Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1cOCqHug04XoDzVK4u-Yve1f-Us.roa
File: 1cOCqHug04XoDzVK4u-Yve1f-Us.roa (raw, json)
Hash identifier: 28cVuDE09Ef1GiLwQCd1hiOmYVtL47iA1W3TS/qNS6Y=
Subject key identifier: D5:C3:82:A8:7B:A0:D3:85:E8:0F:35:4A:E2:EF:98:BD:ED:5F:F9:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCECA31E45C113C5CCE6C9264BBAF1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1cOCqHug04XoDzVK4u-Yve1f-Us.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199266
IP address blocks: 2a0e:97c0:2f0::/44 maxlen: 48
2a0e:b103::/43 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Apr 2024 22:51:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ec:a3:1e:45:c1:13:c5:cc:e6:c9:26:4b:ba:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5c382a87ba0d385e80f354ae2ef98bded5ff94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:c2:0f:8f:ab:2a:39:1e:04:df:65:d2:98:
31:89:6d:91:51:14:1b:c9:70:09:7b:16:66:0e:b9:
95:1c:a3:ad:71:dc:ee:e5:5d:19:36:da:4c:0b:4e:
48:dd:48:2f:f5:f0:25:2a:7b:09:48:7c:41:74:4c:
7e:dd:a2:c9:64:0c:34:c2:43:8c:1a:b1:1f:c2:09:
83:8f:e0:09:e8:18:39:d3:21:2d:a9:28:f0:53:6d:
a9:d3:5a:f2:7f:23:09:63:ed:7d:48:10:ec:cd:96:
e4:d7:06:68:e4:89:15:e0:60:5c:86:0a:92:1d:1e:
5b:0a:10:ac:fd:1a:af:1d:eb:7b:00:86:a3:d6:7a:
4e:59:99:64:88:5e:e2:72:9c:bc:ea:84:8e:f4:ba:
0f:ff:9d:b7:f4:9f:8c:b6:a4:79:1a:05:0d:90:f1:
5c:7b:ab:5c:74:07:62:ea:ba:a9:71:e9:77:c0:c1:
8c:ad:4b:63:a0:3f:98:67:74:b0:6e:ee:2c:a3:84:
30:9a:b8:c3:e3:c1:f6:d9:ef:11:00:a2:a7:0e:69:
bd:d5:be:46:c7:8e:b7:d6:87:9d:59:ae:cd:e8:59:
0d:62:ae:f2:90:3b:ed:f8:7c:c8:51:d4:ba:60:74:
2d:63:f8:27:89:cd:53:68:f7:99:9f:68:0d:01:70:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C3:82:A8:7B:A0:D3:85:E8:0F:35:4A:E2:EF:98:BD:ED:5F:F9:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1cOCqHug04XoDzVK4u-Yve1f-Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:2f0::/44
2a0e:b103::/43
Signature Algorithm: sha256WithRSAEncryption
54:a7:0f:dc:18:e8:31:df:c0:0b:26:e2:42:09:97:79:83:66:
f2:a0:58:e4:0e:dd:a2:d1:03:cd:5c:52:f8:f8:20:73:47:a1:
cc:2c:94:1d:55:61:33:4c:d3:31:ea:ee:c8:8e:12:fc:72:77:
66:2c:1c:19:7d:42:e7:65:65:a2:61:a5:a3:e7:58:ad:25:6f:
22:8d:9a:92:c1:9c:f5:95:46:ad:e4:75:6a:e7:3e:e5:1e:61:
c3:11:78:e5:0a:ea:65:8c:0a:ce:eb:e1:3b:45:e4:05:c5:85:
81:04:75:32:0e:83:84:ca:6b:5c:7f:31:19:64:ab:91:b9:cf:
9e:1b:d7:51:0c:13:06:8d:45:92:ad:45:12:5a:15:98:e1:03:
0d:26:9c:9a:82:10:0d:79:a0:92:d8:96:5f:ab:cd:7f:94:7a:
d6:f5:e2:5e:6e:8c:01:35:a7:0d:8b:98:45:c0:dc:c2:0a:7f:
0d:7e:93:c0:d5:48:de:93:7c:6e:e5:f5:ff:eb:27:be:f0:00:
61:7b:6c:60:60:7a:db:e3:52:5c:51:17:07:1f:3f:d5:4a:ec:
dc:a9:56:e8:fc:fa:01:99:b7:7f:07:1d:07:83:f4:1f:1a:66:
83:de:02:d3:73:65:e1:83:6f:12:0a:e4:61:85:3a:77:6f:3c:
c4:94:5b:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvOyjHkXBE8XM5skmS7rxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMzODJhODdiYTBkMzg1ZTgwZjM1NGFlMmVmOThiZGVkNWZmOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEbCD4+rKjkeBN9l0pgxiW2RURQb
yXAJexZmDrmVHKOtcdzu5V0ZNtpMC05I3Ugv9fAlKnsJSHxBdEx+3aLJZAw0wkOM
GrEfwgmDj+AJ6Bg50yEtqSjwU22p01ryfyMJY+19SBDszZbk1wZo5IkV4GBchgqS
HR5bChCs/RqvHet7AIaj1npOWZlkiF7icpy86oSO9LoP/5239J+MtqR5GgUNkPFc
e6tcdAdi6rqpcel3wMGMrUtjoD+YZ3Swbu4so4QwmrjD48H22e8RAKKnDmm91b5G
x4631oedWa7N6FkNYq7ykDvt+HzIUdS6YHQtY/gnic1TaPeZn2gNAXAY0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNXDgqh7oNOF6A81SuLvmL3tX/lLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMWNPQ3FIdWcwNFhvRHpWSzR1LVl2ZTFmLVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwALw
AwcFKg6xAwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBUpw/cGOgx38ALJuJCCZd5g2by
oFjkDt2i0QPNXFL4+CBzR6HMLJQdVWEzTNMx6u7IjhL8cndmLBwZfULnZWWiYaWj
51itJW8ijZqSwZz1lUat5HVq5z7lHmHDEXjlCupljArO6+E7ReQFxYWBBHUyDoOE
ymtcfzEZZKuRuc+eG9dRDBMGjUWSrUUSWhWY4QMNJpyaghANeaCS2JZfq81/lHrW
9eJebowBNacNi5hFwNzCCn8NfpPA1Ujek3xu5fX/6ye+8ABhe2xgYHrb41JcURcH
Hz/VSuzcqVbo/PoBmbd/Bx0Hg/QfGmaD3gLTc2Xhg28SCuRhhTp3bzzElFtv
-----END CERTIFICATE-----
Generated at Sun Apr 14 23:41:45 2024 by rpki-client on console-ams.rpki-client.org