Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CUxFIubFjtCsha438VH-4CE5d0s.roa
File: CUxFIubFjtCsha438VH-4CE5d0s.roa (raw, json)
Hash identifier: 35KLFQ2g8VosNlBiCPV/VzvqA5kpwzccvJFv28Lipw0=
Subject key identifier: 09:4C:45:22:E6:C5:8E:D0:AC:85:AE:37:F1:51:FE:E0:21:39:77:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7B8EC0CDF11787B8869EA45FC0EE9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CUxFIubFjtCsha438VH-4CE5d0s.roa
Signing time: Mon 02 Jan 2023 05:15:12 +0000
ROA not before: Mon 02 Jan 2023 05:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204307
IP address blocks: 2a0e:b107:ac0::/48 maxlen: 48
2a0e:b107:ac2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:b8:ec:0c:df:11:78:7b:88:69:ea:45:fc:0e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=094c4522e6c58ed0ac85ae37f151fee02139774b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:5e:99:44:24:05:e4:1b:b0:d9:00:3e:04:
3f:ac:79:7e:84:c0:c7:c3:d3:78:80:3d:fa:4e:f9:
89:37:06:99:9b:29:cf:d6:d2:98:57:78:c8:63:5c:
37:60:9f:cb:88:99:0b:96:47:f3:21:a9:d9:c1:99:
de:14:3d:df:55:a9:ca:e6:c0:33:49:fd:87:47:58:
36:91:9c:68:f2:08:9c:20:84:0f:b9:91:96:48:fd:
79:cd:42:97:af:e8:59:bc:86:2b:5c:97:05:02:3a:
f1:d5:35:38:e6:b7:c3:44:4c:23:7e:4a:d7:58:30:
fd:7a:78:09:09:47:a1:8a:72:ef:17:ac:e2:fd:b7:
26:95:b1:97:9a:47:73:4f:ae:6d:45:06:29:fb:f7:
2a:f8:18:f9:17:b7:d9:f0:21:aa:9f:8a:65:72:c5:
eb:b6:ee:b9:95:99:cf:43:6a:1c:75:17:0f:52:fb:
70:56:0c:ef:a8:1b:ae:c1:29:2c:52:b7:2f:c1:d6:
4e:48:5e:2d:b2:14:28:f4:9f:08:29:74:41:41:46:
a1:e4:2c:56:c1:4f:fe:b1:dd:7a:27:d2:36:9d:f9:
be:b3:21:31:a8:48:f6:fb:fb:ce:ec:b9:ed:90:eb:
f8:61:f8:16:64:0f:bf:d6:1b:78:85:80:86:ce:86:
e7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4C:45:22:E6:C5:8E:D0:AC:85:AE:37:F1:51:FE:E0:21:39:77:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CUxFIubFjtCsha438VH-4CE5d0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ac0::/48
2a0e:b107:ac2::/48
Signature Algorithm: sha256WithRSAEncryption
91:f1:30:b0:9b:a4:ff:2d:c5:bd:28:d6:c2:9a:ed:a7:9b:ce:
3a:4d:dc:72:a7:a4:70:1d:56:0c:29:7f:25:e1:00:ca:f3:91:
36:e5:5b:45:35:4c:92:09:1f:b2:d9:ed:76:45:b0:2a:78:9f:
4f:5b:52:60:97:57:74:2c:b4:f8:3c:7b:84:48:ce:22:3b:51:
2a:81:71:dc:1d:86:1c:1d:dd:fc:e3:e5:04:3c:b3:ec:28:7e:
70:1d:a0:4b:f6:50:72:3f:e3:65:8c:9c:3e:fe:3a:d2:3a:28:
7d:a2:ee:d0:4b:64:a0:bf:ab:14:f9:17:b6:d2:80:d0:05:2b:
ea:5c:2c:7b:42:7a:bf:60:37:47:92:68:99:20:46:d6:7c:40:
5f:45:77:a0:c8:da:87:4d:59:25:2a:3b:f0:e1:15:11:58:76:
9a:84:6d:ad:78:20:3d:45:e6:ee:cd:50:33:ed:c5:73:6c:93:
6d:95:b5:2d:56:44:af:d3:0b:71:d3:0d:30:d0:a9:f4:c3:68:
48:35:04:65:b3:2a:7f:c0:cf:83:9c:80:ed:80:58:d8:54:d8:
0a:3f:9e:35:b8:fd:27:45:0a:f3:06:6b:c6:fa:1f:65:13:a1:
f2:d7:eb:b1:73:ec:3e:b9:85:65:fd:a2:8a:62:8a:a1:7b:57:
b2:ca:48:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw57jsDN8ReHuIaepF/A7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTRjNDUyMmU2YzU4ZWQwYWM4NWFlMzdmMTUxZmVlMDIxMzk3NzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx09emUQkBeQbsNkAPgQ/rHl+hMDH
w9N4gD36TvmJNwaZmynP1tKYV3jIY1w3YJ/LiJkLlkfzIanZwZneFD3fVanK5sAz
Sf2HR1g2kZxo8gicIIQPuZGWSP15zUKXr+hZvIYrXJcFAjrx1TU45rfDREwjfkrX
WDD9engJCUehinLvF6zi/bcmlbGXmkdzT65tRQYp+/cq+Bj5F7fZ8CGqn4plcsXr
tu65lZnPQ2ocdRcPUvtwVgzvqBuuwSksUrcvwdZOSF4tshQo9J8IKXRBQUah5CxW
wU/+sd16J9I2nfm+syExqEj2+/vO7LntkOv4YfgWZA+/1ht4hYCGzobnFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAlMRSLmxY7QrIWuN/FR/uAhOXdLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1V4Rkl1YkZqdENzaGE0MzhWSC00Q0U1ZDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwrA
AwcAKg6xBwrCMA0GCSqGSIb3DQEBCwUAA4IBAQCR8TCwm6T/LcW9KNbCmu2nm846
Tdxyp6RwHVYMKX8l4QDK85E25VtFNUySCR+y2e12RbAqeJ9PW1Jgl1d0LLT4PHuE
SM4iO1EqgXHcHYYcHd384+UEPLPsKH5wHaBL9lByP+NljJw+/jrSOih9ou7QS2Sg
v6sU+Re20oDQBSvqXCx7Qnq/YDdHkmiZIEbWfEBfRXegyNqHTVklKjvw4RURWHaa
hG2teCA9RebuzVAz7cVzbJNtlbUtVkSv0wtx0w0w0Kn0w2hINQRlsyp/wM+DnIDt
gFjYVNgKP541uP0nRQrzBmvG+h9lE6Hy1+uxc+w+uYVl/aKKYoqhe1eyykiT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org