Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8wXWQ2Kn4CpJkdRe5azvwweNF-M.roa
File: 8wXWQ2Kn4CpJkdRe5azvwweNF-M.roa (raw, json)
Hash identifier: 0TlfzuLI/Zai5oLQSS0gQ8HKboAhRzd2tBYUEccYCis=
Subject key identifier: F3:05:D6:43:62:A7:E0:2A:49:91:D4:5E:E5:AC:EF:C3:07:8D:17:E3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E8004152FB84AD2623A59171E673E2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8wXWQ2Kn4CpJkdRe5azvwweNF-M.roa
Signing time: Mon 02 Jan 2023 05:15:30 +0000
ROA not before: Mon 02 Jan 2023 05:15:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211305
IP address blocks: 2a0e:97c0:385::/48 maxlen: 48
2a0e:97c0:380::/48 maxlen: 48
2a0e:97c0:383::/48 maxlen: 48
2a0e:97c0:381::/48 maxlen: 48
2a0e:97c0:384::/48 maxlen: 48
2a0e:97c0:382::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jan 2023 15:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:00:41:52:fb:84:ad:26:23:a5:91:71:e6:73:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f305d64362a7e02a4991d45ee5acefc3078d17e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:85:c3:cb:63:12:17:d4:4d:e9:f0:91:10:b2:
2c:b4:65:cb:8a:79:38:c1:d8:10:b3:91:fb:44:a4:
1c:cc:82:9f:68:c8:62:62:ae:51:69:f2:03:ce:fc:
bc:73:64:32:a3:17:da:a1:83:66:1c:0e:71:06:8f:
76:99:95:da:d4:3c:eb:ab:45:63:3d:ef:54:35:c1:
75:65:81:c9:d7:c8:60:3a:70:00:06:00:17:56:e4:
cb:c2:1a:c8:e9:ac:03:ce:d3:6b:05:53:46:0a:ba:
72:a6:f9:53:96:69:5e:1c:41:1c:36:8d:a5:79:37:
cb:b1:e6:93:d9:2d:6c:ab:37:c8:3b:66:ba:57:47:
52:1e:f6:aa:e7:e9:9e:95:ad:5b:73:57:54:25:5a:
23:71:db:35:87:99:70:25:46:29:30:63:74:d8:ea:
1a:0c:a1:e2:50:6c:10:0d:f5:2c:8d:45:35:3a:49:
01:d7:e2:ab:6e:05:a5:c3:6a:19:25:f9:5f:95:42:
9b:c6:2c:87:55:db:f4:af:25:06:2e:ca:52:0c:90:
3c:8d:14:4c:87:36:99:aa:1e:33:df:12:71:38:a0:
27:50:04:a8:09:27:21:03:43:35:48:9c:76:b2:c4:
ce:b4:c0:af:7f:db:f0:07:2b:a1:8a:8a:ce:9a:81:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:05:D6:43:62:A7:E0:2A:49:91:D4:5E:E5:AC:EF:C3:07:8D:17:E3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8wXWQ2Kn4CpJkdRe5azvwweNF-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:380::-2a0e:97c0:385:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
aa:0d:eb:eb:61:c6:49:1d:2c:62:2d:48:bb:dc:1b:03:f4:69:
6c:3d:2b:18:78:9d:f4:94:06:1c:81:66:63:41:ef:13:42:62:
73:4f:e8:57:65:20:0a:ef:02:f8:f7:8b:00:50:98:a1:b4:9b:
0b:0f:3d:48:dc:49:f5:43:d7:08:10:36:64:65:d4:87:a7:a7:
f0:40:fc:66:78:82:2d:60:27:53:90:55:31:2b:3a:11:c9:c2:
63:37:cc:b4:c0:59:84:db:cc:fe:ed:e7:83:90:86:ad:bc:6a:
f5:a9:3a:05:ed:4b:a5:fb:ac:09:35:a2:9a:5a:a5:c4:bf:97:
28:89:05:48:f5:a4:ba:9f:4d:e4:11:cd:bd:e1:e9:0d:e8:90:
4a:8d:c8:cb:75:d4:21:27:f7:db:20:6d:fc:20:76:c8:2a:21:
3a:1a:f2:98:a9:2d:62:e4:27:da:34:42:df:e1:c6:8e:27:ef:
f3:31:b2:cf:a9:99:21:80:91:eb:33:25:f5:97:0b:f2:8a:54:
78:27:fe:38:7a:36:52:09:cd:d4:65:35:f0:66:55:69:10:b4:
28:b4:96:5c:cf:ec:04:6a:d8:30:ad:0a:6f:87:f9:cc:4d:25:
21:b0:45:4f:ad:45:2e:ba:2c:85:ad:f4:ea:c7:19:45:d0:4f:
63:ae:b1:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVw6ABBUvuErSYjpZFx5nPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzA1ZDY0MzYyYTdlMDJhNDk5MWQ0NWVlNWFjZWZjMzA3OGQxN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oXDy2MSF9RN6fCRELIstGXLink4
wdgQs5H7RKQczIKfaMhiYq5RafIDzvy8c2QyoxfaoYNmHA5xBo92mZXa1Dzrq0Vj
Pe9UNcF1ZYHJ18hgOnAABgAXVuTLwhrI6awDztNrBVNGCrpypvlTlmleHEEcNo2l
eTfLseaT2S1sqzfIO2a6V0dSHvaq5+mela1bc1dUJVojcds1h5lwJUYpMGN02Ooa
DKHiUGwQDfUsjUU1OkkB1+KrbgWlw2oZJflflUKbxiyHVdv0ryUGLspSDJA8jRRM
hzaZqh4z3xJxOKAnUASoCSchA0M1SJx2ssTOtMCvf9vwByuhiorOmoEuTQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPMF1kNip+AqSZHUXuWs78MHjRfjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOHdYV1EyS240Q3BKa2RSZTVhenZ3d2VORi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDpfA
A4ADBwEqDpfAA4QwDQYJKoZIhvcNAQELBQADggEBAKoN6+thxkkdLGItSLvcGwP0
aWw9Kxh4nfSUBhyBZmNB7xNCYnNP6FdlIArvAvj3iwBQmKG0mwsPPUjcSfVD1wgQ
NmRl1Ienp/BA/GZ4gi1gJ1OQVTErOhHJwmM3zLTAWYTbzP7t54OQhq28avWpOgXt
S6X7rAk1oppapcS/lyiJBUj1pLqfTeQRzb3h6Q3okEqNyMt11CEn99sgbfwgdsgq
IToa8pipLWLkJ9o0Qt/hxo4n7/Mxss+pmSGAkeszJfWXC/KKVHgn/jh6NlIJzdRl
NfBmVWkQtCi0llzP7ARq2DCtCm+H+cxNJSGwRU+tRS66LIWt9OrHGUXQT2OusaQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:23 2024 by rpki-client on console-fra.rpki-client.org