFN7sAscHu0y6nQNPwfw4n
IPp0p07lp1HrwTjvg8F89a9KoMj2D9ubX7L9Mx6gIUbUqdDt66w9YKzpbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNTdFZUsoAYJeYt1T68ua4jQu/qJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMU4wVmxTeWdCZ2w1aTNWUHJ5NXJpTkM3LW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwww
AwcEKg6xBxGwMA0GCSqGSIb3DQEBCwUAA4IBAQAOL9spxRTbDOxErXq4/5OdTEUk
GasbJnXsUQook8WgshMsKJtYDtD6PWbHtbDG5PT+4szjX/DFQ4Bb3gLv1/1NLYAs
tgPgEf7CkQDV1roKlwPHrfIyuOQ73lDsumQDAnT30823TAiZh5Cizc+7JDZ2L//4
SEOIhJJMyzIzHvs0quBpxAFTTBFT2++q6WtpATx/NzuD2CRVi78F3qL8sfXGIWg5
GH+qP1wR5XIH6rrgUBtdAqod4+8uiVOv/Z+7lCiaLnFVmUJf2MqQKDGm8S6KHVLz
QOqfsyJPxzSmcw0Ux5sVakRUI15maQ13o/pkAcYfL/ECPsjhHcgt4M+Wq4xm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org