Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3--9miurdu3yFhaAWvlnSrH_3zQ.roa
File: 3--9miurdu3yFhaAWvlnSrH_3zQ.roa (raw, json)
Hash identifier: PUx0bdhlLvhfWoKFJGFZusOTCARxlpCuN4Oj7WMScws=
Subject key identifier: DF:EF:BD:9A:2B:AB:76:ED:F2:16:16:80:5A:F9:67:4A:B1:FF:DF:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BE5283E60D15F27B2313E81A2DE0E06EC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3--9miurdu3yFhaAWvlnSrH_3zQ.roa
Signing time: Sun 19 Nov 2023 01:18:21 +0000
ROA not before: Sun 19 Nov 2023 01:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215980
IP address blocks: 2a10:ccc0:3001::/48 maxlen: 48
2a0e:97c0:e30::/44 maxlen: 48
2a0e:97c0:e30::/48 maxlen: 48
2a10:ccc0:3000::/44 maxlen: 48
2a10:ccc0:3000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 19 Nov 2023 02:07:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e5:28:3e:60:d1:5f:27:b2:31:3e:81:a2:de:0e:06:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 19 01:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfefbd9a2bab76edf21616805af9674ab1ffdf34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2c:e4:07:c3:e8:ab:d6:29:06:08:01:92:a6:
8c:6f:70:7c:0d:5e:e5:33:8d:4d:2d:ec:4f:ea:a6:
17:89:99:85:bc:ce:bf:21:cf:59:4b:11:8d:d7:bb:
37:32:97:44:ee:5f:8a:2f:24:c0:38:01:9f:1e:39:
fc:34:4b:51:41:22:cc:3d:17:47:c4:b5:d0:55:f8:
af:c2:c0:bf:a9:05:ab:b1:c3:cf:b7:45:66:95:1b:
94:5f:9d:1c:39:ad:89:6f:07:0b:8f:49:08:a5:8a:
14:bb:40:1b:1d:e2:6a:ce:5d:c7:d5:23:b2:9e:af:
4f:6b:db:9d:b6:df:28:bf:c7:8d:0a:54:69:07:34:
5a:51:d3:b9:93:78:75:a9:e8:06:5b:f4:86:4b:eb:
d1:76:6a:f8:74:cb:74:b9:4f:d6:4e:0e:93:77:c0:
21:e8:4c:2e:7e:17:50:e6:03:b2:bb:21:b2:22:7d:
3b:8d:f2:3f:5e:4e:a2:7e:d5:4e:f5:da:b0:63:c7:
40:72:19:cd:b9:fa:b9:35:51:e3:92:c6:e6:c9:74:
9f:84:26:82:4c:04:50:09:c9:db:cc:b3:52:b9:69:
a4:fd:62:56:cc:bf:5d:a2:cb:67:cc:97:45:d9:b2:
85:eb:94:99:f1:56:fc:05:49:db:5e:5c:08:b7:0d:
5f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EF:BD:9A:2B:AB:76:ED:F2:16:16:80:5A:F9:67:4A:B1:FF:DF:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3--9miurdu3yFhaAWvlnSrH_3zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:e30::/44
2a10:ccc0:3000::/44
Signature Algorithm: sha256WithRSAEncryption
59:9e:28:eb:20:8d:65:f6:f9:69:3d:a7:72:5c:71:e1:cf:2c:
a5:84:d8:a2:ea:a1:c4:d9:cc:0e:c5:08:ac:e0:8c:b7:36:6c:
37:43:7e:dc:23:fe:cf:85:19:11:d8:89:b6:f3:d2:6c:f0:4b:
ab:b9:d2:c5:55:a3:44:b5:5e:26:23:e3:a4:51:bf:92:bb:04:
ec:e8:d2:c8:6d:3a:4e:96:66:01:4b:3b:a2:2f:e6:f7:e4:8e:
d4:c1:5e:39:82:55:78:f8:29:f2:55:17:a4:3f:a9:58:8b:74:
4b:aa:7c:49:32:e6:e5:8a:08:69:fc:f8:c7:20:5d:47:e8:93:
f4:56:05:8d:38:00:01:88:8a:93:61:ce:3a:a8:2e:be:6a:2f:
dd:bb:ff:d3:d4:e0:11:a5:55:42:0e:1d:6e:ef:95:1c:d4:82:
bc:d0:1f:32:66:df:5f:4f:b1:f4:0c:e7:b0:05:90:3d:70:d7:
76:39:8b:7b:f3:fd:9a:20:ed:40:50:44:5c:9d:4d:20:e1:ed:
d0:e0:42:d1:24:28:4b:5b:fd:e1:e0:e5:4c:92:08:06:96:94:
af:0d:a9:b4:11:22:75:d3:9b:47:47:57:1e:f5:62:72:b7:bb:
45:c2:70:13:12:37:bb:cd:46:73:31:89:2e:89:9c:eb:c3:7e:
61:90:f3:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvlKD5g0V8nsjE+gaLeDgbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE5MDExODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVmYmQ5YTJiYWI3NmVkZjIxNjE2ODA1YWY5Njc0YWIxZmZkZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCzkB8Poq9YpBggBkqaMb3B8DV7l
M41NLexP6qYXiZmFvM6/Ic9ZSxGN17s3MpdE7l+KLyTAOAGfHjn8NEtRQSLMPRdH
xLXQVfivwsC/qQWrscPPt0VmlRuUX50cOa2JbwcLj0kIpYoUu0AbHeJqzl3H1SOy
nq9Pa9udtt8ov8eNClRpBzRaUdO5k3h1qegGW/SGS+vRdmr4dMt0uU/WTg6Td8Ah
6EwufhdQ5gOyuyGyIn07jfI/Xk6iftVO9dqwY8dAchnNufq5NVHjksbmyXSfhCaC
TARQCcnbzLNSuWmk/WJWzL9dostnzJdF2bKF65SZ8Vb8BUnbXlwItw1fiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN/vvZorq3bt8hYWgFr5Z0qx/980MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMy0tOW1pdXJkdTN5RmhhQVd2bG5TckhfM3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwA4w
AwcEKhDMwDAAMA0GCSqGSIb3DQEBCwUAA4IBAQBZnijrII1l9vlpPadyXHHhzyyl
hNii6qHE2cwOxQis4Iy3Nmw3Q37cI/7PhRkR2Im289Js8EurudLFVaNEtV4mI+Ok
Ub+SuwTs6NLIbTpOlmYBSzuiL+b35I7UwV45glV4+CnyVRekP6lYi3RLqnxJMubl
ighp/PjHIF1H6JP0VgWNOAABiIqTYc46qC6+ai/du//T1OARpVVCDh1u75Uc1IK8
0B8yZt9fT7H0DOewBZA9cNd2OYt78/2aIO1AUERcnU0g4e3Q4ELRJChLW/3h4OVM
kggGlpSvDam0ESJ105tHR1ce9WJyt7tFwnATEje7zUZzMYkuiZzrw35hkPMu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:52 2024 by rpki-client on console-ams.rpki-client.org