Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3068u8lNAM-fp0GLZfvovYW1GMM.roa
File: 3068u8lNAM-fp0GLZfvovYW1GMM.roa (raw, json)
Hash identifier: wE6Hterk+5Hdq8w82aPr8eNdsU4nmwoksYr27xAsgHo=
Subject key identifier: DF:4E:BC:BB:C9:4D:00:CF:9F:A7:41:8B:65:FB:E8:BD:85:B5:18:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E864F91D9C20241D26F4D8A1E45DDC8A5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3068u8lNAM-fp0GLZfvovYW1GMM.roa
Signing time: Thu 28 Mar 2024 18:25:45 +0000
ROA not before: Thu 28 Mar 2024 18:25:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a0e:97c0:480::/48 maxlen: 48
2a0e:97c0:481::/48 maxlen: 48
2a0e:97c0:482::/48 maxlen: 48
2a0e:97c0:483::/48 maxlen: 48
2a0e:97c0:484::/48 maxlen: 48
2a0e:b107:1240::/44 maxlen: 48
2a0e:b107:1240::/48 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 23:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:4f:91:d9:c2:02:41:d2:6f:4d:8a:1e:45:dd:c8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 28 18:25:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df4ebcbbc94d00cf9fa7418b65fbe8bd85b518c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:85:6c:9d:c7:99:d1:e5:24:0b:19:66:67:
ee:1e:3e:e6:bb:80:3a:0a:98:e7:2a:d6:ff:6a:1b:
82:37:29:a5:1e:55:9e:a3:91:e2:00:7a:0b:71:f2:
a5:f2:7e:99:c6:66:34:96:62:9b:73:67:0f:07:76:
ff:28:fc:4c:a4:98:91:83:d7:96:53:f7:67:29:8e:
dc:58:4b:13:93:e5:5e:d5:73:db:be:61:65:88:2f:
d0:8e:79:c6:d0:41:20:3b:88:7a:da:33:6c:55:86:
56:14:eb:6d:ac:34:dd:e7:6a:bf:20:13:60:72:78:
6c:8f:3c:71:08:4d:54:95:8d:95:ec:f6:4e:e8:59:
aa:6a:13:d2:57:2c:e5:f7:0c:72:64:b9:86:ca:4b:
8f:23:29:36:71:81:0c:9f:40:69:bd:e9:ac:03:28:
0e:8a:d5:93:f1:20:38:95:43:ff:f8:b6:50:26:67:
11:ca:12:e6:fc:79:f1:c1:bf:d1:7e:9a:d4:54:b1:
d0:a6:79:fd:c1:2c:a7:72:58:8a:d4:77:ca:a9:a6:
c4:c8:14:22:8d:3c:75:f3:42:de:19:63:c7:01:4f:
e1:72:c2:57:bf:2a:f6:bd:59:3c:d3:bb:31:69:55:
91:85:29:5a:67:35:3f:92:91:3e:6d:1c:45:56:bd:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4E:BC:BB:C9:4D:00:CF:9F:A7:41:8B:65:FB:E8:BD:85:B5:18:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3068u8lNAM-fp0GLZfvovYW1GMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
2a0e:b107:1240::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
65:e3:69:4b:1d:84:7a:dc:b8:bd:36:ac:8f:0d:26:e5:35:02:
f8:1f:29:3a:73:bd:db:c0:54:72:87:03:61:1f:31:f1:e5:8a:
88:5d:0b:5d:96:9e:06:e4:7e:17:ff:7a:33:84:da:d4:ee:14:
06:fe:67:bb:57:fb:f9:27:66:71:9b:8d:7e:99:68:8b:01:61:
02:16:05:ce:70:e5:55:bb:1d:59:70:66:42:bf:c1:2c:7e:d8:
c6:d6:aa:fb:cb:37:68:31:4b:33:ac:81:f6:83:27:15:bd:6d:
30:c1:fd:6b:21:b1:3c:9e:fc:67:80:21:ec:af:7e:f2:68:65:
a8:80:5d:ac:f8:6b:57:5c:ca:58:aa:d3:56:12:24:79:61:e0:
7a:02:f1:d1:64:df:da:80:01:59:31:20:11:06:f5:b0:91:59:
70:5f:9b:2c:4c:8c:67:64:fa:14:82:1a:0a:8e:f7:f8:82:8b:
8c:42:b0:8f:eb:7e:2e:13:7b:c3:3c:58:98:3f:9d:db:75:80:
94:1a:18:a3:21:e4:60:a2:c3:ae:3b:07:45:14:c0:66:fb:28:
62:e8:35:4f:9c:14:30:3f:aa:58:0c:1a:df:f9:2b:e6:54:f8:
18:c3:7f:9e:ee:96:ca:64:15:33:fb:d5:5d:43:09:10:48:91:
90:db:ea:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6GT5HZwgJB0m9Nih5F3cilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzI4MTgyNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRlYmNiYmM5NGQwMGNmOWZhNzQxOGI2NWZiZThiZDg1YjUxOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNyFbJ3HmdHlJAsZZmfuHj7mu4A6
CpjnKtb/ahuCNymlHlWeo5HiAHoLcfKl8n6ZxmY0lmKbc2cPB3b/KPxMpJiRg9eW
U/dnKY7cWEsTk+Ve1XPbvmFliC/QjnnG0EEgO4h62jNsVYZWFOttrDTd52q/IBNg
cnhsjzxxCE1UlY2V7PZO6FmqahPSVyzl9wxyZLmGykuPIyk2cYEMn0BpvemsAygO
itWT8SA4lUP/+LZQJmcRyhLm/Hnxwb/RfprUVLHQpnn9wSyncliK1HfKqabEyBQi
jTx180LeGWPHAU/hcsJXvyr2vVk807sxaVWRhSlaZzU/kpE+bRxFVr0vGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN9OvLvJTQDPn6dBi2X76L2FtRjDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMzA2OHU4bE5BTS1mcDBHTFpmdm92WVcxR01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwASA
AwcEKg6xBxJAAwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQBl42lLHYR63Li9
NqyPDSblNQL4Hyk6c73bwFRyhwNhHzHx5YqIXQtdlp4G5H4X/3ozhNrU7hQG/me7
V/v5J2Zxm41+mWiLAWECFgXOcOVVux1ZcGZCv8EsftjG1qr7yzdoMUszrIH2gycV
vW0wwf1rIbE8nvxngCHsr37yaGWogF2s+GtXXMpYqtNWEiR5YeB6AvHRZN/agAFZ
MSARBvWwkVlwX5ssTIxnZPoUghoKjvf4gouMQrCP634uE3vDPFiYP53bdYCUGhij
IeRgosOuOwdFFMBm+yhi6DVPnBQwP6pYDBrf+SvmVPgYw3+e7pbKZBUz+9VdQwkQ
SJGQ2+rw
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:08:25 2024 by rpki-client on console-fra.rpki-client.org