Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQL-l-PxFm8kyky8N4mDUUTMBOQ.roa
File: AQL-l-PxFm8kyky8N4mDUUTMBOQ.roa (raw, json)
Hash identifier: OBD4VHEpzDenqVPkvVEFaUs84YSzDoK+UY/9N5EHzEA=
Subject key identifier: 01:02:FE:97:E3:F1:16:6F:24:CA:4C:BC:37:89:83:51:44:CC:04:E4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01867FD1BF6DB7644E6CC8DE91BDCD67A21D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQL-l-PxFm8kyky8N4mDUUTMBOQ.roa
Signing time: Thu 23 Feb 2023 19:48:17 +0000
ROA not before: Thu 23 Feb 2023 19:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a09:4c7:ff00::/40 maxlen: 48
2a0e:b107:5d0::/44 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:97c0:736::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b102:12f::/48 maxlen: 48
2a0e:97c0:76f::/48 maxlen: 48
2a0e:97c0:73f::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 Feb 2023 11:05:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:d1:bf:6d:b7:64:4e:6c:c8:de:91:bd:cd:67:a2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 23 19:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0102fe97e3f1166f24ca4cbc3789835144cc04e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:d0:4a:ed:60:de:44:52:41:ba:72:de:ee:
36:c3:ca:04:e6:a2:26:da:f7:c4:44:6d:e7:7b:7a:
ec:a5:76:43:54:08:86:b5:af:ca:7d:ef:d8:8f:85:
5f:8d:47:80:1d:69:33:e2:57:e7:49:f4:a6:c2:c0:
84:d9:c9:5b:61:5f:b7:6a:5d:57:06:02:ec:86:ef:
2d:18:fa:1c:f2:fa:59:2b:5c:8a:b8:27:51:a4:0c:
bd:09:1a:08:19:9d:06:d2:37:d6:d4:fb:9f:08:de:
02:d3:7d:ef:e2:b6:01:b7:a8:33:43:14:ec:76:02:
5e:5f:b7:65:b1:8f:23:04:8b:2a:a2:22:b4:67:72:
0c:29:92:16:dc:da:e9:52:5e:81:fc:42:80:db:cd:
1f:41:75:06:79:d6:15:34:3c:ba:81:77:88:1c:eb:
f9:8d:7c:80:ea:fd:c8:31:54:35:45:1c:1e:52:ab:
3e:0b:56:f5:57:f9:be:82:e7:20:6d:1a:9a:c2:b2:
59:02:16:4f:1e:9b:a8:ea:64:7f:e1:e1:75:49:42:
2a:46:d3:8f:85:b1:02:20:33:93:79:c4:26:ee:9c:
85:90:88:66:0a:28:f4:c4:39:05:ff:07:43:f7:75:
33:d6:6f:f4:0c:c2:de:8c:a9:dd:ef:07:3f:6e:97:
e0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:02:FE:97:E3:F1:16:6F:24:CA:4C:BC:37:89:83:51:44:CC:04:E4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AQL-l-PxFm8kyky8N4mDUUTMBOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4c7:ff00::/40
2a0e:97c0:736::/48
2a0e:97c0:73f::/48
2a0e:97c0:750::/48
2a0e:97c0:76f::/48
2a0e:b102:12f::/48
2a0e:b107:5d0::/44
2a0e:b107:900::/44
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
Signature Algorithm: sha256WithRSAEncryption
3f:c0:ce:82:f5:91:5d:bc:c0:f9:70:36:c7:65:2f:5f:41:b6:
d8:39:9c:02:9d:83:88:cd:ff:5f:67:a8:47:3f:08:80:06:0e:
12:8a:f1:13:60:cf:1a:f2:a8:c9:28:cb:65:a6:fe:59:a8:64:
80:28:4d:fc:81:a9:0c:64:74:42:8b:dc:13:a7:94:2c:dd:7a:
10:d8:9f:5d:10:3f:5c:54:48:8e:df:e2:46:e9:87:4a:4c:2f:
bd:cc:af:a4:31:51:fd:e0:38:34:b3:f4:9a:16:0b:ad:51:68:
b4:e0:de:5e:6b:50:1d:b1:0d:29:3a:c3:85:af:26:05:77:3d:
3b:9c:ea:b3:58:e9:83:b4:2e:aa:7a:8f:1e:09:23:de:ef:61:
99:33:3a:44:52:54:cf:97:af:ca:2d:55:ba:52:87:1f:12:f4:
88:4b:0d:af:1e:b0:02:f8:55:3e:04:54:65:86:33:1f:17:42:
c8:15:5e:4e:5e:f4:74:ba:d2:dd:9e:75:2d:29:0c:89:9b:33:
f8:ba:78:0e:16:b9:6c:33:a1:80:c3:c5:7b:15:24:aa:9d:49:
96:15:04:35:2a:52:80:1d:d5:bd:c4:b8:6e:38:c7:98:88:ce:
4c:f9:cf:a3:05:7a:4b:47:72:0a:6f:58:1c:93:3d:b8:81:b0:
25:e2:a5:6e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYZ/0b9tt2RObMjekb3NZ6IdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIzMTk0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAyZmU5N2UzZjExNjZmMjRjYTRjYmMzNzg5ODM1MTQ0Y2MwNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1zQSu1g3kRSQbpy3u42w8oE5qIm
2vfERG3ne3rspXZDVAiGta/Kfe/Yj4VfjUeAHWkz4lfnSfSmwsCE2clbYV+3al1X
BgLshu8tGPoc8vpZK1yKuCdRpAy9CRoIGZ0G0jfW1PufCN4C033v4rYBt6gzQxTs
dgJeX7dlsY8jBIsqoiK0Z3IMKZIW3NrpUl6B/EKA280fQXUGedYVNDy6gXeIHOv5
jXyA6v3IMVQ1RRweUqs+C1b1V/m+gucgbRqawrJZAhZPHpuo6mR/4eF1SUIqRtOP
hbECIDOTecQm7pyFkIhmCij0xDkF/wdD93Uz1m/0DMLejKnd7wc/bpfgKQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAEC/pfj8RZvJMpMvDeJg1FEzATkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQVFMLWwtUHhGbThreWt5OE40bURVVVRNQk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAIwdAMGACoJBMf/
AwcAKg6XwAc2AwcAKg6XwAc/AwcAKg6XwAdQAwcAKg6XwAdvAwcAKg6xAgEvAwcE
Kg6xBwXQAwcEKg6xBwkAAwcAKg6xBwn0AwcAKg6xBwn2AwcAKg6xBw3yAwcAKg6x
BxhwAwcAKg6xBxueMA0GCSqGSIb3DQEBCwUAA4IBAQA/wM6C9ZFdvMD5cDbHZS9f
QbbYOZwCnYOIzf9fZ6hHPwiABg4SivETYM8a8qjJKMtlpv5ZqGSAKE38gakMZHRC
i9wTp5Qs3XoQ2J9dED9cVEiO3+JG6YdKTC+9zK+kMVH94Dg0s/SaFgutUWi04N5e
a1AdsQ0pOsOFryYFdz07nOqzWOmDtC6qeo8eCSPe72GZMzpEUlTPl6/KLVW6Uocf
EvSISw2vHrAC+FU+BFRlhjMfF0LIFV5OXvR0utLdnnUtKQyJmzP4ungOFrlsM6GA
w8V7FSSqnUmWFQQ1KlKAHdW9xLhuOMeYiM5M+c+jBXpLR3IKb1gckz24gbAl4qVu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org