Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4zTCII4Mc2RsfJQkZLQ8VZEhpOw.roa
File: 4zTCII4Mc2RsfJQkZLQ8VZEhpOw.roa (raw, json)
Hash identifier: L6rAL3T9SofRCgA+ja/9Afa8ALV9A9SAxFgWLnE9S3E=
Subject key identifier: E3:34:C2:20:8E:0C:73:64:6C:7C:94:24:64:B4:3C:55:91:21:A4:EC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AB85ABC1496FF7B44DDC3C315B63D2301
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4zTCII4Mc2RsfJQkZLQ8VZEhpOw.roa
Signing time: Thu 21 Sep 2023 15:27:48 +0000
ROA not before: Thu 21 Sep 2023 15:27:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:97c0:5d0::/44 maxlen: 48
2a0e:b107:279d::/48 maxlen: 48
2a0e:b107:279a::/48 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
2a0e:b107:279f::/48 maxlen: 48
2a0e:b107:2691::/48 maxlen: 48
2a0e:b107:2799::/48 maxlen: 48
2a0e:b107:279e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Sep 2023 17:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b8:5a:bc:14:96:ff:7b:44:dd:c3:c3:15:b6:3d:23:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 21 15:27:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e334c2208e0c73646c7c942464b43c559121a4ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:41:7f:bf:2d:67:f3:d2:07:5f:ff:db:7b:
06:94:25:bb:e0:ea:ba:6f:ff:41:11:8f:03:f2:de:
13:c3:13:9a:26:3c:db:4c:e8:af:9e:be:89:9d:d6:
79:e7:74:18:bc:c3:3f:c9:a6:b9:eb:73:18:44:9c:
40:ea:d0:6d:45:bf:eb:5b:ef:71:fd:d7:d0:0d:7f:
30:b1:ba:b4:99:d3:4f:61:1c:64:ec:0a:99:12:07:
75:17:1a:63:23:09:94:07:6b:8b:90:b6:12:47:b0:
08:fc:b9:ab:8d:db:24:d1:a8:17:95:ce:09:13:fa:
82:bd:89:17:94:f6:c7:35:f6:43:69:12:2a:b8:1c:
c3:ca:6e:46:22:e2:ff:cb:1f:cd:a9:b7:9b:2a:25:
c4:1b:fb:3a:78:d3:0a:37:be:39:d6:75:75:12:55:
cc:63:23:e7:16:d4:01:99:99:bd:05:e3:56:5f:e9:
42:c2:57:db:da:9d:51:26:c5:a9:54:ea:82:7c:98:
79:3f:e5:0a:c5:5e:ff:7e:dd:03:04:c4:e2:20:4f:
1b:0a:06:c9:ec:ea:c7:a6:1e:bd:ea:10:4f:b8:3d:
ad:a0:55:40:5e:fd:b5:bf:be:6a:7e:e9:b4:11:42:
8c:a2:a1:3a:22:7e:70:a3:93:33:fa:bb:6c:4e:03:
0b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:34:C2:20:8E:0C:73:64:6C:7C:94:24:64:B4:3C:55:91:21:A4:EC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4zTCII4Mc2RsfJQkZLQ8VZEhpOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5d0::/44
2a0e:b107:2691::/48
2a0e:b107:278a::/48
2a0e:b107:2799::-2a0e:b107:279a:ffff:ffff:ffff:ffff:ffff
2a0e:b107:279d::-2a0e:b107:279f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:27:52:11:11:bd:5a:22:4f:29:7b:1c:5c:65:22:a4:fd:0b:
01:40:fa:2b:64:ae:6f:67:e6:f5:be:fc:1f:1d:95:2e:5a:13:
d9:29:31:a2:5d:2e:a5:bf:ed:49:50:cc:05:d7:55:7c:92:48:
b9:55:b5:5d:b2:18:c3:e4:e4:7d:ba:47:c9:40:32:e5:b1:48:
9a:90:e5:71:67:c4:e6:50:e2:b7:be:f2:fd:2b:b3:fb:4e:87:
e3:ae:2a:29:01:1c:8a:90:e7:80:d5:41:40:35:34:81:f3:2b:
32:36:a1:3f:36:2c:d3:ee:a9:5f:42:32:ad:58:40:f3:89:81:
a3:1e:7e:03:53:be:b8:a0:c8:2a:98:d7:de:4c:83:b6:f5:a7:
ef:78:e5:fd:50:70:b1:1e:f5:63:d2:b7:04:cf:1c:1e:4d:00:
f0:fa:d2:3d:4c:a3:40:94:51:0b:45:80:cb:f0:9b:3b:bb:64:
ce:6a:1d:8c:24:e1:5a:3e:80:29:3c:0a:01:25:3e:a3:98:89:
2f:4d:a6:8e:5e:75:52:e9:dc:cb:9f:53:e9:2c:d7:46:83:00:
46:f7:12:97:0a:2d:b7:b5:b8:e4:c4:b8:7f:d3:bb:f5:36:ed:
4a:28:b9:ce:aa:48:81:05:ed:fb:6d:de:87:56:27:21:02:3c:
85:fa:f1:62
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYq4WrwUlv97RN3DwxW2PSMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTIxMTUyNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzM0YzIyMDhlMGM3MzY0NmM3Yzk0MjQ2NGI0M2M1NTkxMjFhNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6lBf78tZ/PSB1//23sGlCW74Oq6
b/9BEY8D8t4TwxOaJjzbTOivnr6JndZ553QYvMM/yaa563MYRJxA6tBtRb/rW+9x
/dfQDX8wsbq0mdNPYRxk7AqZEgd1FxpjIwmUB2uLkLYSR7AI/Lmrjdsk0agXlc4J
E/qCvYkXlPbHNfZDaRIquBzDym5GIuL/yx/NqbebKiXEG/s6eNMKN7451nV1ElXM
YyPnFtQBmZm9BeNWX+lCwlfb2p1RJsWpVOqCfJh5P+UKxV7/ft0DBMTiIE8bCgbJ
7OrHph696hBPuD2toFVAXv21v75qfum0EUKMoqE6In5wo5Mz+rtsTgMLMwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFOM0wiCODHNkbHyUJGS0PFWRIaTsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHpUQ0lJNE1jMlJzZkpRa1pMUThWWkVocE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcEKg6XwAXQ
AwcAKg6xByaRAwcAKg6xByeKMBIDBwAqDrEHJ5kDBwAqDrEHJ5owEgMHACoOsQcn
nQMHBSoOsQcngDANBgkqhkiG9w0BAQsFAAOCAQEAoidSERG9WiJPKXscXGUipP0L
AUD6K2Sub2fm9b78Hx2VLloT2Skxol0upb/tSVDMBddVfJJIuVW1XbIYw+TkfbpH
yUAy5bFImpDlcWfE5lDit77y/Suz+06H464qKQEcipDngNVBQDU0gfMrMjahPzYs
0+6pX0IyrVhA84mBox5+A1O+uKDIKpjX3kyDtvWn73jl/VBwsR71Y9K3BM8cHk0A
8PrSPUyjQJRRC0WAy/CbO7tkzmodjCThWj6AKTwKASU+o5iJL02mjl51Uuncy59T
6SzXRoMARvcSlwott7W45MS4f9O79TbtSii5zqpIgQXt+23eh1YnIQI8hfrxYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:22 2024 by rpki-client on console-fra.rpki-client.org