Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9d8d5PXU_GOmo3E6iulLUd7nVa8.roa
File: 9d8d5PXU_GOmo3E6iulLUd7nVa8.roa (raw, json)
Hash identifier: NhRRgcYdexc+DkKL9b8ru9eAfJPK2IUhz30Yet3bSUU=
Subject key identifier: F5:DF:1D:E4:F5:D4:FC:63:A6:A3:71:3A:8A:E9:4B:51:DE:E7:55:AF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191C5FE9C32E7347CB38F769DF82315246C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9d8d5PXU_GOmo3E6iulLUd7nVa8.roa
Signing time: Fri 06 Sep 2024 06:21:23 +0000
ROA not before: Fri 06 Sep 2024 06:21:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc3:3330::/44 maxlen: 48
2a10:ccc6:6660::/44 maxlen: 48
2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:6666::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 06 Sep 2024 16:43:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c5:fe:9c:32:e7:34:7c:b3:8f:76:9d:f8:23:15:24:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 6 06:21:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5df1de4f5d4fc63a6a3713a8ae94b51dee755af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ae:1e:4f:74:2e:fd:fa:51:6f:53:57:fb:18:
7f:98:46:45:88:fb:b4:e8:50:d7:22:da:c5:09:f5:
45:a2:23:db:3f:6c:58:c0:e7:08:2d:e7:15:b6:f9:
98:7f:0a:03:73:ee:b8:b9:8d:7c:76:59:8e:00:5f:
b0:2b:58:7b:b4:d9:75:6b:b1:84:65:9c:49:8b:b8:
c2:ed:15:73:8b:2e:a3:dc:86:a2:6d:7e:c1:76:b5:
6d:4c:c2:70:32:06:4e:da:32:6b:b7:59:00:44:24:
21:fc:1c:44:75:63:bb:96:1e:64:f6:ac:f0:80:48:
bd:d7:17:88:bd:37:99:b1:51:11:59:96:4b:83:ea:
b1:eb:ab:37:4e:06:ff:81:09:94:d8:4e:e5:3a:dc:
17:22:d1:7f:8a:a5:2d:e2:fa:e4:86:e8:12:a6:7a:
16:f0:13:86:18:19:6a:63:81:95:af:28:eb:16:dc:
89:e8:7a:9c:6f:85:6e:c3:2e:51:72:43:50:97:5e:
54:22:6e:de:6f:38:9e:80:7d:11:bb:78:80:e7:dd:
4b:e9:7d:2c:2e:0b:94:a8:61:9a:e2:aa:27:01:82:
a6:ef:85:e5:43:f9:60:e2:04:d8:50:81:1e:cd:10:
b1:84:42:07:ad:59:79:1a:df:76:0d:f6:65:d4:6a:
52:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DF:1D:E4:F5:D4:FC:63:A6:A3:71:3A:8A:E9:4B:51:DE:E7:55:AF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9d8d5PXU_GOmo3E6iulLUd7nVa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:3330::/44
2a10:ccc6:6660::/44
Signature Algorithm: sha256WithRSAEncryption
b1:59:0e:79:a5:fe:ea:11:bc:ba:a0:a4:92:24:65:b5:21:c6:
e2:87:0c:23:d4:1a:97:a9:cf:7a:b3:23:e0:b0:e2:e6:6f:4a:
88:88:da:c5:f7:53:4d:08:15:7a:40:67:44:02:81:e5:8d:3b:
f4:58:03:99:f7:07:fb:9b:b9:0f:b5:1d:69:dd:c1:15:0a:93:
50:ec:0c:43:72:9d:c2:84:70:bc:ce:6e:e0:50:cd:30:1c:26:
47:ac:20:ca:77:20:2a:ef:bb:25:69:a3:41:41:3e:5c:c4:c3:
64:9d:73:7c:24:ab:2e:59:94:96:58:f8:5d:2b:51:b6:23:6e:
b1:09:45:1c:8c:21:4a:1c:fb:0f:b9:bc:06:cd:34:23:72:cd:
a0:93:10:7f:d8:cb:eb:1e:5a:bd:de:1c:b9:a9:ec:8f:2f:69:
ff:b9:75:bb:1f:5e:99:ff:d6:8e:c5:75:08:d8:cf:0c:e6:6e:
1c:aa:af:4a:6e:35:83:02:97:d4:02:ce:f4:7b:1b:f1:92:00:
c6:ca:04:5a:a7:aa:04:69:bc:0e:ed:be:c4:2d:33:e5:7b:79:
36:54:05:dd:af:0d:ca:c9:45:c5:0c:3c:28:25:37:fa:89:df:
3b:84:15:9c:48:84:d3:5c:e8:5a:9b:5e:55:7e:cd:64:d2:53:
96:f4:db:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHF/pwy5zR8s492nfgjFSRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTA2MDYyMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWRmMWRlNGY1ZDRmYzYzYTZhMzcxM2E4YWU5NGI1MWRlZTc1NWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK4eT3Qu/fpRb1NX+xh/mEZFiPu0
6FDXItrFCfVFoiPbP2xYwOcILecVtvmYfwoDc+64uY18dlmOAF+wK1h7tNl1a7GE
ZZxJi7jC7RVziy6j3IaibX7BdrVtTMJwMgZO2jJrt1kARCQh/BxEdWO7lh5k9qzw
gEi91xeIvTeZsVERWZZLg+qx66s3Tgb/gQmU2E7lOtwXItF/iqUt4vrkhugSpnoW
8BOGGBlqY4GVryjrFtyJ6Hqcb4Vuwy5RckNQl15UIm7ebziegH0Ru3iA591L6X0s
LguUqGGa4qonAYKm74XlQ/lg4gTYUIEezRCxhEIHrVl5Gt92DfZl1GpSZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPXfHeT11PxjpqNxOorpS1He51WvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOWQ4ZDVQWFVfR09tbzNFNml1bExVZDduVmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhDMwzMw
AwcEKhDMxmZgMA0GCSqGSIb3DQEBCwUAA4IBAQCxWQ55pf7qEby6oKSSJGW1Icbi
hwwj1BqXqc96syPgsOLmb0qIiNrF91NNCBV6QGdEAoHljTv0WAOZ9wf7m7kPtR1p
3cEVCpNQ7AxDcp3ChHC8zm7gUM0wHCZHrCDKdyAq77slaaNBQT5cxMNknXN8JKsu
WZSWWPhdK1G2I26xCUUcjCFKHPsPubwGzTQjcs2gkxB/2MvrHlq93hy5qeyPL2n/
uXW7H16Z/9aOxXUI2M8M5m4cqq9KbjWDApfUAs70exvxkgDGygRap6oEabwO7b7E
LTPle3k2VAXdrw3KyUXFDDwoJTf6id87hBWcSITTXOham15Vfs1k0lOW9NvC
-----END CERTIFICATE-----
Generated at Fri Sep 6 18:41:19 2024 by rpki-client on console-fra.rpki-client.org