Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3_hNlvSdGKn4h0ZV-4WfIxjPCCY.roa
File: 3_hNlvSdGKn4h0ZV-4WfIxjPCCY.roa (raw, json)
Hash identifier: gL4MNSM8+LF9xLqnO7kzYXRZ1MIpvtBWAnARW9LrC4U=
Subject key identifier: DF:F8:4D:96:F4:9D:18:A9:F8:87:46:55:FB:85:9F:23:18:CF:08:26
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E811AB12655A087B4588FC601C6215
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3_hNlvSdGKn4h0ZV-4WfIxjPCCY.roa
Signing time: Mon 02 Jan 2023 05:15:35 +0000
ROA not before: Mon 02 Jan 2023 05:15:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212120
IP address blocks: 2a0e:b107:eb0::/48 maxlen: 48
2a0e:b107:ebf::/48 maxlen: 48
2a0e:b107:eb1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:11:ab:12:65:5a:08:7b:45:88:fc:60:1c:62:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dff84d96f49d18a9f8874655fb859f2318cf0826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:d3:91:32:55:6c:90:e5:d8:54:a3:12:72:
ee:95:48:2d:9c:5f:c0:22:fb:a3:22:72:25:79:ea:
5d:ac:32:5d:19:0e:1a:dd:d3:56:fd:c7:b0:6d:3f:
8c:33:8d:ba:7c:01:d2:ee:9a:32:3e:97:a6:37:fd:
d2:e0:21:11:21:ed:a7:7c:dd:1b:96:55:da:02:92:
eb:5e:9b:a0:65:da:fe:2d:ac:54:6a:51:79:90:e4:
00:26:11:3b:21:19:94:62:6c:e4:74:70:22:9d:e3:
7a:65:cd:2f:de:67:b4:a8:8f:a3:c1:da:20:36:9a:
9d:33:7d:9a:b7:86:ab:f6:b3:42:85:72:2d:ed:51:
3d:b4:53:ce:c7:5f:cf:1d:ae:4c:19:29:c4:b4:70:
d8:d6:7b:0b:6c:c2:70:91:96:28:bf:af:03:bc:e1:
a0:21:4b:b4:5a:dd:ff:e9:a9:d9:a5:f7:9f:e6:80:
36:7a:58:3a:cb:b6:c4:a4:eb:48:f5:c7:ae:c5:0e:
97:55:23:87:bc:1b:0a:cb:5c:7a:3c:ba:1e:c5:ba:
cf:ac:ee:f8:11:21:40:f4:d8:21:33:82:ea:d6:62:
01:51:76:e7:1a:1a:dc:4d:95:76:2a:34:78:18:5b:
d7:df:e9:f0:f0:32:16:27:d7:3b:d3:aa:84:b6:dc:
2c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F8:4D:96:F4:9D:18:A9:F8:87:46:55:FB:85:9F:23:18:CF:08:26
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3_hNlvSdGKn4h0ZV-4WfIxjPCCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:eb0::/47
2a0e:b107:ebf::/48
Signature Algorithm: sha256WithRSAEncryption
9b:98:56:7b:95:6d:e6:c0:49:1b:09:24:f4:5b:f2:43:d8:b6:
e9:40:6e:4d:09:52:09:7f:05:ff:87:3e:b0:4b:bd:af:f3:0a:
6b:60:1e:cf:90:2e:a2:30:d0:99:e7:7c:3d:41:2b:1f:cd:42:
c6:0a:e9:24:70:f3:ac:5f:20:bb:7d:49:33:6c:6b:07:f5:9c:
f9:b1:70:39:77:e5:a9:1c:61:8f:af:39:9a:47:17:22:04:ae:
db:a5:dc:1b:8c:24:69:3d:3e:3b:ee:50:07:e2:fd:9e:c4:88:
65:16:6b:ab:1f:a8:22:e3:6c:97:c4:35:19:fa:1a:91:12:b5:
87:e2:7b:99:b9:a6:dd:9b:84:1c:ff:49:f6:b0:1d:19:37:65:
85:4f:78:30:28:3f:fb:01:97:de:ae:7a:9b:a4:01:af:eb:2a:
d1:6a:23:00:02:95:4e:6b:a9:b8:e4:3c:a4:2e:be:f6:bf:bb:
70:0e:94:38:39:3a:e8:a1:42:e6:3a:c2:1c:13:d3:8f:2a:48:
40:bf:a2:33:ca:9d:a3:9a:76:57:43:ac:99:05:c9:00:b3:4c:
aa:4e:33:5b:7e:c8:57:f2:3a:b0:ab:65:13:a1:9e:14:f1:00:
d4:44:a3:6f:da:34:18:97:b5:0f:53:be:6c:42:3a:fc:4e:4a:
fe:6c:ea:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6BGrEmVaCHtFiPxgHGIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY4NGQ5NmY0OWQxOGE5Zjg4NzQ2NTVmYjg1OWYyMzE4Y2YwODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZDTkTJVbJDl2FSjEnLulUgtnF/A
IvujInIleepdrDJdGQ4a3dNW/cewbT+MM426fAHS7poyPpemN/3S4CERIe2nfN0b
llXaApLrXpugZdr+LaxUalF5kOQAJhE7IRmUYmzkdHAineN6Zc0v3me0qI+jwdog
NpqdM32at4ar9rNChXIt7VE9tFPOx1/PHa5MGSnEtHDY1nsLbMJwkZYov68DvOGg
IUu0Wt3/6anZpfef5oA2elg6y7bEpOtI9ceuxQ6XVSOHvBsKy1x6PLoexbrPrO74
ESFA9NghM4Lq1mIBUXbnGhrcTZV2KjR4GFvX3+nw8DIWJ9c706qEttwsvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN/4TZb0nRip+IdGVfuFnyMYzwgmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM19oTmx2U2RHS240aDBaVi00V2ZJeGpQQ0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6xBw6w
AwcAKg6xBw6/MA0GCSqGSIb3DQEBCwUAA4IBAQCbmFZ7lW3mwEkbCST0W/JD2Lbp
QG5NCVIJfwX/hz6wS72v8wprYB7PkC6iMNCZ53w9QSsfzULGCukkcPOsXyC7fUkz
bGsH9Zz5sXA5d+WpHGGPrzmaRxciBK7bpdwbjCRpPT477lAH4v2exIhlFmurH6gi
42yXxDUZ+hqRErWH4nuZuabdm4Qc/0n2sB0ZN2WFT3gwKD/7AZfernqbpAGv6yrR
aiMAApVOa6m45DykLr72v7twDpQ4OTrooULmOsIcE9OPKkhAv6Izyp2jmnZXQ6yZ
BckAs0yqTjNbfshX8jqwq2UToZ4U8QDURKNv2jQYl7UPU75sQjr8Tkr+bOoM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org