Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AUCJY0S0RGB8747u3bZ0XDGBTt0.roa
File: AUCJY0S0RGB8747u3bZ0XDGBTt0.roa (raw, json)
Hash identifier: io6gQeQtNbvDrKeGA3C93G5nlpV0S52HAOcI/lm+W1A=
Subject key identifier: 01:40:89:63:44:B4:44:60:7C:EF:8E:EE:DD:B6:74:5C:31:81:4E:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CB0FE34BF1A2E9CC2204A5E1C44C9429C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AUCJY0S0RGB8747u3bZ0XDGBTt0.roa
Signing time: Thu 28 Dec 2023 15:14:58 +0000
ROA not before: Thu 28 Dec 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200950
IP address blocks: 2a10:cc45:121::/48 maxlen: 48
2a10:cc45:126::/48 maxlen: 48
2a10:cc45:12f::/48 maxlen: 48
2a10:cc45:124::/48 maxlen: 48
2a0e:97c0:c9e::/48 maxlen: 48
2a10:cc45:125::/48 maxlen: 48
2a10:cc45:122::/48 maxlen: 48
2a10:cc45:123::/48 maxlen: 48
2a10:cc45:120::/44 maxlen: 48
2a10:cc45:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 23:50:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:fe:34:bf:1a:2e:9c:c2:20:4a:5e:1c:44:c9:42:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 28 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0140896344b444607cef8eeeddb6745c31814edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:aa:d0:5e:eb:56:ae:4a:a4:35:58:4f:a1:8b:
3c:45:67:b2:2c:a8:4b:2f:66:93:e8:b2:ba:ee:dd:
38:79:32:9f:01:52:c1:b5:7f:eb:e7:6c:20:af:fe:
cd:63:d7:1b:59:dd:f8:c4:4d:5f:b3:9c:95:ce:db:
cf:80:f4:1e:c8:fc:bb:3c:01:5e:0b:d6:ea:29:f7:
57:9c:16:35:e5:1b:f9:80:a3:e0:60:03:2c:ab:a0:
ff:7b:39:39:1e:b7:b4:99:3f:ce:9f:cf:7c:0e:95:
42:65:16:31:27:51:73:a9:bb:2c:da:91:43:a8:a7:
ca:b3:38:f9:22:ea:b7:8c:a0:67:67:38:b0:ba:4a:
ea:38:5f:1c:5f:11:9f:19:fb:9c:db:0b:00:cd:f0:
70:75:a0:65:2c:28:8a:5e:a5:b5:af:f2:9f:77:a5:
20:46:54:f0:c7:95:9e:c5:5a:f8:0f:ad:0b:78:5c:
5c:1d:f7:ab:43:23:52:5e:a2:87:05:10:d8:4e:b1:
31:39:51:81:64:a2:8d:57:46:a2:5f:82:91:2a:95:
1f:1c:e4:b6:82:7e:ba:ed:b2:34:a7:af:1e:73:8f:
72:43:b2:de:90:9c:f4:53:93:3e:d7:78:9a:17:d9:
e3:82:81:48:e7:6f:14:eb:2e:e1:da:50:26:55:d9:
b0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:40:89:63:44:B4:44:60:7C:EF:8E:EE:DD:B6:74:5C:31:81:4E:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AUCJY0S0RGB8747u3bZ0XDGBTt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c9e::/48
2a10:cc45:120::/44
Signature Algorithm: sha256WithRSAEncryption
af:81:e4:fe:4f:c7:a2:c5:44:60:29:c4:f3:e3:05:0b:fa:62:
0a:5f:bb:64:86:02:a3:d9:73:ef:b7:71:7f:25:7a:b4:62:fe:
38:8f:90:87:92:31:68:d9:07:9c:cd:66:ff:bb:8e:ac:c5:d6:
3f:94:08:22:d3:51:c1:79:3b:8b:ce:4c:38:54:bb:8e:8d:50:
15:0a:3d:7c:58:89:50:a6:c9:d9:25:88:95:f9:74:30:b8:f9:
22:c6:ae:30:8f:a4:f8:85:7b:e2:5d:dd:e0:05:55:8e:74:b6:
fe:c8:58:78:88:61:b3:06:32:b0:1b:db:c6:ee:9a:e5:07:0b:
9f:09:fd:fc:32:02:50:fb:65:69:60:10:24:fc:37:6b:dd:8b:
2c:b3:d1:ec:cd:63:08:e0:35:d5:59:6c:cd:91:6d:f5:bf:94:
52:06:7d:4f:f1:42:ea:25:06:8b:f3:19:4a:51:af:d1:80:75:
18:9f:1f:b0:70:61:b3:cb:14:62:cc:b5:a0:06:4d:89:0e:6b:
78:fa:46:20:cc:b1:6d:45:7c:f9:bc:a9:a4:c7:7d:88:cc:5c:
b4:52:d8:b6:8b:4c:aa:a4:da:7b:ad:63:2e:1d:f4:cf:a8:20:
3a:42:49:76:eb:aa:ac:cf:f6:4b:5c:30:ef:48:3c:b6:5b:d6:
45:6a:09:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyw/jS/Gi6cwiBKXhxEyUKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI4MTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQwODk2MzQ0YjQ0NDYwN2NlZjhlZWVkZGI2NzQ1YzMxODE0ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqrQXutWrkqkNVhPoYs8RWeyLKhL
L2aT6LK67t04eTKfAVLBtX/r52wgr/7NY9cbWd34xE1fs5yVztvPgPQeyPy7PAFe
C9bqKfdXnBY15Rv5gKPgYAMsq6D/ezk5Hre0mT/On898DpVCZRYxJ1Fzqbss2pFD
qKfKszj5Iuq3jKBnZziwukrqOF8cXxGfGfuc2wsAzfBwdaBlLCiKXqW1r/Kfd6Ug
RlTwx5WexVr4D60LeFxcHferQyNSXqKHBRDYTrExOVGBZKKNV0aiX4KRKpUfHOS2
gn667bI0p68ec49yQ7LekJz0U5M+13iaF9njgoFI528U6y7h2lAmVdmwLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAFAiWNEtERgfO+O7t22dFwxgU7dMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQVVDSlkwUzBSR0I4NzQ3dTNiWjBYREdCVHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAye
AwcEKhDMRQEgMA0GCSqGSIb3DQEBCwUAA4IBAQCvgeT+T8eixURgKcTz4wUL+mIK
X7tkhgKj2XPvt3F/JXq0Yv44j5CHkjFo2QeczWb/u46sxdY/lAgi01HBeTuLzkw4
VLuOjVAVCj18WIlQpsnZJYiV+XQwuPkixq4wj6T4hXviXd3gBVWOdLb+yFh4iGGz
BjKwG9vG7prlBwufCf38MgJQ+2VpYBAk/Ddr3Ysss9HszWMI4DXVWWzNkW31v5RS
Bn1P8ULqJQaL8xlKUa/RgHUYnx+wcGGzyxRizLWgBk2JDmt4+kYgzLFtRXz5vKmk
x32IzFy0Uti2i0yqpNp7rWMuHfTPqCA6Qkl266qsz/ZLXDDvSDy2W9ZFagnZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org