Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9H2kfjc84GzrvELyHbUddR8It7E.roa
File: 9H2kfjc84GzrvELyHbUddR8It7E.roa (raw, json)
Hash identifier: cNEA7J44epDQIXTdxEMaSCbRdlhTX3l7LrVXKxIs7kA=
Subject key identifier: F4:7D:A4:7E:37:3C:E0:6C:EB:BC:42:F2:1D:B5:1D:75:1F:08:B7:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCF6974D50F77C8A2B8FD11EDE9CE1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9H2kfjc84GzrvELyHbUddR8It7E.roa
Signing time: Tue 02 Jan 2024 10:34:13 +0000
ROA not before: Tue 02 Jan 2024 10:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200605
IP address blocks: 2a0e:97c0:370::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 22:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f6:97:4d:50:f7:7c:8a:2b:8f:d1:1e:de:9c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f47da47e373ce06cebbc42f21db51d751f08b7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8f:9c:68:9f:bf:f3:e6:dd:5a:e6:8c:52:66:
8c:f1:f4:3d:db:62:cf:87:44:f5:c6:b2:76:01:19:
96:26:ec:6f:33:18:ab:53:96:97:51:49:f2:c8:7f:
3c:2d:70:32:fb:c4:58:81:b7:9f:cb:c4:dc:4e:e1:
33:43:16:d0:5c:bb:60:7d:de:57:17:d7:fb:f1:07:
43:21:f2:f3:38:a9:6f:a9:bd:f0:4d:c0:0f:ea:c2:
2e:1b:2d:d5:8d:7a:fe:53:ff:6d:d4:15:d5:a4:28:
e1:a8:9c:87:47:53:6a:32:62:1d:51:53:51:6b:a6:
67:cd:59:56:fe:a8:ca:ba:65:ff:09:09:23:d1:bf:
3a:90:af:dd:d2:a9:a5:da:ab:a6:8f:33:29:86:06:
0a:b5:f2:4a:27:d0:cf:7b:69:4b:f4:94:1a:a1:e5:
ac:bc:59:48:8a:1d:3f:f1:fc:76:f7:62:90:69:98:
d8:c9:37:d9:56:ce:03:cc:d7:1e:55:d7:d2:2c:80:
10:27:07:1a:09:2a:ad:79:5d:8c:33:aa:ba:97:7f:
85:ea:e7:e1:24:7d:91:c0:e7:7d:c8:db:97:89:e8:
94:75:c7:f0:46:ff:93:8a:58:f7:65:8e:56:b9:5f:
f2:ee:32:82:f3:bc:e9:b1:1f:60:f4:40:e9:bb:72:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7D:A4:7E:37:3C:E0:6C:EB:BC:42:F2:1D:B5:1D:75:1F:08:B7:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9H2kfjc84GzrvELyHbUddR8It7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:370::/44
Signature Algorithm: sha256WithRSAEncryption
c1:af:48:72:2a:48:9c:c6:53:86:6d:1c:8f:10:27:65:fa:c2:
67:ae:5a:db:68:02:1f:be:9f:86:c9:7e:4b:f6:fb:90:c9:a0:
d1:3e:0f:b0:4f:0f:8f:f6:c9:79:d9:01:2d:07:55:db:f9:37:
94:84:b0:e6:66:43:9e:e4:0b:c8:d1:22:24:83:10:82:c8:87:
e3:51:18:06:01:05:5e:19:98:f7:11:fd:54:ab:fa:38:5c:63:
5a:73:9c:a4:32:0b:c3:99:cf:27:31:4a:c0:93:7c:7b:bf:c4:
b1:06:5d:42:c4:ff:6e:a0:5a:09:76:10:34:a9:7f:9f:94:d4:
c0:f5:27:ef:3a:fa:ec:fe:7c:66:05:2a:d4:c4:d9:79:56:9c:
67:92:4f:d3:47:82:25:e2:63:04:46:29:c5:65:81:36:e8:1a:
f7:98:91:41:21:53:d6:42:a9:26:aa:66:cf:1c:f0:e0:6d:d5:
a1:04:10:ba:d2:7e:6b:84:e3:e8:75:3e:35:08:f4:96:ff:7f:
5e:d6:02:a5:16:92:c9:47:c6:6a:c8:1e:9a:b1:91:1b:39:ab:
b1:30:e8:2a:ba:22:9a:5b:bc:3a:04:7a:dd:d5:01:6f:51:6d:
cb:91:1d:10:77:6f:04:4a:0a:d5:7b:07:4e:9b:d8:ef:ba:b7:
3d:c9:23:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvPaXTVD3fIorj9Ee3pzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDdkYTQ3ZTM3M2NlMDZjZWJiYzQyZjIxZGI1MWQ3NTFmMDhiN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4+caJ+/8+bdWuaMUmaM8fQ922LP
h0T1xrJ2ARmWJuxvMxirU5aXUUnyyH88LXAy+8RYgbefy8TcTuEzQxbQXLtgfd5X
F9f78QdDIfLzOKlvqb3wTcAP6sIuGy3VjXr+U/9t1BXVpCjhqJyHR1NqMmIdUVNR
a6ZnzVlW/qjKumX/CQkj0b86kK/d0qml2qumjzMphgYKtfJKJ9DPe2lL9JQaoeWs
vFlIih0/8fx292KQaZjYyTfZVs4DzNceVdfSLIAQJwcaCSqteV2MM6q6l3+F6ufh
JH2RwOd9yNuXieiUdcfwRv+Tilj3ZY5WuV/y7jKC87zpsR9g9EDpu3L6rwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPR9pH43POBs67xC8h21HXUfCLexMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOUgya2ZqYzg0R3pydkVMeUhiVWRkUjhJdDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwANw
MA0GCSqGSIb3DQEBCwUAA4IBAQDBr0hyKkicxlOGbRyPECdl+sJnrlrbaAIfvp+G
yX5L9vuQyaDRPg+wTw+P9sl52QEtB1Xb+TeUhLDmZkOe5AvI0SIkgxCCyIfjURgG
AQVeGZj3Ef1Uq/o4XGNac5ykMgvDmc8nMUrAk3x7v8SxBl1CxP9uoFoJdhA0qX+f
lNTA9SfvOvrs/nxmBSrUxNl5Vpxnkk/TR4Il4mMERinFZYE26Br3mJFBIVPWQqkm
qmbPHPDgbdWhBBC60n5rhOPodT41CPSW/39e1gKlFpLJR8ZqyB6asZEbOauxMOgq
uiKaW7w6BHrd1QFvUW3LkR0Qd28ESgrVewdOm9jvurc9ySMC
-----END CERTIFICATE-----
Generated at Thu Feb 8 00:12:36 2024 by rpki-client on console-fra.rpki-client.org