Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AJdSDbtYhOLN7J_EB_UpUnJS9Y0.roa
File: AJdSDbtYhOLN7J_EB_UpUnJS9Y0.roa (raw, json)
Hash identifier: ViATk8ET+KCLxpGfRh2JR75zgYL68sYcth0g8nkufEY=
Subject key identifier: 00:97:52:0D:BB:58:84:E2:CD:EC:9F:C4:07:F5:29:52:72:52:F5:8D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0E9C6C93223BD683746358AAB3C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AJdSDbtYhOLN7J_EB_UpUnJS9Y0.roa
Signing time: Tue 02 Jan 2024 10:34:19 +0000
ROA not before: Tue 02 Jan 2024 10:34:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205635
IP address blocks: 2a10:2f00:124::/48 maxlen: 48
2a10:2f01:2b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Sep 2024 22:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:0e:9c:6c:93:22:3b:d6:83:74:63:58:aa:b3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0097520dbb5884e2cdec9fc407f529527252f58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:af:52:d1:43:c0:75:93:9a:b0:ce:af:20:86:
e8:85:56:e2:51:78:b5:65:2d:09:f2:13:b0:80:50:
2d:55:52:ee:1b:a2:65:06:f7:b7:90:4e:7a:af:ce:
f3:2c:7f:84:96:0e:89:12:6d:2b:c4:3a:58:f4:b2:
83:40:5f:ed:76:80:3b:05:15:d8:5b:a0:90:d4:b6:
09:7d:50:2e:6b:cc:53:05:62:f4:f1:86:0c:25:c4:
42:9e:98:ab:90:59:0b:a3:b9:2c:22:57:7a:eb:f0:
05:b1:40:90:eb:f5:6f:68:cc:bd:f7:66:6e:ca:90:
15:14:fa:9e:6f:d4:89:fb:fe:af:13:5f:80:c8:3d:
c4:38:8d:b1:37:c7:2d:f4:52:9c:c2:9c:56:23:4c:
b5:65:04:bc:24:0c:d1:3b:87:18:15:f2:f3:e4:84:
72:0b:11:4c:80:a1:45:6d:21:50:ef:ae:b8:fa:b9:
1d:b1:c1:c2:c1:35:30:63:38:8f:ec:47:d9:7c:5d:
04:ed:f3:5a:85:a8:66:15:43:75:48:85:38:9e:4f:
67:8c:84:6d:8f:90:59:bb:e2:da:97:f1:19:de:69:
1d:61:00:94:82:45:28:0b:f0:bc:7d:c9:9d:06:80:
bb:26:39:c7:12:98:94:2b:42:05:16:f5:06:fb:b5:
1c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:97:52:0D:BB:58:84:E2:CD:EC:9F:C4:07:F5:29:52:72:52:F5:8D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AJdSDbtYhOLN7J_EB_UpUnJS9Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:124::/48
2a10:2f01:2b0::/44
Signature Algorithm: sha256WithRSAEncryption
20:57:eb:ac:37:55:5e:f7:d2:6e:f8:a4:42:b0:54:6b:60:3b:
03:96:bb:42:73:3c:63:de:e3:77:c4:17:2e:3a:27:cb:06:66:
32:ac:67:0a:a0:ad:6f:e8:e8:3c:4f:1b:f5:e4:8b:30:6c:08:
41:e6:b8:93:6b:a0:67:10:f8:8c:8a:8b:ee:e4:16:30:0e:c1:
17:a6:2d:d2:48:56:7b:9b:93:91:f8:ea:f2:e7:21:8b:27:32:
7b:91:92:d9:64:97:6a:55:0b:96:67:fa:72:39:1d:16:d6:2f:
61:b4:70:04:44:5f:80:64:56:43:75:28:3d:22:b9:07:02:af:
ff:4b:db:e2:75:98:b2:46:a8:71:80:4d:d0:5a:99:fd:af:0b:
37:f6:99:ff:92:ff:cd:67:23:1f:71:77:72:e4:7e:92:f3:a3:
c6:12:5f:39:74:31:76:0c:68:c6:25:a8:e0:cb:95:93:02:5f:
d5:d2:2f:4e:93:ac:19:a1:03:0d:e9:62:4d:31:b5:6e:0c:f6:
c4:f7:cb:00:96:85:cd:65:a8:9d:80:6e:75:64:07:8b:b6:f2:
89:70:31:9b:7e:89:d9:d1:de:8a:da:47:74:5b:84:52:5f:21:
c0:4d:ed:fc:cc:72:b5:5b:0d:58:f5:6c:22:9e:8f:13:da:33:
73:f4:89:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvQ6cbJMiO9aDdGNYqrPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDk3NTIwZGJiNTg4NGUyY2RlYzlmYzQwN2Y1Mjk1MjcyNTJmNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK9S0UPAdZOasM6vIIbohVbiUXi1
ZS0J8hOwgFAtVVLuG6JlBve3kE56r87zLH+Elg6JEm0rxDpY9LKDQF/tdoA7BRXY
W6CQ1LYJfVAua8xTBWL08YYMJcRCnpirkFkLo7ksIld66/AFsUCQ6/VvaMy992Zu
ypAVFPqeb9SJ+/6vE1+AyD3EOI2xN8ct9FKcwpxWI0y1ZQS8JAzRO4cYFfLz5IRy
CxFMgKFFbSFQ7664+rkdscHCwTUwYziP7EfZfF0E7fNahahmFUN1SIU4nk9njIRt
j5BZu+Lal/EZ3mkdYQCUgkUoC/C8fcmdBoC7JjnHEpiUK0IFFvUG+7UcMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFACXUg27WITizeyfxAf1KVJyUvWNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQUpkU0RidFloT0xON0pfRUJfVXBVbkpTOVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAEk
AwcEKhAvAQKwMA0GCSqGSIb3DQEBCwUAA4IBAQAgV+usN1Ve99Ju+KRCsFRrYDsD
lrtCczxj3uN3xBcuOifLBmYyrGcKoK1v6Og8Txv15IswbAhB5riTa6BnEPiMiovu
5BYwDsEXpi3SSFZ7m5OR+Ory5yGLJzJ7kZLZZJdqVQuWZ/pyOR0W1i9htHAERF+A
ZFZDdSg9IrkHAq//S9vidZiyRqhxgE3QWpn9rws39pn/kv/NZyMfcXdy5H6S86PG
El85dDF2DGjGJajgy5WTAl/V0i9Ok6wZoQMN6WJNMbVuDPbE98sAloXNZaidgG51
ZAeLtvKJcDGbfonZ0d6K2kd0W4RSXyHATe38zHK1Ww1Y9Wwino8T2jNz9Ili
-----END CERTIFICATE-----
Generated at Thu Sep 12 23:47:59 2024 by rpki-client on console-fra.rpki-client.org