Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpFPKX-PllGcJEjJVOjHsI6OStY.roa
File: CpFPKX-PllGcJEjJVOjHsI6OStY.roa (raw, json)
Hash identifier: neGdTMffTW9dM/HP19mEpGovM1J+8V177dhxsXDt3is=
Subject key identifier: 0A:91:4F:29:7F:8F:96:51:9C:24:48:C9:54:E8:C7:B0:8E:8E:4A:D6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01900FED1BCFCFE55D599DC6DB5C1BE96280
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpFPKX-PllGcJEjJVOjHsI6OStY.roa
Signing time: Thu 13 Jun 2024 04:48:35 +0000
ROA not before: Thu 13 Jun 2024 04:48:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:97c0:1000::/38 maxlen: 48
2a0e:97c0:1000::/48 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/38 maxlen: 48
2a10:ccc0:800::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 05:56:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0f:ed:1b:cf:cf:e5:5d:59:9d:c6:db:5c:1b:e9:62:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 13 04:48:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a914f297f8f96519c2448c954e8c7b08e8e4ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:95:1d:34:e1:7d:d5:d5:ef:aa:eb:08:a4:
fa:26:ad:d4:25:27:c3:11:fd:3c:d5:40:2c:7f:dc:
e5:ca:fe:d5:49:8e:47:0c:e1:0d:c5:e6:75:09:db:
0e:bf:85:00:97:56:a6:e0:0c:56:e4:8b:75:f2:b4:
ad:26:31:a1:d6:27:54:b1:f2:cb:27:e1:40:86:1b:
62:72:85:29:1c:ff:bf:c4:23:e0:c5:4a:4a:12:08:
0a:b0:89:d2:bd:61:28:6a:3a:2b:5d:1f:84:7f:7a:
92:58:03:25:3b:4b:28:27:70:de:38:f6:99:22:9e:
6c:22:9e:6a:a0:de:46:01:d5:f3:03:1f:04:e8:96:
6a:12:5b:34:24:14:af:66:c6:ad:0c:4a:a6:ba:6c:
3d:c0:62:6b:6b:3c:5c:b3:e1:01:a2:dc:2f:c2:1d:
56:17:1c:49:f2:d7:6a:ec:61:0e:cd:76:ed:64:5d:
c8:c5:69:0b:58:27:4c:cb:e7:16:a1:4a:e9:37:eb:
31:a9:ee:91:b8:da:01:fd:1f:e6:0a:bf:a4:9d:dd:
7c:eb:2a:0b:dc:1f:81:55:98:ee:54:46:b3:07:90:
f8:ee:a1:37:0a:f8:3a:eb:3e:1d:3b:24:7b:47:4c:
0c:dc:be:f3:6c:0c:d1:b4:7e:3d:0f:12:13:9d:ec:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:91:4F:29:7F:8F:96:51:9C:24:48:C9:54:E8:C7:B0:8E:8E:4A:D6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpFPKX-PllGcJEjJVOjHsI6OStY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1000::/38
2a10:2f00:187::/48
2a10:ccc0:800::/38
Signature Algorithm: sha256WithRSAEncryption
7c:4a:7d:29:d4:70:e3:26:dc:73:ca:e8:f7:9c:13:7f:e3:fa:
9a:92:c3:55:55:dd:e9:25:4f:38:c8:40:b5:d0:a1:8c:f3:d3:
84:52:b0:09:0a:0f:00:f6:44:e7:a4:02:82:3c:c5:86:b4:d2:
21:38:f8:1e:ba:f2:76:17:ad:54:bd:2d:e7:75:73:07:13:72:
12:d7:ea:51:9b:f3:ca:73:bb:7a:ac:d5:49:9b:d1:0c:d8:e9:
4d:c1:cb:df:01:80:5e:6a:48:bd:ac:bc:40:d3:94:a6:59:6c:
a0:30:ec:0d:49:0d:6d:20:f4:1c:0a:5f:d3:6b:60:e2:15:29:
b9:60:17:e8:64:ac:2b:54:1d:13:9e:45:5f:cd:91:9b:e5:25:
31:52:b9:f0:14:24:5a:2c:d0:42:2d:fa:87:10:14:a5:4d:d6:
f0:51:14:65:89:80:b7:29:42:be:ce:04:95:8a:a0:1a:72:19:
51:9a:86:c8:80:2a:74:ce:e7:91:7c:55:fa:82:d4:a8:d4:f3:
e4:26:f7:e7:e0:7a:92:d6:00:c3:19:7a:6f:c0:7e:2a:7c:4b:
29:fb:04:6e:b3:7d:cc:17:d6:a8:c8:3f:39:b2:02:82:47:b0:
32:48:32:88:e1:15:95:ea:23:3d:99:ce:b2:9f:a3:cb:85:8b:
1a:e5:0d:b2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZAP7RvPz+VdWZ3G21wb6WKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjEzMDQ0ODM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkxNGYyOTdmOGY5NjUxOWMyNDQ4Yzk1NGU4YzdiMDhlOGU0YWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSyVHTThfdXV76rrCKT6Jq3UJSfD
Ef081UAsf9zlyv7VSY5HDOENxeZ1CdsOv4UAl1am4AxW5It18rStJjGh1idUsfLL
J+FAhhticoUpHP+/xCPgxUpKEggKsInSvWEoajorXR+Ef3qSWAMlO0soJ3DeOPaZ
Ip5sIp5qoN5GAdXzAx8E6JZqEls0JBSvZsatDEqmumw9wGJrazxcs+EBotwvwh1W
FxxJ8tdq7GEOzXbtZF3IxWkLWCdMy+cWoUrpN+sxqe6RuNoB/R/mCr+knd186yoL
3B+BVZjuVEazB5D47qE3Cvg66z4dOyR7R0wM3L7zbAzRtH49DxITnexHmwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFAqRTyl/j5ZRnCRIyVTox7COjkrWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ3BGUEtYLVBsbEdjSkVqSlZPakhzSTZPU3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYCKg6XwBAD
BwAqEC8AAYcDBgIqEMzACDANBgkqhkiG9w0BAQsFAAOCAQEAfEp9KdRw4ybcc8ro
95wTf+P6mpLDVVXd6SVPOMhAtdChjPPThFKwCQoPAPZE56QCgjzFhrTSITj4Hrry
dhetVL0t53VzBxNyEtfqUZvzynO7eqzVSZvRDNjpTcHL3wGAXmpIvay8QNOUplls
oDDsDUkNbSD0HApf02tg4hUpuWAX6GSsK1QdE55FX82Rm+UlMVK58BQkWizQQi36
hxAUpU3W8FEUZYmAtylCvs4ElYqgGnIZUZqGyIAqdM7nkXxV+oLUqNTz5Cb35+B6
ktYAwxl6b8B+KnxLKfsEbrN9zBfWqMg/ObICgkewMkgyiOEVleojPZnOsp+jy4WL
GuUNsg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:54:33 2024 by rpki-client on console-ams.rpki-client.org