Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4qNDBulsmtWeIsqhM0cyQvnMAbM.roa
File: 4qNDBulsmtWeIsqhM0cyQvnMAbM.roa (raw, json)
Hash identifier: 2mCiqtlK/me5lVQCrTFkZ/I+Y1NETLyzsp7LwGXZqvQ=
Subject key identifier: E2:A3:43:06:E9:6C:9A:D5:9E:22:CA:A1:33:47:32:42:F9:CC:01:B3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF816FE055495C06C7D44ADBC8457
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4qNDBulsmtWeIsqhM0cyQvnMAbM.roa
Signing time: Tue 24 Jan 2023 16:09:50 +0000
ROA not before: Tue 24 Jan 2023 16:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211509
IP address blocks: 2a0e:b107:1180::/48 maxlen: 48
2a0e:b107:1181::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Apr 2023 10:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f8:16:fe:05:54:95:c0:6c:7d:44:ad:bc:84:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2a34306e96c9ad59e22caa133473242f9cc01b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f9:6c:f2:6d:46:dc:76:f3:68:c1:9f:cf:8e:
5f:a2:a7:ae:6e:f0:0b:8c:27:9d:61:4e:7a:93:fb:
35:fd:38:2d:a9:57:b3:04:c1:b9:b3:b3:cb:66:fc:
d2:2d:bb:df:11:8c:3b:20:9b:82:a8:e3:5e:6f:8d:
9a:f6:c5:da:13:ec:dd:05:ce:a4:2c:74:61:e9:06:
d8:75:9d:3d:b3:aa:ff:3e:b9:0d:d0:55:3b:08:76:
9c:a6:43:d6:8e:2c:68:dd:f5:8a:9d:c7:e3:11:71:
b7:9a:ee:02:bb:8f:ef:69:86:3b:14:99:0f:eb:f6:
35:d3:1b:92:3d:89:82:af:9a:ee:6b:a2:52:95:61:
c5:50:22:a6:ce:b5:f9:23:70:63:83:5a:ef:c7:2d:
1b:10:ed:39:61:e0:41:6f:39:40:23:4c:30:34:0d:
ce:90:ff:0b:3f:71:6b:5d:2b:17:c4:c2:97:8d:e8:
eb:1e:d4:3e:29:a2:f8:94:38:38:93:8f:18:ce:c9:
89:82:63:80:bc:0f:10:1c:0e:51:ca:b4:ef:74:c2:
62:05:b1:2f:35:93:29:9a:b8:72:f0:c1:d7:03:44:
14:93:20:99:7f:ec:19:9c:10:59:07:08:af:ba:4b:
75:b4:71:e9:00:9f:fc:db:41:4b:d0:1c:51:d7:43:
57:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A3:43:06:E9:6C:9A:D5:9E:22:CA:A1:33:47:32:42:F9:CC:01:B3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4qNDBulsmtWeIsqhM0cyQvnMAbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1180::/47
Signature Algorithm: sha256WithRSAEncryption
27:f3:c8:30:62:b7:b4:af:0f:6e:96:bc:a5:d0:5d:9c:bc:10:
0b:6b:76:60:66:73:99:9a:71:db:83:d7:14:db:cd:35:db:87:
05:83:fe:f0:97:f8:6a:44:6f:e9:48:e7:02:c8:fd:d7:98:3d:
fa:74:b6:d6:bc:05:dc:78:cc:92:f4:43:1f:80:58:61:62:4f:
8e:67:0c:d4:5d:fc:75:24:4b:1a:76:2f:4c:27:ba:1e:15:d8:
df:3d:5e:eb:ad:a6:59:66:57:79:73:82:41:5d:69:6b:b4:32:
24:c6:b1:25:a4:45:eb:3f:c3:2c:5f:f0:02:fe:7b:9c:b3:41:
dc:56:9c:10:86:51:d2:04:6c:97:b5:57:20:d8:42:0d:01:bd:
9d:99:c8:b0:63:27:d2:51:16:77:74:cb:96:ed:d3:f5:3e:4f:
2a:83:da:47:82:0f:0c:2b:10:b6:0a:bc:08:aa:43:ad:8f:ba:
2e:02:97:05:1f:37:6b:97:7a:54:6c:f4:c8:bf:f5:67:10:6b:
81:df:94:b1:db:8f:aa:47:99:72:b4:9f:47:a0:b2:71:1e:5f:
eb:11:09:e6:c1:fc:b6:dc:ab:8c:d4:54:af:4b:86:d6:eb:5d:
84:4d:a9:4b:8c:bd:6c:0b:44:40:05:ed:e0:34:77:3a:d2:f2:
3e:e4:f5:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkivgW/gVUlcBsfUStvIRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmEzNDMwNmU5NmM5YWQ1OWUyMmNhYTEzMzQ3MzI0MmY5Y2MwMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvls8m1G3HbzaMGfz45foqeubvAL
jCedYU56k/s1/TgtqVezBMG5s7PLZvzSLbvfEYw7IJuCqONeb42a9sXaE+zdBc6k
LHRh6QbYdZ09s6r/PrkN0FU7CHacpkPWjixo3fWKncfjEXG3mu4Cu4/vaYY7FJkP
6/Y10xuSPYmCr5rua6JSlWHFUCKmzrX5I3Bjg1rvxy0bEO05YeBBbzlAI0wwNA3O
kP8LP3FrXSsXxMKXjejrHtQ+KaL4lDg4k48YzsmJgmOAvA8QHA5RyrTvdMJiBbEv
NZMpmrhy8MHXA0QUkyCZf+wZnBBZBwivukt1tHHpAJ/820FL0BxR10NXTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOKjQwbpbJrVniLKoTNHMkL5zAGzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHFOREJ1bHNtdFdlSXNxaE0wY3lRdm5NQWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBxGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAn88gwYre0rw9ulryl0F2cvBALa3ZgZnOZmnHb
g9cU280124cFg/7wl/hqRG/pSOcCyP3XmD36dLbWvAXceMyS9EMfgFhhYk+OZwzU
Xfx1JEsadi9MJ7oeFdjfPV7rraZZZld5c4JBXWlrtDIkxrElpEXrP8MsX/AC/nuc
s0HcVpwQhlHSBGyXtVcg2EINAb2dmciwYyfSURZ3dMuW7dP1Pk8qg9pHgg8MKxC2
CrwIqkOtj7ouApcFHzdrl3pUbPTIv/VnEGuB35Sx24+qR5lytJ9HoLJxHl/rEQnm
wfy23KuM1FSvS4bW612ETalLjL1sC0RABe3gNHc60vI+5PWo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org