Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4tzhgvDTnd4CveeGmw3jMX0gwS8.roa
File: 4tzhgvDTnd4CveeGmw3jMX0gwS8.roa (raw, json)
Hash identifier: WWALC7oR3kxfLLhEkOBC+BJqmHjG1vE4e8mReOt/cFQ=
Subject key identifier: E2:DC:E1:82:F0:D3:9D:DE:02:BD:E7:86:9B:0D:E3:31:7D:20:C1:2F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E162C8A6054ABDF9B5CE19D992E515987
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4tzhgvDTnd4CveeGmw3jMX0gwS8.roa
Signing time: Wed 06 Mar 2024 23:50:01 +0000
ROA not before: Wed 06 Mar 2024 23:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 23 Mar 2024 20:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:16:2c:8a:60:54:ab:df:9b:5c:e1:9d:99:2e:51:59:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 6 23:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2dce182f0d39dde02bde7869b0de3317d20c12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:04:75:91:f9:30:1d:38:86:49:e6:f7:34:82:
95:d2:05:d7:3f:5d:4d:fd:fd:29:1e:0a:bc:bf:db:
b1:35:34:3b:36:04:21:cb:41:b9:7d:c5:f8:90:34:
58:a1:a8:da:0f:0b:f4:d5:68:6b:a2:96:6b:5a:d0:
19:f8:2c:d8:08:09:f8:58:d7:5c:20:f0:86:f4:92:
66:0e:54:d6:a0:9c:69:f9:23:64:c6:a3:2e:a4:18:
eb:6e:bc:cb:89:4c:bb:c6:f8:2c:a4:9c:17:b8:2d:
dd:0f:fe:4d:7b:77:32:7e:1c:b9:aa:d0:8d:e0:85:
4c:bf:c4:af:ec:d9:80:2c:84:3e:31:32:39:a4:40:
25:e5:4d:f7:a8:fc:3b:20:59:60:d7:9c:00:ea:9b:
7b:5a:48:76:9f:82:99:34:a0:96:7d:cb:ba:f9:ac:
15:4c:5a:43:bf:52:91:e6:19:cf:71:95:32:9d:b2:
01:4b:e5:57:e3:49:1a:13:9d:67:b0:c2:5f:52:9d:
70:6a:c6:a7:66:57:a9:f4:fc:ba:d3:f7:04:d5:7e:
82:33:bb:ac:ba:55:2c:e0:ef:07:d2:c4:06:b5:19:
7c:74:cb:8d:79:e0:0d:6f:e6:04:42:e6:dd:65:ef:
1e:d0:d6:5d:6c:24:67:98:c3:5b:3b:c4:29:70:4a:
f0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DC:E1:82:F0:D3:9D:DE:02:BD:E7:86:9B:0D:E3:31:7D:20:C1:2F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4tzhgvDTnd4CveeGmw3jMX0gwS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::-2a0e:b107:12d2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:ca:ef:be:56:14:57:d9:c9:9b:4d:48:29:68:0a:d6:09:2f:
05:0b:95:66:59:1b:fd:6b:26:5b:3e:56:e4:e1:d9:97:5d:6b:
ca:85:e9:f8:41:8d:a9:50:7f:2c:81:31:d1:b4:47:6a:1f:c8:
4e:8b:4e:9f:54:c1:a9:72:f9:dd:64:02:ce:59:77:bf:1e:de:
57:44:b3:ed:c1:fa:53:f3:34:8e:b5:d5:07:15:eb:2b:70:ee:
ec:ca:32:55:c1:56:1e:02:e3:28:b6:42:84:39:c6:4f:72:8b:
a7:0b:25:73:50:f1:d3:20:6b:df:8b:16:e2:3a:15:bf:8e:31:
c7:22:99:48:a9:57:d3:9e:50:ca:1f:69:0b:c8:fd:db:94:94:
1b:02:5c:b7:0f:da:1b:50:35:36:2f:bc:12:c9:3b:10:e0:ce:
6f:37:9b:5f:09:e1:6a:d4:c0:b1:59:fe:0f:67:a4:97:aa:2b:
1e:ca:7d:d5:88:42:e0:13:6e:27:67:cf:ab:1a:ee:d2:48:d6:
e1:aa:88:0d:59:e6:31:72:83:27:e0:96:8a:40:35:7a:29:71:
ba:cd:be:65:3a:3b:cc:c5:da:48:db:65:c3:70:1f:bf:69:26:
14:62:e9:3c:6e:f9:ba:96:fe:55:d7:6c:7f:df:50:f9:de:a6:
84:ed:de:ae
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4WLIpgVKvfm1zhnZkuUVmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzA2MjM1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRjZTE4MmYwZDM5ZGRlMDJiZGU3ODY5YjBkZTMzMTdkMjBjMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgR1kfkwHTiGSeb3NIKV0gXXP11N
/f0pHgq8v9uxNTQ7NgQhy0G5fcX4kDRYoajaDwv01WhropZrWtAZ+CzYCAn4WNdc
IPCG9JJmDlTWoJxp+SNkxqMupBjrbrzLiUy7xvgspJwXuC3dD/5Ne3cyfhy5qtCN
4IVMv8Sv7NmALIQ+MTI5pEAl5U33qPw7IFlg15wA6pt7Wkh2n4KZNKCWfcu6+awV
TFpDv1KR5hnPcZUynbIBS+VX40kaE51nsMJfUp1wasanZlep9Py60/cE1X6CM7us
ulUs4O8H0sQGtRl8dMuNeeANb+YEQubdZe8e0NZdbCRnmMNbO8QpcErwawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOLc4YLw053eAr3nhpsN4zF9IMEvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHR6aGd2RFRuZDRDdmVlR213M2pNWDBnd1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
EtEDBwAqDrEHEtIwDQYJKoZIhvcNAQELBQADggEBAG3K775WFFfZyZtNSCloCtYJ
LwULlWZZG/1rJls+VuTh2Zdda8qF6fhBjalQfyyBMdG0R2ofyE6LTp9Uwaly+d1k
As5Zd78e3ldEs+3B+lPzNI611QcV6ytw7uzKMlXBVh4C4yi2QoQ5xk9yi6cLJXNQ
8dMga9+LFuI6Fb+OMccimUipV9OeUMofaQvI/duUlBsCXLcP2htQNTYvvBLJOxDg
zm83m18J4WrUwLFZ/g9npJeqKx7KfdWIQuATbidnz6sa7tJI1uGqiA1Z5jFygyfg
lopANXopcbrNvmU6O8zF2kjbZcNwH79pJhRi6Txu+bqW/lXXbH/fUPnepoTt3q4=
-----END CERTIFICATE-----
Generated at Sat Mar 23 21:48:09 2024 by rpki-client on console-fra.rpki-client.org