Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40lPCD6XBacApah-VUoLDP73GUs.roa
File: 40lPCD6XBacApah-VUoLDP73GUs.roa (raw, json)
Hash identifier: TkhtIhUGjG57BGjt9XG7qjMpqQhJa3eWpqwmIJ5XHtM=
Subject key identifier: E3:49:4F:08:3E:97:05:A7:00:A5:A8:7E:55:4A:0B:0C:FE:F7:19:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A536ECDA1E8F439DC9F95967A94AEC125
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40lPCD6XBacApah-VUoLDP73GUs.roa
Signing time: Sat 02 Sep 2023 01:08:05 +0000
ROA not before: Sat 02 Sep 2023 01:08:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49195
IP address blocks: 2a0e:b107:1c50::/44 maxlen: 48
2a0e:b107:1810::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Oct 2023 20:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:6e:cd:a1:e8:f4:39:dc:9f:95:96:7a:94:ae:c1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 2 01:08:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3494f083e9705a700a5a87e554a0b0cfef7194b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:56:d2:3f:87:28:7f:45:00:33:b8:eb:b5:59:
01:a6:18:75:71:8c:27:67:eb:e0:c9:c6:f4:06:d7:
70:24:aa:4e:c2:41:f8:f0:b0:2d:a6:10:56:d7:45:
da:5f:26:79:ca:89:2f:07:f6:c0:d7:06:04:4a:a9:
2a:59:a3:29:b1:ce:da:74:5e:e5:19:f5:ca:cd:ba:
92:ff:2b:03:b7:47:67:a9:7d:8c:1d:1b:7a:da:84:
12:99:06:ad:84:01:0e:0c:5d:7c:1a:0d:8f:e9:d1:
19:90:a1:c2:ad:90:0c:8a:33:d2:48:6e:65:a0:86:
36:7c:cf:11:93:3e:cf:71:ae:ae:b8:d8:ad:9e:6b:
7d:dc:8f:d4:44:ea:0e:a1:30:9c:2a:f8:47:1c:b3:
fd:0d:d6:c6:84:a3:62:5a:47:8c:29:71:ac:b1:79:
c5:01:b1:3e:49:bb:34:e8:c7:1e:23:58:ae:4e:30:
2d:e6:f6:e4:63:89:bb:46:ec:b2:d0:43:ea:83:8d:
5a:53:40:21:db:91:16:d9:c3:78:72:d6:96:4d:08:
5f:51:41:39:89:1a:db:ee:f2:b4:4e:c3:16:d0:e0:
8a:e7:b1:e9:f2:0c:bc:1a:c5:7d:f9:64:78:4a:69:
66:39:b5:c8:41:5d:b9:44:85:cc:ad:75:17:e9:67:
78:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:49:4F:08:3E:97:05:A7:00:A5:A8:7E:55:4A:0B:0C:FE:F7:19:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40lPCD6XBacApah-VUoLDP73GUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1810::/44
2a0e:b107:1c50::/44
Signature Algorithm: sha256WithRSAEncryption
7a:bf:65:8d:dc:32:ca:58:6c:da:32:39:63:e9:e0:40:16:fc:
1d:60:ab:f0:68:40:58:51:61:a6:ef:71:c7:b0:a0:26:45:7a:
07:92:22:c4:de:44:25:b9:39:f4:d1:7d:f4:36:cc:8f:b4:2b:
51:cc:ba:2c:52:b4:b1:39:6a:39:80:2a:c1:5b:35:b3:36:3f:
50:7e:8a:da:41:07:2c:ca:74:db:0c:d7:84:29:65:95:d2:41:
7c:4d:8c:bf:2d:cd:9d:8e:f3:25:74:2c:04:65:74:fd:df:b3:
c8:1c:dc:bb:e9:b5:f0:bf:a7:8d:6f:42:99:df:c5:88:52:5e:
29:e1:cd:10:00:ff:7b:d0:0e:bf:c8:ef:27:e3:86:06:d1:62:
7a:f0:ce:12:52:38:79:cf:f3:55:b0:9f:0e:54:fd:c6:90:72:
69:3c:ce:00:47:50:bf:66:a4:83:2b:3f:e0:34:dd:14:5a:10:
f0:96:1b:54:b8:df:50:1c:23:3f:89:ef:41:4a:61:cf:87:96:
6b:a6:00:00:1d:2e:34:c2:2e:0b:e9:aa:01:8c:d1:e4:4a:9a:
c3:31:55:65:72:72:cd:b4:bf:d2:03:77:0d:31:79:a7:98:cf:
aa:f3:7c:cd:bd:e4:38:3d:cc:40:9e:3e:b0:b4:11:b8:68:a2:
c5:f1:6c:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpTbs2h6PQ53J+VlnqUrsElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTAyMDEwODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ5NGYwODNlOTcwNWE3MDBhNWE4N2U1NTRhMGIwY2ZlZjcxOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1bSP4cof0UAM7jrtVkBphh1cYwn
Z+vgycb0BtdwJKpOwkH48LAtphBW10XaXyZ5yokvB/bA1wYESqkqWaMpsc7adF7l
GfXKzbqS/ysDt0dnqX2MHRt62oQSmQathAEODF18Gg2P6dEZkKHCrZAMijPSSG5l
oIY2fM8Rkz7Pca6uuNitnmt93I/UROoOoTCcKvhHHLP9DdbGhKNiWkeMKXGssXnF
AbE+Sbs06MceI1iuTjAt5vbkY4m7Ruyy0EPqg41aU0Ah25EW2cN4ctaWTQhfUUE5
iRrb7vK0TsMW0OCK57Hp8gy8GsV9+WR4SmlmObXIQV25RIXMrXUX6Wd4DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFONJTwg+lwWnAKWoflVKCwz+9xlLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNDBsUENENlhCYWNBcGFoLVZVb0xEUDczR1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxgQ
AwcEKg6xBxxQMA0GCSqGSIb3DQEBCwUAA4IBAQB6v2WN3DLKWGzaMjlj6eBAFvwd
YKvwaEBYUWGm73HHsKAmRXoHkiLE3kQluTn00X30NsyPtCtRzLosUrSxOWo5gCrB
WzWzNj9QforaQQcsynTbDNeEKWWV0kF8TYy/Lc2djvMldCwEZXT937PIHNy76bXw
v6eNb0KZ38WIUl4p4c0QAP970A6/yO8n44YG0WJ68M4SUjh5z/NVsJ8OVP3GkHJp
PM4AR1C/ZqSDKz/gNN0UWhDwlhtUuN9QHCM/ie9BSmHPh5ZrpgAAHS40wi4L6aoB
jNHkSprDMVVlcnLNtL/SA3cNMXmnmM+q83zNveQ4PcxAnj6wtBG4aKLF8Wyw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org