Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Z1NTcdPRw4oIFTFmASO3o7gjDE.roa
File: 3Z1NTcdPRw4oIFTFmASO3o7gjDE.roa (raw, json)
Hash identifier: Xl20VQBL2SxVedPQ4biP0jihK8VB4eRbWk6vXaV8jH8=
Subject key identifier: DD:9D:4D:4D:C7:4F:47:0E:28:20:54:C5:98:04:8E:DE:8E:E0:8C:31
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D8407BDEE56B87F701EADBEF983BDF30C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Z1NTcdPRw4oIFTFmASO3o7gjDE.roa
Signing time: Wed 07 Feb 2024 14:45:16 +0000
ROA not before: Wed 07 Feb 2024 14:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215569
IP address blocks: 2a0e:b107:28a7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 30 Mar 2024 16:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:07:bd:ee:56:b8:7f:70:1e:ad:be:f9:83:bd:f3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 7 14:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd9d4d4dc74f470e282054c598048ede8ee08c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c7:7b:e5:8c:5e:56:9b:7a:af:af:37:56:95:
1a:bf:dc:5d:f8:61:83:ea:b3:87:c0:60:e8:83:6d:
b7:3e:27:25:d7:47:75:6a:34:60:d4:78:d8:7d:b7:
d2:36:95:10:78:91:b2:e4:13:48:1f:c8:42:69:40:
78:83:7c:a5:6b:24:46:eb:8c:69:22:98:49:82:a2:
65:58:d1:56:0e:ab:a5:a3:e8:41:d1:8c:57:1a:0b:
86:54:2b:a6:f3:ff:3c:3d:49:2c:5e:14:20:4c:89:
73:02:eb:58:58:f1:77:88:c9:40:ea:fb:9c:3b:9e:
63:c9:9e:7c:cf:7c:37:1f:ef:e5:32:c0:55:91:ff:
9a:a4:cd:8b:d5:4a:94:5e:e2:1e:29:3e:d3:fa:6c:
23:fc:ec:cc:98:89:19:fe:e6:6b:29:b1:1f:81:55:
bb:8c:be:97:be:c6:c2:d0:bd:60:43:66:ac:da:d5:
2f:72:b9:36:e3:16:12:e5:68:7d:4f:37:be:0f:69:
a5:6d:29:0a:17:db:ba:64:8c:e9:0b:69:7f:40:32:
6f:09:63:67:16:e7:74:d1:32:7e:cf:fc:23:72:92:
a5:82:f0:11:4e:81:f2:a7:3a:28:e2:1a:c7:f1:d7:
95:23:7c:08:21:9c:40:ac:d2:27:00:8c:95:7d:e1:
5f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9D:4D:4D:C7:4F:47:0E:28:20:54:C5:98:04:8E:DE:8E:E0:8C:31
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Z1NTcdPRw4oIFTFmASO3o7gjDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:28a7::/48
Signature Algorithm: sha256WithRSAEncryption
93:9b:f1:bd:0d:85:39:da:48:a8:9f:df:94:bc:c0:da:05:3b:
c3:a1:f3:f3:d3:44:0d:36:8a:be:36:0e:a3:16:12:58:0e:5e:
0f:cd:56:24:86:25:bd:2a:06:9e:6d:a3:30:10:27:0e:83:f4:
a4:ed:e8:c1:3f:c7:38:93:4a:03:16:88:2a:da:02:e7:ea:4f:
7f:61:80:28:6d:01:c9:04:32:63:5c:af:5d:19:cc:71:c8:52:
6a:b8:90:37:0c:ed:08:d6:eb:4e:70:a1:cf:d2:da:0a:79:1e:
42:0b:5f:a6:2d:95:1d:3d:1e:91:6b:72:87:e7:f3:68:78:5c:
ee:33:a6:b6:2a:82:45:f1:e0:da:03:05:94:ab:42:5c:25:72:
89:1c:b0:ef:03:2e:30:47:65:4d:d8:f8:82:34:de:35:c4:4a:
0c:4a:ab:85:b7:b4:0c:9f:e9:16:4f:63:9b:20:78:6d:29:10:
86:fd:c2:a6:cc:95:40:10:6c:ec:a1:76:e2:10:4a:87:5e:59:
8f:92:56:35:17:85:46:23:d6:3d:63:df:19:b7:d5:50:f6:3d:
99:06:5c:6f:e3:75:0c:c5:45:f8:4f:a2:56:a8:3d:8d:50:e5:
b5:1b:c8:21:9f:73:85:40:50:a0:7e:50:7a:6a:b1:a5:81:6f:
ef:b3:10:c6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2EB73uVrh/cB6tvvmDvfMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA3MTQ0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlkNGQ0ZGM3NGY0NzBlMjgyMDU0YzU5ODA0OGVkZThlZTA4YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18d75YxeVpt6r683VpUav9xd+GGD
6rOHwGDog223Picl10d1ajRg1HjYfbfSNpUQeJGy5BNIH8hCaUB4g3ylayRG64xp
IphJgqJlWNFWDqulo+hB0YxXGguGVCum8/88PUksXhQgTIlzAutYWPF3iMlA6vuc
O55jyZ58z3w3H+/lMsBVkf+apM2L1UqUXuIeKT7T+mwj/OzMmIkZ/uZrKbEfgVW7
jL6XvsbC0L1gQ2as2tUvcrk24xYS5Wh9Tze+D2mlbSkKF9u6ZIzpC2l/QDJvCWNn
Fud00TJ+z/wjcpKlgvARToHypzoo4hrH8deVI3wIIZxArNInAIyVfeFfzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN2dTU3HT0cOKCBUxZgEjt6O4IwxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM1oxTlRjZFBSdzRvSUZURm1BU08zbzdnakRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xByin
MA0GCSqGSIb3DQEBCwUAA4IBAQCTm/G9DYU52kion9+UvMDaBTvDofPz00QNNoq+
Ng6jFhJYDl4PzVYkhiW9KgaebaMwECcOg/Sk7ejBP8c4k0oDFogq2gLn6k9/YYAo
bQHJBDJjXK9dGcxxyFJquJA3DO0I1utOcKHP0toKeR5CC1+mLZUdPR6Ra3KH5/No
eFzuM6a2KoJF8eDaAwWUq0JcJXKJHLDvAy4wR2VN2PiCNN41xEoMSquFt7QMn+kW
T2ObIHhtKRCG/cKmzJVAEGzsoXbiEEqHXlmPklY1F4VGI9Y9Y98Zt9VQ9j2ZBlxv
43UMxUX4T6JWqD2NUOW1G8ghn3OFQFCgflB6arGlgW/vsxDG
-----END CERTIFICATE-----
Generated at Sat Mar 30 18:05:28 2024 by rpki-client on console-fra.rpki-client.org