Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7sYXoB-bpkGkT89Kc-U7dOJs8o8.roa
File: 7sYXoB-bpkGkT89Kc-U7dOJs8o8.roa (raw, json)
Hash identifier: yb9m5Cnd/A6ROW5+mnJ9Fkp3ly1Z+vc2IZL74QdOsJc=
Subject key identifier: EE:C6:17:A0:1F:9B:A6:41:A4:4F:CF:4A:73:E5:3B:74:E2:6C:F2:8F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD51F1ECA887E59EA6DCB073DB7887
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7sYXoB-bpkGkT89Kc-U7dOJs8o8.roa
Signing time: Tue 02 Jan 2024 10:34:36 +0000
ROA not before: Tue 02 Jan 2024 10:34:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a0e:b107:2804::/46 maxlen: 48
2a0e:b107:27fc::/46 maxlen: 48
2a0e:b107:27d4::/46 maxlen: 48
2a0e:b107:2800::/46 maxlen: 48
2a0e:b107:27f8::/46 maxlen: 48
2a0e:b107:27d0::/46 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 15:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:51:f1:ec:a8:87:e5:9e:a6:dc:b0:73:db:78:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eec617a01f9ba641a44fcf4a73e53b74e26cf28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:26:30:74:e3:1e:5d:87:2f:fe:47:7f:55:0f:
ad:45:c4:49:3c:1c:1a:e6:36:bc:13:43:1c:b7:a4:
e2:ae:8c:e8:be:69:cb:cb:6e:83:57:d4:fa:ff:dc:
d5:a2:40:54:8c:e9:6c:3d:c9:2e:6a:14:9d:f2:63:
bb:92:ee:79:8b:12:17:97:db:c2:fb:74:a6:6c:7f:
2f:7e:7c:d4:57:bf:a8:bc:95:cf:25:bc:88:46:4d:
d9:60:ed:ae:61:5f:96:ae:67:8d:87:a8:a7:cb:1c:
e0:06:94:84:4c:4e:ce:fc:3b:bf:1b:c7:f6:ac:6f:
79:53:80:95:00:e7:fe:bc:8b:6a:f9:4c:98:fd:b1:
dd:7b:f3:77:2a:db:fd:69:9c:fb:38:bc:e2:9b:d4:
f4:55:62:4f:53:a0:3b:78:ff:c4:94:41:96:b6:88:
6c:7f:e6:8b:ba:b2:de:e6:6f:c3:7b:94:7c:ba:13:
d7:e5:e7:ee:20:3e:88:6a:35:21:42:13:16:91:cc:
23:3b:21:0b:f5:d8:6a:42:a0:3b:41:81:e9:c9:29:
30:00:a4:e2:c4:c7:a2:25:ae:c5:d2:0e:e0:cf:e9:
5c:15:f0:5c:be:da:83:6a:8f:4e:8e:23:db:6f:50:
b7:bd:ac:f2:17:ce:2a:7f:f4:2b:92:ff:3a:56:fd:
38:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C6:17:A0:1F:9B:A6:41:A4:4F:CF:4A:73:E5:3B:74:E2:6C:F2:8F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7sYXoB-bpkGkT89Kc-U7dOJs8o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f8::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:9b:8d:fb:43:8d:90:db:16:33:f4:e9:57:16:c3:81:f7:d8:
3c:40:89:e6:6f:ca:6e:b1:33:e0:76:0c:91:80:5a:99:a1:f5:
b3:3b:91:a7:12:06:0f:d7:a2:5a:e9:34:72:13:1a:fd:68:68:
d9:e8:a7:ed:31:9f:c8:d7:97:a2:af:7a:a0:1f:21:10:4f:33:
e1:35:dc:78:8d:04:32:dd:aa:74:eb:ee:ef:1a:22:6b:a5:34:
ac:2a:b4:87:93:7b:ee:21:c1:55:f0:82:ca:dc:e5:df:74:28:
d5:6c:39:dc:93:6e:fb:e7:61:9e:25:3f:23:04:08:ff:ae:ef:
ef:20:6d:84:62:8d:13:0b:59:68:fb:c3:70:e4:0f:db:d6:30:
36:f6:05:38:d0:dd:31:a4:ac:72:e5:66:4a:36:4e:6b:99:ea:
ab:a7:ff:0b:86:3d:f2:58:64:3e:48:2d:e1:5c:3f:41:a9:99:
aa:f3:5c:16:16:76:e0:0e:8c:62:aa:af:a7:93:77:da:35:8b:
e6:e4:24:ac:42:01:50:9d:dd:f3:9b:eb:e7:ea:78:38:2a:6d:
f0:99:c0:ef:ca:40:b5:a9:90:72:63:e5:bc:7e:97:b3:9a:25:
63:45:b3:2d:88:c6:b0:a0:6c:c1:5c:ff:df:66:53:76:21:4e:
99:6c:1a:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvVHx7KiH5Z6m3LBz23iHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM2MTdhMDFmOWJhNjQxYTQ0ZmNmNGE3M2U1M2I3NGUyNmNmMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyYwdOMeXYcv/kd/VQ+tRcRJPBwa
5ja8E0Mct6TirozovmnLy26DV9T6/9zVokBUjOlsPckuahSd8mO7ku55ixIXl9vC
+3SmbH8vfnzUV7+ovJXPJbyIRk3ZYO2uYV+WrmeNh6inyxzgBpSETE7O/Du/G8f2
rG95U4CVAOf+vItq+UyY/bHde/N3Ktv9aZz7OLzim9T0VWJPU6A7eP/ElEGWtohs
f+aLurLe5m/De5R8uhPX5efuID6IajUhQhMWkcwjOyEL9dhqQqA7QYHpySkwAKTi
xMeiJa7F0g7gz+lcFfBcvtqDao9OjiPbb1C3vazyF84qf/Qrkv86Vv04vQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO7GF6Afm6ZBpE/PSnPlO3TibPKPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN3NZWG9CLWJwa0drVDg5S2MtVTdkT0pzOG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcDKg6xByfQ
MBIDBwMqDrEHJ/gDBwMqDrEHKAAwDQYJKoZIhvcNAQELBQADggEBAA+bjftDjZDb
FjP06VcWw4H32DxAieZvym6xM+B2DJGAWpmh9bM7kacSBg/XolrpNHITGv1oaNno
p+0xn8jXl6KveqAfIRBPM+E13HiNBDLdqnTr7u8aImulNKwqtIeTe+4hwVXwgsrc
5d90KNVsOdyTbvvnYZ4lPyMECP+u7+8gbYRijRMLWWj7w3DkD9vWMDb2BTjQ3TGk
rHLlZko2TmuZ6qun/wuGPfJYZD5ILeFcP0GpmarzXBYWduAOjGKqr6eTd9o1i+bk
JKxCAVCd3fOb6+fqeDgqbfCZwO/KQLWpkHJj5bx+l7OaJWNFsy2IxrCgbMFc/99m
U3YhTplsGq0=
-----END CERTIFICATE-----
Generated at Sun Jan 7 18:24:07 2024 by rpki-client on console-ams.rpki-client.org