Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ashkjw9V37wsRdKHbs7kS6i_UB0.roa
File: Ashkjw9V37wsRdKHbs7kS6i_UB0.roa (raw, json)
Hash identifier: WcvihavskJVnSAEic73EZTzitWezRlui2PUHPxYuYv0=
Subject key identifier: 02:C8:64:8F:0F:55:DF:BC:2C:45:D2:87:6E:CE:E4:4B:A8:BF:50:1D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE8E3E7CF70AED6522A33F662A73E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ashkjw9V37wsRdKHbs7kS6i_UB0.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198055
IP address blocks: 2a0e:b107:28a8::/48 maxlen: 48
2a0e:b107:1d12::/48 maxlen: 48
2a0e:b107:28a9::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Apr 2024 05:25:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e8:e3:e7:cf:70:ae:d6:52:2a:33:f6:62:a7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02c8648f0f55dfbc2c45d2876ecee44ba8bf501d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:2b:f7:57:71:46:70:ab:e0:03:56:c2:92:
c6:d4:30:6f:94:78:6b:fa:56:08:88:fd:62:81:f9:
ce:76:e1:b4:d1:b6:c1:0d:f7:23:dc:9d:f7:12:10:
7a:56:70:50:62:88:d3:bc:59:c8:91:b8:50:47:3e:
25:57:01:88:14:d0:01:c1:29:cf:14:5e:6d:6a:3d:
36:1e:d5:db:3f:b1:af:a0:4d:b5:d2:05:e1:63:2c:
47:02:c0:fc:ca:f2:6f:71:91:80:9f:38:6e:fe:49:
bd:39:1b:43:0c:08:49:01:07:02:b5:3f:0c:9a:80:
6d:9e:49:fa:05:e8:5e:0c:0d:a9:04:51:e7:bf:14:
c5:99:2a:55:18:72:07:17:39:42:35:69:0a:76:2d:
a5:13:aa:fa:4a:76:8e:67:04:67:11:16:b1:24:6e:
e5:7b:cf:62:8c:15:94:5a:79:6a:8e:a9:b0:1c:ba:
68:82:4a:9b:05:27:40:fe:53:c5:0e:72:02:e4:57:
4e:a8:dd:92:f0:03:42:c1:a6:8a:68:59:9d:f2:62:
34:de:98:e0:22:05:8c:3f:12:8f:cf:09:75:99:fc:
c1:6f:a2:dc:15:56:3e:c4:10:73:5f:cd:d8:7d:2f:
be:37:8d:c7:24:51:6d:ea:1d:5d:62:09:b0:ca:17:
0f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C8:64:8F:0F:55:DF:BC:2C:45:D2:87:6E:CE:E4:4B:A8:BF:50:1D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ashkjw9V37wsRdKHbs7kS6i_UB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d12::/48
2a0e:b107:28a8::/47
Signature Algorithm: sha256WithRSAEncryption
27:61:b0:6d:2f:03:77:97:0d:49:92:6e:99:33:f7:c0:f4:6a:
18:1b:82:60:02:1e:d6:8a:a6:c8:12:3d:12:a5:e5:12:34:28:
ec:bb:75:79:97:d5:0c:a8:10:d3:9c:c5:c3:c8:b9:cc:ef:08:
e3:52:85:e2:28:6c:10:df:50:7a:62:40:4b:5d:66:b5:1c:30:
82:29:08:66:c7:a1:2c:93:70:39:aa:36:2b:4b:c1:d5:fa:07:
93:94:45:6b:6d:12:e1:65:c7:23:d5:75:02:2a:69:e9:f3:3d:
1c:53:e1:55:11:26:b8:d0:f7:64:ed:34:00:50:22:c7:c4:71:
45:d7:0d:14:25:92:ad:5f:b0:b2:24:57:3a:0c:cf:24:ec:83:
b1:9e:70:3f:2f:cc:d4:72:8c:df:bd:ec:bf:1a:ea:e0:de:78:
48:c1:e0:27:93:83:98:c8:79:5a:9b:9a:5b:f7:49:7d:0c:ee:
d7:a4:57:54:71:28:6e:86:04:fc:c6:82:00:8b:2f:63:8d:ac:
c7:42:81:91:e4:60:89:70:ea:77:3b:40:05:aa:44:cb:ec:88:
c0:de:19:d5:78:bc:d0:1d:50:9a:3e:f2:63:af:3c:de:64:41:
94:aa:aa:61:4d:69:7a:0a:a1:a3:a4:ad:a7:fa:9d:8b:42:b4:
07:9e:96:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvOjj589wrtZSKjP2Yqc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmM4NjQ4ZjBmNTVkZmJjMmM0NWQyODc2ZWNlZTQ0YmE4YmY1MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq4r91dxRnCr4ANWwpLG1DBvlHhr
+lYIiP1igfnOduG00bbBDfcj3J33EhB6VnBQYojTvFnIkbhQRz4lVwGIFNABwSnP
FF5taj02HtXbP7GvoE210gXhYyxHAsD8yvJvcZGAnzhu/km9ORtDDAhJAQcCtT8M
moBtnkn6BeheDA2pBFHnvxTFmSpVGHIHFzlCNWkKdi2lE6r6SnaOZwRnERaxJG7l
e89ijBWUWnlqjqmwHLpogkqbBSdA/lPFDnIC5FdOqN2S8ANCwaaKaFmd8mI03pjg
IgWMPxKPzwl1mfzBb6LcFVY+xBBzX83YfS++N43HJFFt6h1dYgmwyhcPhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFALIZI8PVd+8LEXSh27O5Euov1AdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQXNoa2p3OVYzN3dzUmRLSGJzN2tTNmlfVUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBx0S
AwcBKg6xByioMA0GCSqGSIb3DQEBCwUAA4IBAQAnYbBtLwN3lw1Jkm6ZM/fA9GoY
G4JgAh7WiqbIEj0SpeUSNCjsu3V5l9UMqBDTnMXDyLnM7wjjUoXiKGwQ31B6YkBL
XWa1HDCCKQhmx6Esk3A5qjYrS8HV+geTlEVrbRLhZccj1XUCKmnp8z0cU+FVESa4
0Pdk7TQAUCLHxHFF1w0UJZKtX7CyJFc6DM8k7IOxnnA/L8zUcozfvey/Gurg3nhI
weAnk4OYyHlam5pb90l9DO7XpFdUcShuhgT8xoIAiy9jjazHQoGR5GCJcOp3O0AF
qkTL7IjA3hnVeLzQHVCaPvJjrzzeZEGUqqphTWl6CqGjpK2n+p2LQrQHnpZJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org