Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9e03MAAAes-jI7tQ6ASW0Lxg7DA.roa
File: 9e03MAAAes-jI7tQ6ASW0Lxg7DA.roa (raw, json)
Hash identifier: abndxclh1pMDwWnkvuGLn6yHs239lo9POMDHNH/Vob0=
Subject key identifier: F5:ED:37:30:00:00:7A:CF:A3:23:BB:50:E8:04:96:D0:BC:60:EC:30
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189DAA4C8496FBE5DE4AA8C5CF1B60A9C5C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9e03MAAAes-jI7tQ6ASW0Lxg7DA.roa
Signing time: Wed 09 Aug 2023 14:12:59 +0000
ROA not before: Wed 09 Aug 2023 14:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61218
IP address blocks: 45.148.116.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:4b00::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Nov 2023 14:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:a4:c8:49:6f:be:5d:e4:aa:8c:5c:f1:b6:0a:9c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 9 14:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5ed373000007acfa323bb50e80496d0bc60ec30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d7:60:e3:bd:df:00:35:cd:82:cf:53:52:4b:
4d:e5:dd:cd:56:31:80:46:fc:a1:35:c5:e0:a4:fc:
81:7a:d9:5d:a5:c3:1f:31:fe:74:7b:91:94:53:ae:
6b:c0:e2:e3:c9:95:87:f7:de:38:5c:d0:4f:c4:3d:
07:d9:4b:68:ed:a8:4f:f7:cf:e1:9f:a1:aa:5e:61:
22:c5:50:83:31:fa:25:60:68:88:06:46:b0:81:07:
4b:28:21:2b:4f:16:46:51:a8:6b:07:31:1d:2b:91:
97:a8:29:55:a4:b1:b9:8d:7a:79:be:96:bf:76:e5:
b6:de:96:3a:24:28:b1:fc:a4:5b:97:f1:0a:07:a8:
46:5e:31:43:88:c6:ff:1c:0b:7c:df:ec:ef:b7:3a:
60:53:e6:5d:03:0f:f8:77:29:6b:52:60:d6:9f:64:
fb:94:c8:df:5c:e8:74:6c:85:6b:8d:36:08:5c:e4:
c8:44:29:6d:43:bc:ef:e6:fb:86:84:2d:cd:16:81:
ac:04:54:b0:9b:5f:e2:71:7c:52:6b:d3:14:28:85:
15:23:23:4f:84:5b:e2:4b:80:1f:39:49:c8:b2:f2:
c9:aa:cb:55:53:f9:5d:6e:7b:7d:a5:73:43:f4:92:
c4:36:e8:88:5a:ae:33:27:3d:45:25:bc:66:f4:95:
ef:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:ED:37:30:00:00:7A:CF:A3:23:BB:50:E8:04:96:D0:BC:60:EC:30
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9e03MAAAes-jI7tQ6ASW0Lxg7DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.148.116.0/22
IPv6:
2a0e:97c0:4b00::/40
Signature Algorithm: sha256WithRSAEncryption
7f:89:18:ee:43:19:a0:05:b7:74:80:ea:df:ca:cb:4a:78:77:
b8:4e:26:2f:bd:bc:9e:d0:ce:c8:05:da:88:57:da:d3:25:26:
14:6f:6b:b5:f3:ab:46:56:ef:5e:c0:68:c3:34:35:a8:95:3e:
6f:07:1c:8d:b9:de:d6:fb:13:25:81:7a:90:aa:0b:77:17:f7:
96:85:92:c2:9e:64:bb:0f:7f:66:f4:f0:cc:8b:b2:10:37:15:
d7:f0:4b:5a:61:63:a9:a0:77:6c:8d:c0:af:46:88:b2:5f:46:
b3:91:64:91:26:c3:54:46:fa:71:84:10:10:77:b5:89:96:cc:
33:10:63:34:42:9b:64:7f:0e:0b:ca:b3:bc:fc:02:02:51:7b:
24:45:c2:61:60:97:78:20:cf:4a:97:43:c5:b5:5b:c7:d5:78:
3a:4f:ad:9b:d7:46:92:25:ac:9d:12:97:af:98:cf:94:2a:ff:
43:99:6d:b7:19:09:6e:24:3e:b2:ec:85:73:41:77:be:db:9a:
99:f5:c9:ba:ef:1e:0b:b1:85:2d:d4:c2:a9:1d:3f:cc:22:44:
49:4a:39:34:27:b1:30:ae:8e:23:95:c4:23:da:85:2e:54:e1:
57:41:8b:36:7e:d9:cc:17:b4:45:f8:36:bf:38:57:4e:38:ac:
78:6d:3e:91
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYnapMhJb75d5KqMXPG2CpxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODA5MTQxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWVkMzczMDAwMDA3YWNmYTMyM2JiNTBlODA0OTZkMGJjNjBlYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ddg473fADXNgs9TUktN5d3NVjGA
RvyhNcXgpPyBetldpcMfMf50e5GUU65rwOLjyZWH9944XNBPxD0H2Uto7ahP98/h
n6GqXmEixVCDMfolYGiIBkawgQdLKCErTxZGUahrBzEdK5GXqClVpLG5jXp5vpa/
duW23pY6JCix/KRbl/EKB6hGXjFDiMb/HAt83+zvtzpgU+ZdAw/4dylrUmDWn2T7
lMjfXOh0bIVrjTYIXOTIRCltQ7zv5vuGhC3NFoGsBFSwm1/icXxSa9MUKIUVIyNP
hFviS4AfOUnIsvLJqstVU/ldbnt9pXND9JLENuiIWq4zJz1FJbxm9JXvWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPXtNzAAAHrPoyO7UOgEltC8YOwwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOWUwM01BQUFlcy1qSTd0UTZBU1cwTHhnN0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAHyq3AwQC
LZR0MA4EAgACMAgDBgAqDpfASzANBgkqhkiG9w0BAQsFAAOCAQEAf4kY7kMZoAW3
dIDq38rLSnh3uE4mL728ntDOyAXaiFfa0yUmFG9rtfOrRlbvXsBowzQ1qJU+bwcc
jbne1vsTJYF6kKoLdxf3loWSwp5kuw9/ZvTwzIuyEDcV1/BLWmFjqaB3bI3Ar0aI
sl9Gs5FkkSbDVEb6cYQQEHe1iZbMMxBjNEKbZH8OC8qzvPwCAlF7JEXCYWCXeCDP
SpdDxbVbx9V4Ok+tm9dGkiWsnRKXr5jPlCr/Q5lttxkJbiQ+suyFc0F3vtuamfXJ
uu8eC7GFLdTCqR0/zCJESUo5NCexMK6OI5XEI9qFLlThV0GLNn7ZzBe0Rfg2vzhX
TjiseG0+kQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org