Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1SgkkzUacitpmSQ2qhn85wF_LtU.roa
File: 1SgkkzUacitpmSQ2qhn85wF_LtU.roa (raw, json)
Hash identifier: TiAV08iihoqwLWtRG3DaFORYeVY0HsF1Q6JLJUYYhRY=
Subject key identifier: D5:28:24:93:35:1A:72:2B:69:99:24:36:AA:19:FC:E7:01:7F:2E:D5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191C33912EC0558DD8374DCAF53C9A8033A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1SgkkzUacitpmSQ2qhn85wF_LtU.roa
Signing time: Thu 05 Sep 2024 17:26:23 +0000
ROA not before: Thu 05 Sep 2024 17:26:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc3:3330::/44 maxlen: 48
2a10:ccc6:6660::/44 maxlen: 48
2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Sep 2024 06:21:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:39:12:ec:05:58:dd:83:74:dc:af:53:c9:a8:03:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 5 17:26:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5282493351a722b69992436aa19fce7017f2ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:4b:d5:f0:ed:e7:d6:f1:7a:b0:74:ad:ce:
16:bc:91:29:78:50:a0:7b:4f:84:b6:18:ef:8f:09:
fc:55:c5:bb:95:1a:3a:dc:e2:ea:c6:89:b7:d2:54:
8f:b1:ae:3c:4b:0b:83:46:9b:f8:5a:0a:47:24:20:
f6:38:bb:e9:fd:19:cb:1b:66:b5:63:f8:00:ca:36:
0b:83:36:1e:52:ea:e8:0f:c7:f0:aa:6e:7a:7a:22:
90:fd:d9:c2:0d:6e:c9:2c:6d:51:ff:df:3b:d6:1d:
e7:d7:69:a3:2a:9c:15:c7:a8:84:e5:48:de:79:9e:
be:3f:ad:94:ed:e8:87:05:11:ed:7e:4a:8e:2c:25:
c0:60:8c:63:98:6a:84:6b:4e:fd:90:9b:be:16:91:
bc:4a:1b:56:fd:8d:57:0f:9a:f2:6b:a0:7a:2f:e7:
db:15:3b:d0:6a:e2:2e:e6:38:b7:f9:f3:b0:f5:6e:
f0:3b:66:0b:c5:2e:7f:63:a4:17:dd:4f:a6:8d:f5:
40:49:0a:ef:a8:42:05:be:88:14:49:d8:b2:ef:16:
e3:a2:5a:d4:7a:09:f2:04:fb:7b:bc:29:b2:4f:6c:
fa:c0:28:9c:5b:5f:72:fa:30:9a:91:e8:dd:6d:12:
0d:a5:3a:8e:97:56:a8:df:a7:01:38:19:fa:d7:89:
e1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:28:24:93:35:1A:72:2B:69:99:24:36:AA:19:FC:E7:01:7F:2E:D5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1SgkkzUacitpmSQ2qhn85wF_LtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:3330::/44
2a10:ccc6:6660::/44
Signature Algorithm: sha256WithRSAEncryption
8a:e0:b7:33:57:5a:88:c0:86:db:1d:fd:93:0d:77:4a:09:fb:
7c:95:a8:5c:50:33:9c:b3:13:46:fa:56:db:90:33:93:2f:c8:
1a:ff:e0:cb:83:49:06:05:38:ba:e8:2c:66:a5:da:aa:a8:f6:
3a:0f:0c:b8:db:03:54:ac:1c:9e:c2:84:8b:3d:b2:41:af:e2:
77:91:09:a1:5e:fd:90:6e:c7:7b:14:62:34:bb:73:a9:e9:1e:
ff:84:1f:02:9f:d6:ba:79:66:4a:58:b3:cf:b0:88:3f:da:7f:
7d:f5:aa:dd:b2:b7:0d:09:ab:c1:00:64:7a:fb:2c:71:e2:ee:
6c:0d:9b:b5:8d:4f:22:e5:28:c4:f4:b7:b7:7e:f6:2c:0b:ed:
5a:18:f0:a6:67:b9:82:c8:27:06:b6:d3:ba:26:80:62:86:33:
af:62:af:28:b8:58:57:86:33:5a:a5:a1:fc:8e:24:cb:ff:8b:
85:63:92:ee:15:90:ac:7d:e6:e4:38:b1:08:c6:c4:b1:62:4f:
b3:cd:ba:3d:94:1e:97:41:9a:17:a2:84:53:62:7c:a1:14:5d:
11:28:4a:23:17:ea:83:07:f2:48:f8:7a:e2:69:91:0d:64:7e:
96:59:de:97:a6:d1:91:62:70:10:7c:ae:f1:f4:52:ce:8c:2c:
ac:9a:81:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHDORLsBVjdg3Tcr1PJqAM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTA1MTcyNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI4MjQ5MzM1MWE3MjJiNjk5OTI0MzZhYTE5ZmNlNzAxN2YyZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxFL1fDt59bxerB0rc4WvJEpeFCg
e0+Ethjvjwn8VcW7lRo63OLqxom30lSPsa48SwuDRpv4WgpHJCD2OLvp/RnLG2a1
Y/gAyjYLgzYeUuroD8fwqm56eiKQ/dnCDW7JLG1R/9871h3n12mjKpwVx6iE5Uje
eZ6+P62U7eiHBRHtfkqOLCXAYIxjmGqEa079kJu+FpG8ShtW/Y1XD5rya6B6L+fb
FTvQauIu5ji3+fOw9W7wO2YLxS5/Y6QX3U+mjfVASQrvqEIFvogUSdiy7xbjolrU
egnyBPt7vCmyT2z6wCicW19y+jCakejdbRINpTqOl1ao36cBOBn614nhXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNUoJJM1GnIraZkkNqoZ/OcBfy7VMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMVNna2t6VWFjaXRwbVNRMnFobjg1d0ZfTHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhDMwzMw
AwcEKhDMxmZgMA0GCSqGSIb3DQEBCwUAA4IBAQCK4LczV1qIwIbbHf2TDXdKCft8
lahcUDOcsxNG+lbbkDOTL8ga/+DLg0kGBTi66CxmpdqqqPY6Dwy42wNUrByewoSL
PbJBr+J3kQmhXv2Qbsd7FGI0u3Op6R7/hB8Cn9a6eWZKWLPPsIg/2n999ardsrcN
CavBAGR6+yxx4u5sDZu1jU8i5SjE9Le3fvYsC+1aGPCmZ7mCyCcGttO6JoBihjOv
Yq8ouFhXhjNapaH8jiTL/4uFY5LuFZCsfebkOLEIxsSxYk+zzbo9lB6XQZoXooRT
YnyhFF0RKEojF+qDB/JI+HriaZENZH6WWd6XptGRYnAQfK7x9FLOjCysmoH9
-----END CERTIFICATE-----
Generated at Fri Sep 6 07:58:14 2024 by rpki-client on console-fra.rpki-client.org