Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5bL-29Oa_GhqrFAm06cuj4ytO0o.roa
File: 5bL-29Oa_GhqrFAm06cuj4ytO0o.roa (raw, json)
Hash identifier: pJjmZOsKPp0RM9XYdTe+BtUGN5eErgr8TO/D+cwgXNE=
Subject key identifier: E5:B2:FE:DB:D3:9A:FC:68:6A:AC:50:26:D3:A7:2E:8F:8C:AD:3B:4A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D54C1C14E6C438B83EC807C3EB5D6E9D4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5bL-29Oa_GhqrFAm06cuj4ytO0o.roa
Signing time: Mon 29 Jan 2024 10:26:40 +0000
ROA not before: Mon 29 Jan 2024 10:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215669
IP address blocks: 2a06:de01:110::/44 maxlen: 48
2a06:de01:110::/48 maxlen: 48
2a0e:97c0:8b0::/44 maxlen: 48
2a0e:97c0:8b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 04 Feb 2024 11:22:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:c1:c1:4e:6c:43:8b:83:ec:80:7c:3e:b5:d6:e9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 29 10:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5b2fedbd39afc686aac5026d3a72e8f8cad3b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8f:e8:7e:a2:13:49:0b:c9:47:c4:22:67:f5:
88:78:a2:b4:a2:fc:2c:a5:7b:85:39:f5:1e:ea:b7:
8a:98:fa:cd:74:b1:7f:52:b7:5d:a9:cc:bd:0f:af:
18:e5:4f:86:eb:cf:11:73:b0:3c:a5:2e:77:3c:90:
f7:b7:5c:d5:ca:95:3f:d0:a5:5a:1d:aa:ba:49:c7:
d8:b0:be:4b:63:c0:c7:d0:59:54:df:88:53:f5:ff:
ec:89:a5:dc:d6:aa:d8:b4:aa:3d:95:07:fb:37:0c:
7d:9a:a4:39:21:b2:bd:63:c6:ba:44:b0:ae:cc:db:
89:7d:e6:0c:44:4d:67:b9:23:36:86:e9:76:50:c5:
ae:da:94:73:d4:f0:e0:81:60:3e:ce:bc:fc:11:6f:
4a:5d:88:98:bf:f6:06:db:fc:87:c4:ed:f6:07:3a:
75:e1:ed:98:73:b5:a7:dc:07:e2:a7:f3:ab:63:56:
f2:61:3a:e2:75:20:1c:d3:4e:e5:91:0b:37:fc:5d:
d0:4b:37:0d:b1:2c:e1:43:b2:c0:f5:aa:19:e4:a2:
01:87:24:2f:9f:20:6a:47:18:80:0c:94:88:62:d8:
b3:06:2f:b3:92:0d:27:87:72:96:0e:b3:d6:0f:74:
31:10:eb:72:f6:0f:9a:58:b2:3a:0e:a4:22:ff:33:
b1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B2:FE:DB:D3:9A:FC:68:6A:AC:50:26:D3:A7:2E:8F:8C:AD:3B:4A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5bL-29Oa_GhqrFAm06cuj4ytO0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:110::/44
2a0e:97c0:8b0::/44
Signature Algorithm: sha256WithRSAEncryption
56:bb:48:3a:39:b4:a6:64:11:3e:d0:35:7d:cd:4e:99:ce:72:
63:b9:3f:dc:64:ce:f0:4b:69:9f:28:54:4a:58:26:20:c3:b5:
7e:68:70:2f:91:8e:8e:c7:16:74:c6:66:cf:38:da:e8:e6:d7:
8a:86:25:40:5b:37:78:cc:9b:0b:72:93:53:7f:82:e1:40:2e:
4c:85:5a:1c:3d:ca:c0:9c:a8:9d:cf:4d:9d:d6:93:b5:b6:62:
13:36:3e:28:ce:f3:16:7a:6b:ed:a8:b4:da:43:e6:80:d6:15:
15:24:3d:95:69:17:48:bd:8e:e3:08:f4:3a:c7:d7:7c:01:e7:
04:04:eb:2e:88:75:4d:5f:4d:2c:26:32:83:25:f6:95:8c:42:
c6:90:21:9b:f9:6d:a9:5c:9c:0f:26:bf:f1:2b:cf:7e:e2:72:
a6:84:71:40:f8:7d:74:dd:84:e0:cd:19:39:f6:d1:ca:60:e4:
1d:eb:7a:15:19:1b:0c:e9:f6:49:93:a3:60:b1:97:4a:2d:54:
48:fe:de:16:c2:14:6a:03:34:df:9c:af:af:4d:ad:aa:29:c3:
b2:3d:c2:12:31:73:59:6a:81:eb:2c:44:6f:26:c4:1f:7d:3e:
97:08:ee:a1:f6:48:ee:53:30:bd:29:dd:8c:21:9e:94:9d:48:
88:98:24:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1UwcFObEOLg+yAfD611unUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI5MTAyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWIyZmVkYmQzOWFmYzY4NmFhYzUwMjZkM2E3MmU4ZjhjYWQzYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI/ofqITSQvJR8QiZ/WIeKK0ovws
pXuFOfUe6reKmPrNdLF/Urddqcy9D68Y5U+G688Rc7A8pS53PJD3t1zVypU/0KVa
Haq6ScfYsL5LY8DH0FlU34hT9f/siaXc1qrYtKo9lQf7Nwx9mqQ5IbK9Y8a6RLCu
zNuJfeYMRE1nuSM2hul2UMWu2pRz1PDggWA+zrz8EW9KXYiYv/YG2/yHxO32Bzp1
4e2Yc7Wn3Afip/OrY1byYTridSAc007lkQs3/F3QSzcNsSzhQ7LA9aoZ5KIBhyQv
nyBqRxiADJSIYtizBi+zkg0nh3KWDrPWD3QxEOty9g+aWLI6DqQi/zOxuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOWy/tvTmvxoaqxQJtOnLo+MrTtKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNWJMLTI5T2FfR2hxckZBbTA2Y3VqNHl0TzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAQEQ
AwcEKg6XwAiwMA0GCSqGSIb3DQEBCwUAA4IBAQBWu0g6ObSmZBE+0DV9zU6ZznJj
uT/cZM7wS2mfKFRKWCYgw7V+aHAvkY6OxxZ0xmbPONro5teKhiVAWzd4zJsLcpNT
f4LhQC5MhVocPcrAnKidz02d1pO1tmITNj4ozvMWemvtqLTaQ+aA1hUVJD2VaRdI
vY7jCPQ6x9d8AecEBOsuiHVNX00sJjKDJfaVjELGkCGb+W2pXJwPJr/xK89+4nKm
hHFA+H103YTgzRk59tHKYOQd63oVGRsM6fZJk6NgsZdKLVRI/t4WwhRqAzTfnK+v
Ta2qKcOyPcISMXNZaoHrLERvJsQffT6XCO6h9kjuUzC9Kd2MIZ6UnUiImCTk
-----END CERTIFICATE-----
Generated at Sun Feb 4 14:31:17 2024 by rpki-client on console-fra.rpki-client.org