Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Dni4ocFaohHG2MjxGg_w_l22KE.roa
File: 7Dni4ocFaohHG2MjxGg_w_l22KE.roa (raw, json)
Hash identifier: 3JC8Vt5X7dWC3OQFmcuiemnLFz9Hz01CMCEVoOyzOnY=
Subject key identifier: EC:39:E2:E2:87:05:6A:88:47:1B:63:23:C4:68:3F:C3:F9:76:D8:A1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01861A619E0C4A741D85B92269F6A1253751
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Dni4ocFaohHG2MjxGg_w_l22KE.roa
Signing time: Sat 04 Feb 2023 03:04:10 +0000
ROA not before: Sat 04 Feb 2023 03:04:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:660::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Feb 2023 05:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1a:61:9e:0c:4a:74:1d:85:b9:22:69:f6:a1:25:37:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 4 03:04:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec39e2e287056a88471b6323c4683fc3f976d8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:ee:02:1d:14:90:54:f1:70:20:6f:9e:df:
06:e3:5c:d2:68:e3:ab:91:17:8d:86:7b:e0:a4:f3:
fa:a3:0f:40:94:68:38:d4:b7:45:b8:b1:86:19:d0:
3d:38:c1:d6:88:28:31:76:ee:e8:f3:5e:73:85:92:
e3:b7:c3:c4:13:14:7d:41:65:2e:cb:d4:c1:3f:0e:
5c:2f:80:e2:f1:de:dd:86:5c:50:97:5c:43:90:13:
80:84:19:14:52:16:df:04:2d:b3:2b:1f:95:df:46:
36:f6:69:9d:3c:e3:8f:ca:ac:b8:82:61:db:09:fb:
d2:b3:a4:33:7d:d0:37:32:26:1b:68:bc:19:08:66:
d4:8f:d9:7b:83:1b:c3:84:28:93:68:5e:22:d4:59:
5c:85:f2:8b:84:41:10:49:c9:c5:7e:72:44:68:53:
cf:86:be:53:96:56:21:f9:9d:74:08:6b:fa:95:b8:
09:f8:1f:e2:d2:1e:bb:cb:df:a2:a1:b1:9f:b1:8b:
97:a6:da:3d:77:5b:2e:da:ea:13:67:99:25:52:0b:
87:e5:52:b1:d3:d6:54:18:ed:4e:7c:71:71:7f:c7:
fc:e2:5c:0d:43:69:a5:33:8f:af:d2:f7:93:58:d6:
63:d1:a8:4b:e2:0e:21:ef:45:20:07:da:59:25:55:
22:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:39:E2:E2:87:05:6A:88:47:1B:63:23:C4:68:3F:C3:F9:76:D8:A1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7Dni4ocFaohHG2MjxGg_w_l22KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:600::/44
2a0e:b107:660::/44
2a0e:b107:800::/44
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
3f:94:92:24:fd:b6:2c:1c:6e:ed:9b:44:80:74:5a:f7:49:36:
68:c2:7f:bb:ad:f0:31:39:e0:e1:5e:59:85:09:a9:c8:df:9b:
96:97:f8:57:46:99:90:ea:0f:5a:93:27:a3:51:59:ed:8c:b8:
1c:99:b5:2d:d8:23:b5:7d:4f:0e:0e:49:57:07:00:a4:98:56:
86:73:d5:3f:64:ed:18:2c:b1:09:9c:26:17:cf:40:ea:0b:4c:
83:4b:db:15:8b:24:bd:b5:e0:3c:26:59:b7:7d:4a:de:f2:52:
89:52:ba:84:d5:7c:d7:24:e0:83:87:b3:ab:07:1a:1f:82:79:
06:20:dd:44:9a:c5:8f:75:d4:fe:9c:d7:8b:2b:93:95:cf:2c:
12:7b:de:70:2c:98:f8:45:40:90:67:58:4c:67:f5:9a:19:ee:
35:33:0d:de:fe:10:5f:e7:55:6b:42:b9:eb:90:9a:82:87:9d:
15:15:02:38:34:5b:c7:e1:e6:4a:0a:93:b0:f1:e7:a9:6d:1e:
97:df:c7:80:2c:d5:60:85:2d:5b:77:75:d0:35:18:2a:a0:db:
d5:40:bb:a6:cb:85:a3:9a:69:17:a8:fa:57:42:0d:4e:de:a8:
c0:a3:71:39:85:a1:04:98:a1:3b:85:3a:d9:c9:0d:1f:c5:8e:
12:4d:6b:70
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYYaYZ4MSnQdhbkiafahJTdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA0MDMwNDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzM5ZTJlMjg3MDU2YTg4NDcxYjYzMjNjNDY4M2ZjM2Y5NzZkOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/DuAh0UkFTxcCBvnt8G41zSaOOr
kReNhnvgpPP6ow9AlGg41LdFuLGGGdA9OMHWiCgxdu7o815zhZLjt8PEExR9QWUu
y9TBPw5cL4Di8d7dhlxQl1xDkBOAhBkUUhbfBC2zKx+V30Y29mmdPOOPyqy4gmHb
CfvSs6QzfdA3MiYbaLwZCGbUj9l7gxvDhCiTaF4i1FlchfKLhEEQScnFfnJEaFPP
hr5TllYh+Z10CGv6lbgJ+B/i0h67y9+iobGfsYuXpto9d1su2uoTZ5klUguH5VKx
09ZUGO1OfHFxf8f84lwNQ2mlM4+v0veTWNZj0ahL4g4h70UgB9pZJVUixQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOw54uKHBWqIRxtjI8RoP8P5dtihMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN0RuaTRvY0Zhb2hIRzJNanhHZ193X2wyMktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcEKg6xBwYA
AwcEKg6xBwZgAwcEKg6xBwgAAwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEB
CwUAA4IBAQA/lJIk/bYsHG7tm0SAdFr3STZown+7rfAxOeDhXlmFCanI35uWl/hX
RpmQ6g9akyejUVntjLgcmbUt2CO1fU8ODklXBwCkmFaGc9U/ZO0YLLEJnCYXz0Dq
C0yDS9sViyS9teA8Jlm3fUre8lKJUrqE1XzXJOCDh7OrBxofgnkGIN1EmsWPddT+
nNeLK5OVzywSe95wLJj4RUCQZ1hMZ/WaGe41Mw3e/hBf51VrQrnrkJqCh50VFQI4
NFvH4eZKCpOw8eepbR6X38eALNVghS1bd3XQNRgqoNvVQLumy4WjmmkXqPpXQg1O
3qjAo3E5haEEmKE7hTrZyQ0fxY4STWtw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org