Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5qKLL3CrtOSPmW7Pdn3CJzMe63o.roa
File: 5qKLL3CrtOSPmW7Pdn3CJzMe63o.roa (raw, json)
Hash identifier: VADKewIAAFC0WTWFx89DEiovyX4bxQkHwxq3QdnW278=
Subject key identifier: E6:A2:8B:2F:70:AB:B4:E4:8F:99:6E:CF:76:7D:C2:27:33:1E:EB:7A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCDBFE292B1F8E609D1DE808462014
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5qKLL3CrtOSPmW7Pdn3CJzMe63o.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138685
IP address blocks: 2a0e:b107:768::/45 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 14:18:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:db:fe:29:2b:1f:8e:60:9d:1d:e8:08:46:20:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6a28b2f70abb4e48f996ecf767dc227331eeb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f1:a9:e8:ee:76:be:bf:db:08:67:20:45:e6:
cd:39:21:0e:4e:69:80:f4:59:5d:dd:d7:d6:28:fd:
bb:6e:39:c2:85:59:cd:45:8d:44:62:a4:3e:51:c3:
b4:7b:8a:cd:10:b1:16:73:18:e0:20:69:30:b2:a0:
5b:92:f7:80:92:7b:6c:e7:d0:c8:e3:2b:f3:97:bf:
26:89:6a:b1:3e:14:02:3c:0b:59:50:5d:9f:04:0d:
6f:bd:97:db:97:ae:2b:ab:d4:a6:64:ca:e8:93:16:
a9:22:0a:ac:88:8d:7f:56:a2:00:43:4a:69:a8:3d:
fa:09:6c:f7:7b:b5:11:a9:bb:c7:a8:18:b8:2f:a7:
fb:cf:43:e7:14:f7:5b:79:a3:d6:8d:8a:7e:bf:d0:
f4:ba:11:ca:1e:65:84:10:87:9f:de:e0:f4:e0:7b:
61:35:96:bc:78:45:af:9b:15:0c:8d:06:07:84:ca:
34:c6:08:16:71:fb:90:8b:f5:5b:21:8b:fb:34:53:
8c:5e:d4:3e:1a:52:bb:d2:c5:6f:2a:6b:a8:af:6e:
ac:f2:c0:cd:03:1b:5c:b2:83:39:50:d5:0a:1e:c5:
54:cd:d0:49:5b:1d:b5:7e:1a:45:e3:62:04:e5:05:
ea:ee:93:55:4b:bb:82:88:e8:7a:43:96:64:2d:c9:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A2:8B:2F:70:AB:B4:E4:8F:99:6E:CF:76:7D:C2:27:33:1E:EB:7A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5qKLL3CrtOSPmW7Pdn3CJzMe63o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:768::/45
Signature Algorithm: sha256WithRSAEncryption
81:d6:13:0e:5b:4d:0d:91:16:6d:f3:9f:93:08:2d:70:da:cf:
90:6a:05:d5:47:01:31:40:07:7d:00:5a:82:73:0a:80:45:37:
14:2c:a1:44:89:34:0c:5f:39:e0:08:0f:73:f8:c2:b5:db:81:
cc:01:cd:71:35:e8:77:8f:7b:1a:5c:55:25:3a:fb:68:cb:db:
4c:06:fc:10:d0:95:70:8f:ff:f1:c0:27:f6:80:62:20:26:81:
23:99:90:1c:26:c2:5f:8f:55:e4:ed:ab:44:3d:a1:7c:9d:e8:
a5:37:66:30:75:7c:80:9f:c0:88:22:d8:9a:e5:d6:86:26:c7:
f4:7c:57:6c:95:40:a1:d7:02:a1:e6:22:90:c0:21:af:29:ee:
44:98:81:e6:59:6e:ae:68:a6:e3:77:07:5f:36:7a:7c:61:ae:
13:27:3c:86:c0:97:f2:77:a9:a1:28:ab:32:70:da:d9:ac:64:
c6:42:87:49:f5:af:6f:e8:20:e5:a7:7e:db:8e:58:fd:a1:98:
1d:aa:77:f8:80:aa:b5:6c:b9:68:87:58:5a:c3:49:bb:7e:64:
dd:5f:e5:d2:10:b6:40:ac:fe:b1:97:b3:53:68:13:a5:17:f4:
9d:97:48:42:51:17:fe:f2:dc:05:49:61:f1:f2:68:b6:92:27:
ba:a1:51:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvNv+KSsfjmCdHegIRiAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmEyOGIyZjcwYWJiNGU0OGY5OTZlY2Y3NjdkYzIyNzMzMWVlYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifGp6O52vr/bCGcgRebNOSEOTmmA
9Fld3dfWKP27bjnChVnNRY1EYqQ+UcO0e4rNELEWcxjgIGkwsqBbkveAknts59DI
4yvzl78miWqxPhQCPAtZUF2fBA1vvZfbl64rq9SmZMrokxapIgqsiI1/VqIAQ0pp
qD36CWz3e7URqbvHqBi4L6f7z0PnFPdbeaPWjYp+v9D0uhHKHmWEEIef3uD04Hth
NZa8eEWvmxUMjQYHhMo0xggWcfuQi/VbIYv7NFOMXtQ+GlK70sVvKmuor26s8sDN
AxtcsoM5UNUKHsVUzdBJWx21fhpF42IE5QXq7pNVS7uCiOh6Q5ZkLcl1XQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOaiiy9wq7Tkj5luz3Z9wiczHut6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNXFLTEwzQ3J0T1NQbVc3UGRuM0NKek1lNjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xBwdo
MA0GCSqGSIb3DQEBCwUAA4IBAQCB1hMOW00NkRZt85+TCC1w2s+QagXVRwExQAd9
AFqCcwqARTcULKFEiTQMXzngCA9z+MK124HMAc1xNeh3j3saXFUlOvtoy9tMBvwQ
0JVwj//xwCf2gGIgJoEjmZAcJsJfj1Xk7atEPaF8neilN2YwdXyAn8CIItia5daG
Jsf0fFdslUCh1wKh5iKQwCGvKe5EmIHmWW6uaKbjdwdfNnp8Ya4TJzyGwJfyd6mh
KKsycNrZrGTGQodJ9a9v6CDlp37bjlj9oZgdqnf4gKq1bLloh1haw0m7fmTdX+XS
ELZArP6xl7NTaBOlF/Sdl0hCURf+8twFSWHx8mi2kie6oVHF
-----END CERTIFICATE-----
Generated at Thu Jan 11 18:15:41 2024 by rpki-client on console-ams.rpki-client.org