Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xo21pjK0Bx4XWGVUTdvFagHi_U.roa
File: 8xo21pjK0Bx4XWGVUTdvFagHi_U.roa (raw, json)
Hash identifier: EGBcUajMQjSXcAhbzJfmBjFkmWHzA34xMK7d7I8eOvE=
Subject key identifier: F3:1A:36:D6:98:CA:D0:1C:78:5D:61:95:51:37:6F:15:A8:07:8B:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F9BE5B55938066E6B2CC1452D57EB49DB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xo21pjK0Bx4XWGVUTdvFagHi_U.roa
Signing time: Tue 21 May 2024 16:04:33 +0000
ROA not before: Tue 21 May 2024 16:04:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:b107:1e10::/48 maxlen: 48
2a0e:b107:1e11::/48 maxlen: 48
2a0e:b107:1e12::/48 maxlen: 48
2a0e:b107:1e13::/48 maxlen: 48
2a0e:b107:1e14::/48 maxlen: 48
2a0e:b107:1e15::/48 maxlen: 48
2a0e:b107:1e16::/48 maxlen: 48
2a0e:b107:1e17::/48 maxlen: 48
2a0e:b107:1e18::/48 maxlen: 48
2a0e:b107:1e19::/48 maxlen: 48
2a0e:b107:1e1a::/48 maxlen: 48
2a0e:b107:1e1b::/48 maxlen: 48
2a0e:b107:1e1c::/48 maxlen: 48
2a0e:b107:1e1d::/48 maxlen: 48
2a0e:b107:1e1e::/48 maxlen: 48
2a0e:b107:1e1f::/48 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/48 maxlen: 48
2a10:ccc0:801::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 06:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:e5:b5:59:38:06:6e:6b:2c:c1:45:2d:57:eb:49:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 21 16:04:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31a36d698cad01c785d619551376f15a8078bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:86:ab:7f:79:0c:36:f3:9e:48:c2:8a:fa:
5f:8e:a6:63:22:11:5a:5b:75:d0:b1:af:39:c5:dc:
16:2a:36:19:b1:a3:27:77:d0:6f:25:a4:ae:b6:4f:
81:8d:01:ce:53:9d:e8:1c:b6:e6:c2:8b:df:ec:0c:
4d:b9:d5:41:1f:cb:19:ec:c7:33:90:8d:0f:4b:7c:
24:0d:18:c4:c5:40:e9:0e:d2:46:10:5e:d9:26:12:
36:07:ca:d3:a1:10:39:b1:04:8a:89:66:54:ff:00:
58:ee:7c:99:20:89:41:9c:76:ac:5d:15:79:90:8c:
0a:d7:39:b1:6a:3c:29:92:33:ea:d3:92:b1:69:f0:
f4:bf:d6:5c:61:c9:03:9b:b8:69:57:44:01:5e:b0:
a7:d4:97:62:42:79:56:27:11:e9:4d:6b:54:35:97:
ba:1a:01:4d:2b:c2:83:62:31:c7:46:0d:f9:ce:ee:
49:36:11:e8:55:6b:74:e6:7d:72:00:a7:cf:66:54:
2d:01:7f:e1:c7:5b:bf:d2:0d:1f:3c:c7:27:1e:89:
ad:d4:93:0e:7d:47:d6:8e:7c:e8:39:43:b5:c7:67:
57:f4:c0:fe:85:5d:92:a9:e2:0c:ca:34:84:11:a4:
61:3f:12:0d:dc:40:68:8a:f9:60:2c:1c:7e:e0:a2:
0c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1A:36:D6:98:CA:D0:1C:78:5D:61:95:51:37:6F:15:A8:07:8B:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8xo21pjK0Bx4XWGVUTdvFagHi_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1e10::/44
2a10:2f00:187::/48
2a10:ccc0:800::/47
Signature Algorithm: sha256WithRSAEncryption
3b:99:d9:a2:fb:1a:5e:e0:67:ec:aa:cd:d4:3b:89:16:ee:51:
89:9a:5f:88:14:8e:7e:74:4b:3e:2d:05:eb:74:c1:9c:7f:a7:
f2:07:6f:6e:7f:c0:ee:68:8d:41:7f:b5:0d:09:c5:9c:48:a3:
1c:d9:71:f4:9f:10:9d:b6:a4:2c:a0:18:29:63:8f:04:a2:b6:
b4:c0:1d:a8:79:cf:dc:ba:ee:f3:f3:0c:d0:0d:aa:11:3c:fc:
c2:c7:0c:be:13:f7:8b:d1:3b:cc:07:9e:a7:d0:25:60:51:0f:
a5:b8:50:7d:67:93:7c:96:e6:2b:f0:a4:b0:d6:fc:8a:a9:64:
6e:91:ee:fb:54:7f:62:21:c7:e8:40:17:e1:b5:47:c9:2b:c2:
65:8f:62:5f:ac:3d:0e:b6:2e:ad:3b:07:14:eb:76:3e:ae:7d:
2d:0e:e6:52:7d:41:ae:c4:c1:cb:26:42:0f:65:12:58:b7:27:
56:c5:d1:28:ef:23:38:bb:99:27:35:f8:41:ca:ed:36:69:b9:
f4:c3:44:f6:f1:6e:07:ea:07:35:9e:59:40:a2:fb:94:ba:01:
74:b9:a9:ad:c9:5d:0b:b8:4a:c9:64:63:99:3a:7e:7f:7f:3e:
f4:ea:fd:95:be:32:2a:9b:ac:01:56:5b:12:8e:c9:45:bd:2a:
99:74:3a:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY+b5bVZOAZuayzBRS1X60nbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIxMTYwNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFhMzZkNjk4Y2FkMDFjNzg1ZDYxOTU1MTM3NmYxNWE4MDc4YmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlySGq395DDbznkjCivpfjqZjIhFa
W3XQsa85xdwWKjYZsaMnd9BvJaSutk+BjQHOU53oHLbmwovf7AxNudVBH8sZ7Mcz
kI0PS3wkDRjExUDpDtJGEF7ZJhI2B8rToRA5sQSKiWZU/wBY7nyZIIlBnHasXRV5
kIwK1zmxajwpkjPq05KxafD0v9ZcYckDm7hpV0QBXrCn1JdiQnlWJxHpTWtUNZe6
GgFNK8KDYjHHRg35zu5JNhHoVWt05n1yAKfPZlQtAX/hx1u/0g0fPMcnHomt1JMO
fUfWjnzoOUO1x2dX9MD+hV2SqeIMyjSEEaRhPxIN3EBoivlgLBx+4KIM7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPMaNtaYytAceF1hlVE3bxWoB4v1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOHhvMjFwakswQng0WFdHVlVUZHZGYWdIaV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBx4Q
AwcAKhAvAAGHAwcBKhDMwAgAMA0GCSqGSIb3DQEBCwUAA4IBAQA7mdmi+xpe4Gfs
qs3UO4kW7lGJml+IFI5+dEs+LQXrdMGcf6fyB29uf8DuaI1Bf7UNCcWcSKMc2XH0
nxCdtqQsoBgpY48Eora0wB2oec/cuu7z8wzQDaoRPPzCxwy+E/eL0TvMB56n0CVg
UQ+luFB9Z5N8luYr8KSw1vyKqWRuke77VH9iIcfoQBfhtUfJK8Jlj2JfrD0Oti6t
OwcU63Y+rn0tDuZSfUGuxMHLJkIPZRJYtydWxdEo7yM4u5knNfhByu02abn0w0T2
8W4H6gc1nllAovuUugF0uamtyV0LuErJZGOZOn5/fz706v2VvjIqm6wBVlsSjslF
vSqZdDr2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org