Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5KTcX0tlqNp2nkOGJLv3T9lGQl4.roa
File: 5KTcX0tlqNp2nkOGJLv3T9lGQl4.roa (raw, json)
Hash identifier: rSfgcRT6oSBkuaApBL5KBcmLT4Onhr/2mt4m4wI4zg0=
Subject key identifier: E4:A4:DC:5F:4B:65:A8:DA:76:9E:43:86:24:BB:F7:4F:D9:46:42:5E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C9C9C9DD60BE7783AB55C587E56E67426
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5KTcX0tlqNp2nkOGJLv3T9lGQl4.roa
Signing time: Sun 24 Dec 2023 16:15:58 +0000
ROA not before: Sun 24 Dec 2023 16:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a10:ccc0:3002::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 24 Dec 2023 18:36:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:9c:9d:d6:0b:e7:78:3a:b5:5c:58:7e:56:e6:74:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 24 16:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4a4dc5f4b65a8da769e438624bbf74fd946425e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:e2:b1:76:7b:6f:dd:8c:41:aa:0b:8a:e7:4c:
af:cd:b3:a4:84:15:0b:c4:d2:5b:76:d0:67:ff:28:
8c:19:9d:e7:47:a4:61:dd:62:81:04:e3:9f:0e:32:
3f:7f:b0:a2:0a:e0:62:29:7b:7d:c3:57:b5:c9:e8:
8b:d5:15:13:5b:9a:97:03:2f:ef:1f:ae:57:14:3b:
58:62:5d:e8:76:c6:22:09:86:dd:16:47:47:57:8e:
6c:00:f3:f0:7f:ca:8c:be:f6:8c:c1:25:0f:27:2c:
5e:fd:f9:a0:45:bb:fa:30:0d:16:52:d2:fa:b6:7c:
35:1c:f0:2e:d1:90:3a:25:ea:09:a8:1a:b6:24:15:
6e:36:f5:32:02:71:2c:c8:d9:8f:f7:93:a2:2e:a1:
82:c0:8f:a8:4d:46:2e:16:ae:c1:3c:62:d1:b0:87:
f0:e5:a9:fe:02:ff:4d:40:04:ad:7e:65:ff:b8:a7:
38:8c:b0:19:c2:04:db:fd:93:61:09:ed:06:8d:ef:
df:80:23:5c:bc:cc:04:78:88:08:d9:9b:f9:36:34:
b6:bd:e8:ad:89:cf:6f:fa:71:16:44:96:5a:72:46:
6e:41:0e:4d:30:dd:c7:2b:04:73:d3:f5:3d:e5:6f:
4a:7f:60:a1:1e:fe:37:a9:ca:18:58:53:fd:15:01:
70:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A4:DC:5F:4B:65:A8:DA:76:9E:43:86:24:BB:F7:4F:D9:46:42:5E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5KTcX0tlqNp2nkOGJLv3T9lGQl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:b107:19a0::/48
2a10:ccc0:3002::/48
Signature Algorithm: sha256WithRSAEncryption
8b:f8:18:e1:69:96:42:c6:ea:e3:1a:b5:69:12:a9:53:51:95:
79:55:86:c7:d9:75:fd:d1:b8:62:0a:b1:29:19:8f:89:49:10:
cc:83:58:95:bf:a0:ee:99:df:b0:a9:ab:46:4a:c7:3a:6a:6a:
77:6b:95:1d:9e:29:f7:95:22:7c:22:69:c9:d2:e0:07:38:14:
94:e6:02:eb:b1:c1:b7:e9:90:9d:e3:fd:eb:0a:44:f0:09:53:
e3:81:83:0f:48:50:ac:e3:b9:28:de:f5:16:2e:10:92:a2:63:
0f:97:c2:6f:d2:2f:37:c8:92:ec:e6:7c:83:62:fd:0d:bf:af:
14:27:c9:ae:cd:c9:97:2c:4c:d0:65:5a:93:6a:02:e8:84:e2:
8c:97:19:3e:2a:b7:9b:d1:8d:60:e4:d7:02:3c:e6:c0:d5:4f:
68:5b:4e:03:27:db:09:7f:57:ef:6a:3d:0a:32:ae:d1:fb:7d:
4b:84:96:2c:ee:09:7a:f4:43:39:d3:e6:d3:91:69:6e:7b:2d:
e5:bd:81:92:0e:1b:48:ae:59:d5:14:a0:f1:09:19:8a:f0:05:
fc:8a:d0:3b:36:f8:20:4d:62:f1:35:97:d0:5a:60:51:6d:74:
85:dc:fc:85:2d:e8:66:3f:69:32:b0:0d:12:07:a5:f9:95:af:
b9:9e:31:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYycnJ3WC+d4OrVcWH5W5nQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI0MTYxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE0ZGM1ZjRiNjVhOGRhNzY5ZTQzODYyNGJiZjc0ZmQ5NDY0MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9eKxdntv3YxBqguK50yvzbOkhBUL
xNJbdtBn/yiMGZ3nR6Rh3WKBBOOfDjI/f7CiCuBiKXt9w1e1yeiL1RUTW5qXAy/v
H65XFDtYYl3odsYiCYbdFkdHV45sAPPwf8qMvvaMwSUPJyxe/fmgRbv6MA0WUtL6
tnw1HPAu0ZA6JeoJqBq2JBVuNvUyAnEsyNmP95OiLqGCwI+oTUYuFq7BPGLRsIfw
5an+Av9NQAStfmX/uKc4jLAZwgTb/ZNhCe0Gje/fgCNcvMwEeIgI2Zv5NjS2veit
ic9v+nEWRJZackZuQQ5NMN3HKwRz0/U95W9Kf2ChHv43qcoYWFP9FQFwKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOSk3F9LZajadp5DhiS790/ZRkJeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNUtUY1gwdGxxTnAybmtPR0pMdjNUOWxHUWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgbeAAAQ
AwcAKg6xBxmgAwcAKhDMwDACMA0GCSqGSIb3DQEBCwUAA4IBAQCL+BjhaZZCxurj
GrVpEqlTUZV5VYbH2XX90bhiCrEpGY+JSRDMg1iVv6Dumd+wqatGSsc6amp3a5Ud
nin3lSJ8ImnJ0uAHOBSU5gLrscG36ZCd4/3rCkTwCVPjgYMPSFCs47ko3vUWLhCS
omMPl8Jv0i83yJLs5nyDYv0Nv68UJ8muzcmXLEzQZVqTagLohOKMlxk+Kreb0Y1g
5NcCPObA1U9oW04DJ9sJf1fvaj0KMq7R+31LhJYs7gl69EM50+bTkWluey3lvYGS
DhtIrlnVFKDxCRmK8AX8itA7NvggTWLxNZfQWmBRbXSF3PyFLehmP2kysA0SB6X5
la+5njHT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:53 2024 by rpki-client on console-ams.rpki-client.org