Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2X1tsMSuGRsk43SAYH6I31csstw.roa
File: 2X1tsMSuGRsk43SAYH6I31csstw.roa (raw, json)
Hash identifier: 379DUUsTfYbBXxs3osChMftgxKoCle87aVrXSXWk+lQ=
Subject key identifier: D9:7D:6D:B0:C4:AE:19:1B:24:E3:74:80:60:7E:88:DF:57:2C:B2:DC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7B386947F57FAA86034C3502E2324
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2X1tsMSuGRsk43SAYH6I31csstw.roa
Signing time: Mon 02 Jan 2023 05:15:10 +0000
ROA not before: Mon 02 Jan 2023 05:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203655
IP address blocks: 2a0e:b107:1b60::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:b3:86:94:7f:57:fa:a8:60:34:c3:50:2e:23:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d97d6db0c4ae191b24e37480607e88df572cb2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:dc:8b:d0:5b:63:cc:0a:71:ac:a6:c6:8b:46:
a7:83:5c:e1:63:0e:2f:ef:c3:c3:19:9c:6a:9a:08:
7f:5a:80:c2:8f:0a:10:20:1b:b7:a1:7a:ed:4b:58:
72:af:aa:8f:dd:4f:c0:d2:5a:dd:16:17:12:2e:3e:
e7:13:21:47:7f:82:47:af:6f:e2:b1:7f:8a:ea:9d:
07:9a:e8:2f:da:c6:72:75:70:fd:a2:d8:78:3a:31:
38:98:4b:12:bd:b8:29:85:48:b8:61:54:8c:4a:60:
3b:0c:0e:0d:cc:e9:48:1c:88:e2:de:9e:e7:bf:a9:
cb:a9:2d:ae:0f:1a:f6:a1:29:a5:de:a8:c7:5c:84:
14:a7:66:c1:8c:08:2e:2e:a8:30:e9:85:90:ad:3b:
c2:98:68:f3:68:b9:01:95:83:5b:ff:3d:b8:39:4d:
74:ce:79:1d:87:06:f1:a1:65:3e:a7:51:4b:22:3b:
07:25:73:0e:29:ce:5f:a0:70:3a:e9:3d:89:2a:e9:
82:25:a8:9c:1e:fd:8b:24:37:75:1e:55:bb:94:75:
83:90:ea:0e:aa:73:3d:0f:23:47:23:3e:2e:69:20:
c9:52:d2:5a:2a:a2:a7:6b:db:7c:9b:8c:32:d7:f3:
d1:a9:6a:07:c7:3a:45:ad:04:3c:a6:d7:c0:3a:75:
ac:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7D:6D:B0:C4:AE:19:1B:24:E3:74:80:60:7E:88:DF:57:2C:B2:DC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2X1tsMSuGRsk43SAYH6I31csstw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b60::/44
Signature Algorithm: sha256WithRSAEncryption
79:e8:a7:94:d3:05:08:40:bb:c6:d9:0b:20:10:f0:92:73:c5:
80:cf:d4:9d:43:83:e4:50:0c:21:dc:77:d3:88:27:03:3b:b0:
31:79:a4:91:98:2b:1a:3f:0a:98:89:76:65:a1:f7:49:38:b7:
b1:81:e0:25:21:88:e7:27:89:f9:f5:9e:75:34:6e:67:bf:0a:
eb:6d:e6:e2:48:3a:11:89:96:a2:e9:09:7d:01:f3:aa:06:10:
c1:f0:ad:79:ed:fb:a1:f7:6c:32:c7:f5:96:28:fd:42:d8:6b:
1f:e2:fd:ca:40:08:3e:b1:0e:66:7f:80:9d:c8:5c:f9:d2:c0:
22:2d:9b:53:2d:13:cf:b5:21:e3:29:b4:a4:57:0c:b6:05:c5:
2e:06:4b:00:f9:59:cf:a7:97:7e:f4:74:5e:8e:c1:e1:27:5c:
cc:be:6c:76:90:e5:b4:2f:a4:f1:7c:ac:cc:93:5e:10:20:29:
20:d5:60:ea:4e:9c:6c:99:ca:06:e0:60:af:2f:51:8d:05:16:
9e:5b:d5:2d:8f:03:d3:84:3e:11:80:f1:3d:1d:1e:a0:1d:36:
76:c7:00:81:f1:87:b1:8f:1e:19:3b:04:48:fd:f2:5f:90:1a:
1d:b2:36:77:cd:75:d7:4a:e0:02:ff:63:c2:e8:4a:09:8b:45:
23:9a:2f:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw57OGlH9X+qhgNMNQLiMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTdkNmRiMGM0YWUxOTFiMjRlMzc0ODA2MDdlODhkZjU3MmNiMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9yL0FtjzApxrKbGi0ang1zhYw4v
78PDGZxqmgh/WoDCjwoQIBu3oXrtS1hyr6qP3U/A0lrdFhcSLj7nEyFHf4JHr2/i
sX+K6p0Hmugv2sZydXD9oth4OjE4mEsSvbgphUi4YVSMSmA7DA4NzOlIHIji3p7n
v6nLqS2uDxr2oSml3qjHXIQUp2bBjAguLqgw6YWQrTvCmGjzaLkBlYNb/z24OU10
znkdhwbxoWU+p1FLIjsHJXMOKc5foHA66T2JKumCJaicHv2LJDd1HlW7lHWDkOoO
qnM9DyNHIz4uaSDJUtJaKqKna9t8m4wy1/PRqWoHxzpFrQQ8ptfAOnWsLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNl9bbDErhkbJON0gGB+iN9XLLLcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMlgxdHNNU3VHUnNrNDNTQVlINkkzMWNzc3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxtg
MA0GCSqGSIb3DQEBCwUAA4IBAQB56KeU0wUIQLvG2QsgEPCSc8WAz9SdQ4PkUAwh
3HfTiCcDO7AxeaSRmCsaPwqYiXZlofdJOLexgeAlIYjnJ4n59Z51NG5nvwrrbebi
SDoRiZai6Ql9AfOqBhDB8K157fuh92wyx/WWKP1C2Gsf4v3KQAg+sQ5mf4CdyFz5
0sAiLZtTLRPPtSHjKbSkVwy2BcUuBksA+VnPp5d+9HRejsHhJ1zMvmx2kOW0L6Tx
fKzMk14QICkg1WDqTpxsmcoG4GCvL1GNBRaeW9UtjwPThD4RgPE9HR6gHTZ2xwCB
8Yexjx4ZOwRI/fJfkBodsjZ3zXXXSuAC/2PC6EoJi0Ujmi99
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org