Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9zYMTkFkthptexnlOhDVcuPZFOE.roa
File: 9zYMTkFkthptexnlOhDVcuPZFOE.roa (raw, json)
Hash identifier: qcfFp0xGNDOuDEOzwI+nGM4mMR8Z6DAWWKZILebdpwM=
Subject key identifier: F7:36:0C:4E:41:64:B6:1A:6D:7B:19:E5:3A:10:D5:72:E3:D9:14:E1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B14246F5ECB22B779D2F9888585FCD979
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9zYMTkFkthptexnlOhDVcuPZFOE.roa
Signing time: Mon 09 Oct 2023 11:13:33 +0000
ROA not before: Mon 09 Oct 2023 11:13:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:660::/44 maxlen: 48
2a0e:b107:1d60::/44 maxlen: 48
2a0e:b107:1e00::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:5e0::/44 maxlen: 48
2a0e:b107:690::/44 maxlen: 48
2a0e:b107:5f0::/44 maxlen: 48
2a0e:b107:ad0::/44 maxlen: 48
2a0e:b107:2150::/44 maxlen: 48
2a0e:b107:5d0::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Oct 2023 02:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:24:6f:5e:cb:22:b7:79:d2:f9:88:85:85:fc:d9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 9 11:13:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7360c4e4164b61a6d7b19e53a10d572e3d914e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d5:ee:13:65:15:c7:5e:fe:dd:2c:59:03:0f:
b7:01:01:06:9d:72:a6:f9:0c:37:ae:94:f5:c9:63:
70:67:da:01:16:8b:2f:32:7e:fc:29:44:8f:d3:e7:
53:f5:b5:85:4a:ec:1a:b9:42:9d:72:b7:51:fb:d0:
1d:33:2a:b0:bc:58:c0:3b:09:11:72:84:15:39:39:
3a:d7:c7:3a:42:54:f2:ac:af:46:35:fe:eb:4c:8d:
8b:c7:6c:cc:d6:e3:45:38:a1:43:cc:39:de:99:8a:
6d:4c:fd:15:cf:13:b8:54:0b:34:95:fe:29:8b:54:
ea:be:48:1f:0a:02:45:c5:55:34:21:3f:17:26:45:
4f:18:0e:4c:3a:b7:2c:77:76:bc:14:3c:e8:72:01:
82:37:9e:ae:da:fa:a7:f2:5d:a6:f8:9f:95:16:d0:
03:3b:af:7d:80:73:c0:51:e6:4b:df:24:ce:d9:18:
cf:ae:17:35:aa:34:b3:13:d7:70:36:07:93:7e:47:
02:94:ae:aa:25:61:5c:dc:9f:1c:cf:f5:68:90:74:
fa:32:99:32:bf:de:1f:c6:31:05:1f:ee:13:07:2c:
1d:13:25:4e:89:41:34:7d:2c:4f:ba:5d:74:14:81:
99:2d:0f:6e:9d:27:77:dc:72:f7:b6:11:d4:74:c0:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:36:0C:4E:41:64:B6:1A:6D:7B:19:E5:3A:10:D5:72:E3:D9:14:E1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9zYMTkFkthptexnlOhDVcuPZFOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5d0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:660::/44
2a0e:b107:690::/44
2a0e:b107:ad0::/44
2a0e:b107:bb0::/44
2a0e:b107:1d60::/44
2a0e:b107:1e00::/44
2a0e:b107:2150::/44
Signature Algorithm: sha256WithRSAEncryption
94:aa:2e:31:75:ff:2d:75:50:f1:18:a5:3e:cb:d6:67:0f:fe:
74:52:2b:0b:1b:41:cb:48:a8:1f:8d:67:0c:96:db:76:ff:97:
ce:39:5e:de:3c:10:b2:50:ba:22:2d:c5:f3:17:1f:7a:51:57:
d4:68:4f:c1:96:95:9a:b5:f7:cd:45:27:df:88:f4:49:3b:fb:
c1:7a:95:0a:dc:82:cd:82:7a:d8:a4:19:e9:b4:2c:7d:af:c1:
ab:c3:ad:3d:fc:c1:25:60:09:5d:82:c2:39:59:c8:61:14:27:
d7:5f:db:55:f1:6f:17:01:26:20:31:69:2f:b2:39:2b:91:dc:
20:f4:24:ff:22:71:56:93:42:28:a9:ee:06:fb:4c:06:88:d4:
8e:59:32:ee:b7:0d:43:21:9c:2d:c6:91:1a:b1:b7:6d:51:53:
23:1f:02:63:ef:7d:b7:30:82:c2:4b:3e:47:0d:ef:6f:10:c4:
61:93:3a:94:0c:10:5c:8f:e5:4b:77:0e:75:e1:5e:ac:67:51:
91:a5:68:9a:7e:ef:95:f3:d2:9a:79:1b:84:59:a4:25:3b:0f:
b1:7d:a5:b0:28:85:9f:11:ad:b5:16:55:28:4c:89:d9:c2:b9:
80:f3:cb:d1:04:88:98:73:c8:45:07:f9:bd:11:25:b3:ca:61:
ba:ec:eb:07
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYsUJG9eyyK3edL5iIWF/Nl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA5MTExMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzM2MGM0ZTQxNjRiNjFhNmQ3YjE5ZTUzYTEwZDU3MmUzZDkxNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NXuE2UVx17+3SxZAw+3AQEGnXKm
+Qw3rpT1yWNwZ9oBFosvMn78KUSP0+dT9bWFSuwauUKdcrdR+9AdMyqwvFjAOwkR
coQVOTk618c6QlTyrK9GNf7rTI2Lx2zM1uNFOKFDzDnemYptTP0VzxO4VAs0lf4p
i1TqvkgfCgJFxVU0IT8XJkVPGA5MOrcsd3a8FDzocgGCN56u2vqn8l2m+J+VFtAD
O699gHPAUeZL3yTO2RjPrhc1qjSzE9dwNgeTfkcClK6qJWFc3J8cz/VokHT6Mpky
v94fxjEFH+4TBywdEyVOiUE0fSxPul10FIGZLQ9unSd33HL3thHUdMCZiQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFPc2DE5BZLYabXsZ5ToQ1XLj2RThMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOXpZTVRrRmt0aHB0ZXhubE9oRFZjdVBaRk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTMBIDBwQqDrEH
BdADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHCtADBwQqDrEHC7AD
BwQqDrEHHWADBwQqDrEHHgADBwQqDrEHIVAwDQYJKoZIhvcNAQELBQADggEBAJSq
LjF1/y11UPEYpT7L1mcP/nRSKwsbQctIqB+NZwyW23b/l845Xt48ELJQuiItxfMX
H3pRV9RoT8GWlZq1981FJ9+I9Ek7+8F6lQrcgs2CetikGem0LH2vwavDrT38wSVg
CV2CwjlZyGEUJ9df21XxbxcBJiAxaS+yOSuR3CD0JP8icVaTQiip7gb7TAaI1I5Z
Mu63DUMhnC3GkRqxt21RUyMfAmPvfbcwgsJLPkcN728QxGGTOpQMEFyP5Ut3DnXh
XqxnUZGlaJp+75Xz0pp5G4RZpCU7D7F9pbAohZ8RrbUWVShMidnCuYDzy9EEiJhz
yEUH+b0RJbPKYbrs6wc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:26 2024 by rpki-client on console-fra.rpki-client.org