Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BaT3nGZqhRipGWAC5rZvibQUB3k.roa
File: BaT3nGZqhRipGWAC5rZvibQUB3k.roa (raw, json)
Hash identifier: Awvo3JpbK5jy/f548UgDFtwljjNVQO01eG2ElPnvkXQ=
Subject key identifier: 05:A4:F7:9C:66:6A:85:18:A9:19:60:02:E6:B6:6F:89:B4:14:07:79
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191C838112C7149DF8CF8D7CFB70254A052
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BaT3nGZqhRipGWAC5rZvibQUB3k.roa
Signing time: Fri 06 Sep 2024 16:43:23 +0000
ROA not before: Fri 06 Sep 2024 16:43:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc3:3330::/44 maxlen: 48
2a10:ccc6:6660::/44 maxlen: 48
2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:6662::/48 maxlen: 48
2a10:ccc6:6666::/48 maxlen: 48
2a10:ccc6:666d::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 16:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:38:11:2c:71:49:df:8c:f8:d7:cf:b7:02:54:a0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 6 16:43:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a4f79c666a8518a9196002e6b66f89b4140779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2d:26:6a:3b:9a:a3:ff:22:dd:83:09:ba:40:
c1:24:26:bf:c2:1f:09:d8:e5:86:fc:8b:14:40:37:
95:d4:ff:0d:a1:25:96:d1:01:3d:56:59:b4:6f:09:
fc:d8:e5:d6:f6:97:c8:2e:8d:9a:b2:ed:d7:64:e5:
2e:a9:43:79:62:ae:ee:29:b2:9b:bf:31:ca:4a:63:
dc:84:7d:e1:84:87:1f:5b:bc:7d:d0:00:87:7a:b2:
40:7c:4b:9c:c2:f9:b8:15:55:ba:bc:11:11:eb:24:
a1:64:58:fd:65:04:39:53:18:bb:75:77:02:fe:85:
25:5e:89:f7:ae:96:2c:65:99:8b:56:44:57:0e:69:
a9:cc:2e:b1:8e:1f:30:b6:b0:6c:b2:3a:fe:50:55:
08:18:16:31:5f:90:7b:88:1c:bb:59:1f:eb:97:03:
ea:1f:af:cb:e9:73:4c:d4:a0:f0:02:d6:0d:ae:36:
d8:26:1b:98:d2:8c:37:08:d6:e6:65:00:d1:99:77:
36:89:19:6a:2c:9d:b8:e3:c8:e6:1e:46:d0:65:66:
c8:ea:20:8f:2a:4f:69:f0:0d:9c:73:c3:f6:82:1c:
11:f7:37:7f:98:4c:ee:4c:53:39:ac:76:6a:94:a8:
19:82:a0:29:ea:7c:c3:d9:55:74:73:c2:9f:c9:83:
22:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A4:F7:9C:66:6A:85:18:A9:19:60:02:E6:B6:6F:89:B4:14:07:79
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BaT3nGZqhRipGWAC5rZvibQUB3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:3330::/44
2a10:ccc6:6660::/44
Signature Algorithm: sha256WithRSAEncryption
b5:3d:a2:ad:1e:5d:47:af:7f:ac:bd:b6:8f:68:2e:6a:e5:0c:
f2:a4:73:49:cd:4c:27:cc:35:e7:df:c4:d7:a3:8c:74:c9:9c:
86:38:af:0c:a0:8a:91:62:e2:42:0b:a5:db:f8:17:01:3b:56:
09:d6:95:44:fb:d0:7f:8a:fa:52:2c:f8:2c:28:22:13:ef:5f:
54:1d:eb:90:40:ff:90:9d:07:ec:fc:9c:9b:32:a7:47:65:a0:
03:9a:43:d1:78:a8:2d:21:3a:0f:27:a3:6b:38:a5:e5:3d:d2:
0f:1f:21:25:34:cf:90:f3:1b:8a:d7:63:6e:e1:6e:c4:a7:46:
51:73:a4:be:ee:d9:f9:9a:e8:cd:b6:9b:1e:3d:41:d0:05:63:
9f:7e:3f:10:13:1c:df:79:af:1e:a7:2b:75:e6:4d:11:bc:9e:
1c:91:36:59:8e:78:8f:c2:22:f5:35:39:a3:17:2f:06:39:8d:
77:76:d7:4e:20:ac:7d:15:eb:b7:e9:a0:db:5a:b2:ca:af:6c:
23:04:9b:eb:97:15:aa:71:9f:05:00:63:d2:ad:9a:de:c1:09:
2d:d5:ca:dd:07:aa:1f:61:f0:a3:41:3e:20:8b:fe:93:ee:c1:
0e:9a:54:82:71:7b:e1:2c:c4:5a:fd:5d:53:4c:57:3f:d3:46:
50:f4:6d:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHIOBEscUnfjPjXz7cCVKBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTA2MTY0MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE0Zjc5YzY2NmE4NTE4YTkxOTYwMDJlNmI2NmY4OWI0MTQwNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy0majuao/8i3YMJukDBJCa/wh8J
2OWG/IsUQDeV1P8NoSWW0QE9Vlm0bwn82OXW9pfILo2asu3XZOUuqUN5Yq7uKbKb
vzHKSmPchH3hhIcfW7x90ACHerJAfEucwvm4FVW6vBER6yShZFj9ZQQ5Uxi7dXcC
/oUlXon3rpYsZZmLVkRXDmmpzC6xjh8wtrBssjr+UFUIGBYxX5B7iBy7WR/rlwPq
H6/L6XNM1KDwAtYNrjbYJhuY0ow3CNbmZQDRmXc2iRlqLJ2448jmHkbQZWbI6iCP
Kk9p8A2cc8P2ghwR9zd/mEzuTFM5rHZqlKgZgqAp6nzD2VV0c8KfyYMixwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWk95xmaoUYqRlgAua2b4m0FAd5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQmFUM25HWnFoUmlwR1dBQzVyWnZpYlFVQjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhDMwzMw
AwcEKhDMxmZgMA0GCSqGSIb3DQEBCwUAA4IBAQC1PaKtHl1Hr3+svbaPaC5q5Qzy
pHNJzUwnzDXn38TXo4x0yZyGOK8MoIqRYuJCC6Xb+BcBO1YJ1pVE+9B/ivpSLPgs
KCIT719UHeuQQP+QnQfs/JybMqdHZaADmkPReKgtIToPJ6NrOKXlPdIPHyElNM+Q
8xuK12Nu4W7Ep0ZRc6S+7tn5mujNtpsePUHQBWOffj8QExzfea8epyt15k0RvJ4c
kTZZjniPwiL1NTmjFy8GOY13dtdOIKx9Feu36aDbWrLKr2wjBJvrlxWqcZ8FAGPS
rZrewQkt1crdB6ofYfCjQT4gi/6T7sEOmlSCcXvhLMRa/V1TTFc/00ZQ9G2a
-----END CERTIFICATE-----
Generated at Wed Sep 25 19:03:23 2024 by rpki-client on console-fra.rpki-client.org