Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8caO-X0saFPBm_l5CyMMZuzqCPU.roa
File: 8caO-X0saFPBm_l5CyMMZuzqCPU.roa (raw, json)
Hash identifier: b/UfPMM6a+km8OKbds+nyqJZ/LvgeZKRsBVhSAnexGw=
Subject key identifier: F1:C6:8E:F9:7D:2C:68:53:C1:9B:F9:79:0B:23:0C:66:EC:EA:08:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D0829EA7BDDAE6809D81F50282C0AEDCF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8caO-X0saFPBm_l5CyMMZuzqCPU.roa
Signing time: Sun 14 Jan 2024 13:29:41 +0000
ROA not before: Sun 14 Jan 2024 13:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Feb 2024 12:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:29:ea:7b:dd:ae:68:09:d8:1f:50:28:2c:0a:ed:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 14 13:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1c68ef97d2c6853c19bf9790b230c66ecea08f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b7:a0:bb:ef:ca:e8:bc:6d:e9:ce:87:22:49:
09:b3:ae:85:80:81:ac:0e:41:e5:60:30:ec:b8:92:
16:fb:7f:38:eb:e7:4a:a3:8c:91:1f:06:52:d8:b6:
21:00:32:e1:90:7b:92:97:50:19:68:f3:55:85:96:
33:8e:7e:39:38:f8:f0:5d:66:8e:1e:f8:92:c8:2b:
f4:61:74:84:42:8b:9e:90:06:76:13:70:33:f2:14:
6e:ff:2a:e8:04:80:fa:34:7b:58:e1:8c:a9:63:1c:
c1:d7:fb:49:e3:a5:41:38:30:4e:c0:5b:b0:bc:1d:
13:e2:48:33:0a:d2:09:86:09:da:33:34:ff:b4:77:
17:79:5f:3f:f2:03:31:25:91:c8:c2:76:1c:1d:bb:
81:1c:7f:fd:89:fe:a3:58:2d:f9:e8:2d:7f:a7:f2:
52:34:85:d4:12:b5:92:c0:60:cd:6b:7f:db:1b:bb:
e3:65:d7:a7:3a:5b:43:e7:0d:91:73:3b:1a:68:58:
69:59:9f:df:d9:31:34:6f:33:c6:24:58:bb:b5:61:
9c:47:4f:c7:f0:ba:d4:d9:ba:30:8f:98:38:65:09:
ee:29:12:99:26:45:7f:56:6f:44:ad:df:4b:08:9b:
cf:6f:bc:98:40:48:e8:be:1a:8e:b2:b0:f7:94:11:
c0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C6:8E:F9:7D:2C:68:53:C1:9B:F9:79:0B:23:0C:66:EC:EA:08:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8caO-X0saFPBm_l5CyMMZuzqCPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
39:13:d8:99:41:84:1f:e9:38:10:4b:7d:2c:a6:f2:ce:ed:25:
5a:33:30:08:5a:85:85:8b:b2:0c:23:cb:f9:24:23:44:22:77:
0d:e5:30:27:6d:fe:ae:26:6a:33:7a:16:6c:1c:76:69:ac:85:
4f:7a:fd:de:f5:d2:e1:82:13:23:be:eb:75:5c:76:00:22:ec:
70:46:f7:66:96:55:31:45:1f:36:0e:d6:40:9e:7c:5c:9a:87:
f0:cc:e5:3a:78:b2:a3:9e:42:c5:17:6e:70:5b:e2:18:c7:80:
84:51:2b:25:f9:bb:ec:98:bd:31:1b:9d:ad:12:81:ec:8d:51:
a0:2f:60:8c:95:c7:f8:6c:30:8a:11:85:b0:cc:02:a1:eb:78:
aa:ab:a6:04:6c:78:c4:9b:28:20:97:bf:ee:57:cc:cd:8a:85:
95:ff:c9:cb:8c:60:fe:42:49:26:db:79:e9:98:1c:0c:61:1a:
98:da:ba:56:c8:24:ba:44:bb:4d:17:0f:f9:30:d6:80:3f:e5:
c0:82:20:c2:bb:71:bf:17:b8:2f:58:1f:e6:6a:da:11:1c:76:
56:cf:ef:52:35:b1:57:50:bd:43:dd:8b:6d:0d:df:46:34:8f:
8d:6d:8d:d1:46:b1:ce:37:49:47:e8:e7:36:16:53:42:8f:e3:
cc:06:77:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0IKep73a5oCdgfUCgsCu3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE0MTMyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM2OGVmOTdkMmM2ODUzYzE5YmY5NzkwYjIzMGM2NmVjZWEwOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLegu+/K6Lxt6c6HIkkJs66FgIGs
DkHlYDDsuJIW+3846+dKo4yRHwZS2LYhADLhkHuSl1AZaPNVhZYzjn45OPjwXWaO
HviSyCv0YXSEQouekAZ2E3Az8hRu/yroBID6NHtY4YypYxzB1/tJ46VBODBOwFuw
vB0T4kgzCtIJhgnaMzT/tHcXeV8/8gMxJZHIwnYcHbuBHH/9if6jWC356C1/p/JS
NIXUErWSwGDNa3/bG7vjZdenOltD5w2RczsaaFhpWZ/f2TE0bzPGJFi7tWGcR0/H
8LrU2bowj5g4ZQnuKRKZJkV/Vm9Erd9LCJvPb7yYQEjovhqOsrD3lBHAIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPHGjvl9LGhTwZv5eQsjDGbs6gj1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOGNhTy1YMHNhRlBCbV9sNUN5TU1adXpxQ1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQA5E9iZQYQf6TgQ
S30spvLO7SVaMzAIWoWFi7IMI8v5JCNEIncN5TAnbf6uJmozehZsHHZprIVPev3e
9dLhghMjvut1XHYAIuxwRvdmllUxRR82DtZAnnxcmofwzOU6eLKjnkLFF25wW+IY
x4CEUSsl+bvsmL0xG52tEoHsjVGgL2CMlcf4bDCKEYWwzAKh63iqq6YEbHjEmygg
l7/uV8zNioWV/8nLjGD+Qkkm23npmBwMYRqY2rpWyCS6RLtNFw/5MNaAP+XAgiDC
u3G/F7gvWB/matoRHHZWz+9SNbFXUL1D3YttDd9GNI+NbY3RRrHON0lH6Oc2FlNC
j+PMBndn
-----END CERTIFICATE-----
Generated at Thu Feb 8 16:56:11 2024 by rpki-client on console-fra.rpki-client.org