Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AYBQr5i3BcD5E8VdcLwJvYPOXRQ.roa
File: AYBQr5i3BcD5E8VdcLwJvYPOXRQ.roa (raw, json)
Hash identifier: 2mczAv8kv7keKlvOHf1/ddE1oc1tx1P9X2fLnEQbQt0=
Subject key identifier: 01:80:50:AF:98:B7:05:C0:F9:13:C5:5D:70:BC:09:BD:83:CE:5D:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C200A6809A18493C4181E398BFB7D81DB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AYBQr5i3BcD5E8VdcLwJvYPOXRQ.roa
Signing time: Thu 30 Nov 2023 11:43:22 +0000
ROA not before: Thu 30 Nov 2023 11:43:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34927
IP address blocks: 2a10:ccc3:ccca::/47 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:0a:68:09:a1:84:93:c4:18:1e:39:8b:fb:7d:81:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 30 11:43:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=018050af98b705c0f913c55d70bc09bd83ce5d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:de:48:20:3a:8e:ab:fa:0d:f7:08:a7:08:
cf:84:24:e3:77:7b:8d:8e:ea:5f:41:aa:0d:7a:02:
22:9f:29:74:c1:e8:a7:99:7d:0f:3d:b0:8c:ac:74:
06:e3:fa:60:18:06:ba:ad:99:9d:85:b3:8d:95:e6:
05:ff:c5:b1:7f:be:4a:7f:a3:42:54:09:c0:d2:db:
de:ea:6f:d1:25:8e:bb:a4:b3:ad:40:1f:10:11:44:
f2:42:7c:ae:34:55:2a:7e:20:bc:63:78:88:e6:42:
a9:7e:ff:d4:20:bb:63:43:47:da:bd:5f:fd:c8:ab:
72:75:49:9d:1e:df:96:d1:a1:98:0f:16:27:d2:83:
7b:20:2d:ae:f1:ad:6c:94:e2:bf:48:46:83:3a:f4:
a8:14:8b:ff:da:9f:3b:13:78:da:2f:cd:78:d4:92:
c0:86:91:77:35:bd:a3:cb:2d:ed:32:2b:b5:2d:1a:
3f:27:d3:af:9a:01:42:c4:e0:33:5b:6d:37:af:f1:
75:00:21:24:5a:80:61:8e:2e:83:51:6f:3b:b7:d7:
93:f8:6a:e2:a8:3d:a3:0d:a0:b6:a8:97:39:3b:00:
81:1d:86:30:3f:fc:08:28:5c:c0:a6:3f:b3:ae:cd:
2c:a5:0c:5e:cb:cf:43:57:1e:63:5f:04:30:20:67:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:80:50:AF:98:B7:05:C0:F9:13:C5:5D:70:BC:09:BD:83:CE:5D:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AYBQr5i3BcD5E8VdcLwJvYPOXRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccca::/47
Signature Algorithm: sha256WithRSAEncryption
4b:31:93:f9:b4:e4:6d:6d:68:6a:ac:8f:4e:52:cd:92:54:c8:
53:6d:43:b2:d5:4f:6f:c3:6f:19:8a:36:ea:1a:50:78:fa:51:
91:a7:2b:4e:01:0b:42:d0:91:80:83:e8:9a:ff:04:56:70:a5:
e7:05:ea:59:b6:c8:49:92:c7:74:a5:01:d5:3d:b5:c8:30:33:
00:26:1f:e1:4a:6a:db:ad:ce:0c:fa:dc:a0:b9:9b:88:e6:38:
39:5f:7e:05:ca:9c:a7:c7:44:9b:97:3d:3c:09:a6:3d:a5:f8:
c7:eb:45:c4:0e:93:cf:7f:06:ad:0b:58:de:37:96:13:b8:f4:
97:91:6d:8f:cc:0a:94:cd:a9:73:5a:79:05:a9:8f:43:ed:0c:
62:33:01:26:1d:cb:85:53:09:69:77:d5:22:0f:f8:61:5f:73:
df:eb:1c:a1:eb:19:b2:75:78:c6:9f:ca:99:ab:d1:cf:48:3a:
98:eb:f8:c5:56:e1:06:35:fc:cd:6e:d6:3d:86:07:e3:bb:84:
b9:82:a8:02:5b:5b:70:dc:5d:88:34:c1:0d:a6:e1:e3:d1:5c:
b8:4b:77:4e:89:53:f5:3a:6c:79:7f:49:88:f0:99:00:20:87:
e2:2c:ba:01:79:b4:fd:8d:09:b8:fb:b7:d4:98:7e:1a:c5:85:
2f:64:02:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwgCmgJoYSTxBgeOYv7fYHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTMwMTE0MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgwNTBhZjk4YjcwNWMwZjkxM2M1NWQ3MGJjMDliZDgzY2U1ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGveSCA6jqv6DfcIpwjPhCTjd3uN
jupfQaoNegIinyl0weinmX0PPbCMrHQG4/pgGAa6rZmdhbONleYF/8Wxf75Kf6NC
VAnA0tve6m/RJY67pLOtQB8QEUTyQnyuNFUqfiC8Y3iI5kKpfv/UILtjQ0favV/9
yKtydUmdHt+W0aGYDxYn0oN7IC2u8a1slOK/SEaDOvSoFIv/2p87E3jaL8141JLA
hpF3Nb2jyy3tMiu1LRo/J9OvmgFCxOAzW203r/F1ACEkWoBhji6DUW87t9eT+Gri
qD2jDaC2qJc5OwCBHYYwP/wIKFzApj+zrs0spQxey89DVx5jXwQwIGfbJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAGAUK+YtwXA+RPFXXC8Cb2Dzl0UMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQVlCUXI1aTNCY0Q1RThWZGNMd0p2WVBPWFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhDMw8zK
MA0GCSqGSIb3DQEBCwUAA4IBAQBLMZP5tORtbWhqrI9OUs2SVMhTbUOy1U9vw28Z
ijbqGlB4+lGRpytOAQtC0JGAg+ia/wRWcKXnBepZtshJksd0pQHVPbXIMDMAJh/h
Smrbrc4M+tyguZuI5jg5X34Fypynx0Sblz08CaY9pfjH60XEDpPPfwatC1jeN5YT
uPSXkW2PzAqUzalzWnkFqY9D7QxiMwEmHcuFUwlpd9UiD/hhX3Pf6xyh6xmydXjG
n8qZq9HPSDqY6/jFVuEGNfzNbtY9hgfju4S5gqgCW1tw3F2INMENpuHj0Vy4S3dO
iVP1Omx5f0mI8JkAIIfiLLoBebT9jQm4+7fUmH4axYUvZAKi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:56 2024 by rpki-client on console-ams.rpki-client.org