Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6Bc7BZ7nSa4UfWtraBF75S3CB4c.roa
File: 6Bc7BZ7nSa4UfWtraBF75S3CB4c.roa (raw, json)
Hash identifier: asaJOWCy5oBgzJKsQJESxQvN3sMcLIX5UV8zFkoRKfs=
Subject key identifier: E8:17:3B:05:9E:E7:49:AE:14:7D:6B:6B:68:11:7B:E5:2D:C2:07:87
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188F83A020A220B3556F69D578FDCA870CF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6Bc7BZ7nSa4UfWtraBF75S3CB4c.roa
Signing time: Mon 26 Jun 2023 15:02:11 +0000
ROA not before: Mon 26 Jun 2023 15:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Jun 2023 16:51:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f8:3a:02:0a:22:0b:35:56:f6:9d:57:8f:dc:a8:70:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 26 15:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8173b059ee749ae147d6b6b68117be52dc20787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:99:b6:dd:1b:45:3d:b1:fb:35:11:ab:2b:
cd:4c:41:e4:b8:0c:8c:7c:7e:26:04:4a:c9:ea:51:
0f:8a:bf:25:af:5f:64:98:fa:e7:47:a3:63:bd:92:
dc:25:c6:81:cd:56:7a:a9:d1:2e:25:ce:b2:0a:cd:
67:e2:f9:ec:73:89:2c:9c:81:ba:0d:77:28:67:f3:
b4:5f:64:c4:1d:a6:ec:c0:78:a9:53:07:9c:8f:d4:
72:5e:f1:0b:1a:3c:aa:68:3b:93:97:d9:a9:e8:dc:
79:2f:dd:f8:94:08:23:1c:89:98:9c:86:01:9e:ff:
92:28:b2:ed:35:28:9b:e0:b8:81:41:ef:72:88:45:
41:f4:9f:a6:c4:07:6e:d0:7c:40:28:58:03:28:6d:
4e:07:83:68:29:94:c7:b7:1c:57:5a:54:e7:82:e0:
51:8d:db:2f:cd:8f:99:d7:a8:fb:9d:87:51:5d:32:
b2:d6:a8:b1:6a:22:75:e8:99:9b:ec:ec:78:00:df:
b7:6e:6e:02:8d:71:c1:db:fa:f1:63:05:77:16:de:
91:b9:a5:ca:93:7a:0e:f5:46:7c:aa:c3:5f:f7:06:
0f:47:9c:21:0a:33:73:52:32:f6:85:c2:42:01:7d:
1f:d8:cf:bb:35:c7:ba:02:53:27:e7:14:c2:42:50:
0c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:17:3B:05:9E:E7:49:AE:14:7D:6B:6B:68:11:7B:E5:2D:C2:07:87
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6Bc7BZ7nSa4UfWtraBF75S3CB4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
1a:79:51:5a:f5:e4:16:fa:ae:28:48:a0:43:d7:0a:5a:78:e4:
a7:e5:4d:1b:73:6f:7a:b4:09:b0:db:e7:ae:05:08:f8:70:33:
58:f5:ea:c8:df:f1:7b:ea:f9:36:a2:a8:c0:99:88:3a:82:72:
11:72:51:d7:a7:0f:90:db:61:0c:ae:13:8d:6d:ef:9f:90:9e:
ac:6a:ac:9f:df:d5:21:59:be:bc:fb:73:39:4c:ab:a6:bd:fa:
03:a3:06:19:d5:cf:23:ea:97:e8:1e:5d:6a:bf:ec:0e:77:c5:
69:92:75:b8:8e:f5:52:91:3a:ab:66:43:f4:7b:08:2d:2e:9d:
61:9d:70:25:a5:e2:41:cb:96:dd:00:0c:ac:9a:52:03:bc:5a:
7c:8e:dc:b1:73:46:2d:73:a0:23:48:7b:8d:c8:29:14:a1:03:
16:36:37:52:35:04:15:66:f8:ee:a3:9f:d6:e6:83:e3:9c:60:
22:65:df:00:9d:83:bd:30:64:f9:aa:09:19:a4:b9:59:ed:c9:
0c:1b:77:2f:5a:19:07:88:88:c7:13:e8:af:05:13:c9:ee:55:
62:d9:c9:ca:63:d3:8a:a9:71:16:8c:79:61:b7:ce:98:61:aa:
9b:92:46:de:c5:6b:f2:fa:83:41:c2:96:a3:78:4f:1c:d9:27:
37:b2:0d:82
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYj4OgIKIgs1VvadV4/cqHDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjI2MTUwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE3M2IwNTllZTc0OWFlMTQ3ZDZiNmI2ODExN2JlNTJkYzIwNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsWZtt0bRT2x+zURqyvNTEHkuAyM
fH4mBErJ6lEPir8lr19kmPrnR6NjvZLcJcaBzVZ6qdEuJc6yCs1n4vnsc4ksnIG6
DXcoZ/O0X2TEHabswHipUwecj9RyXvELGjyqaDuTl9mp6Nx5L934lAgjHImYnIYB
nv+SKLLtNSib4LiBQe9yiEVB9J+mxAdu0HxAKFgDKG1OB4NoKZTHtxxXWlTnguBR
jdsvzY+Z16j7nYdRXTKy1qixaiJ16Jmb7Ox4AN+3bm4CjXHB2/rxYwV3Ft6RuaXK
k3oO9UZ8qsNf9wYPR5whCjNzUjL2hcJCAX0f2M+7Nce6AlMn5xTCQlAMKQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOgXOwWe50muFH1ra2gRe+UtwgeHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNkJjN0JaN25TYTRVZld0cmFCRjc1UzNDQjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcEKg6XwARg
AwUAKg6xAQMHBCoOsQcSoAMHBCoQzEAB0AMHBCoQzEEBEDANBgkqhkiG9w0BAQsF
AAOCAQEAGnlRWvXkFvquKEigQ9cKWnjkp+VNG3NverQJsNvnrgUI+HAzWPXqyN/x
e+r5NqKowJmIOoJyEXJR16cPkNthDK4TjW3vn5CerGqsn9/VIVm+vPtzOUyrpr36
A6MGGdXPI+qX6B5dar/sDnfFaZJ1uI71UpE6q2ZD9HsILS6dYZ1wJaXiQcuW3QAM
rJpSA7xafI7csXNGLXOgI0h7jcgpFKEDFjY3UjUEFWb47qOf1uaD45xgImXfAJ2D
vTBk+aoJGaS5We3JDBt3L1oZB4iIxxPorwUTye5VYtnJymPTiqlxFox5YbfOmGGq
m5JG3sVr8vqDQcKWo3hPHNknN7INgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:54 2024 by rpki-client on console-ams.rpki-client.org