Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CvpG3JK6b6SuBtoN0FcsCMZuckA.roa
File: CvpG3JK6b6SuBtoN0FcsCMZuckA.roa (raw, json)
Hash identifier: h1kNfsFstlespZCdusVubmW4O9KZBoestF3afp/4z4s=
Subject key identifier: 0A:FA:46:DC:92:BA:6F:A4:AE:06:DA:0D:D0:57:2C:08:C6:6E:72:40
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187F775CE46236AE73A0D1505707CA3A1CB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CvpG3JK6b6SuBtoN0FcsCMZuckA.roa
Signing time: Sun 07 May 2023 18:25:05 +0000
ROA not before: Sun 07 May 2023 18:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213105
IP address blocks: 2a0e:b107:a60::/44 maxlen: 48
2a0e:b107:10f0::/44 maxlen: 48
2a10:2f00:138::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f7:75:ce:46:23:6a:e7:3a:0d:15:05:70:7c:a3:a1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 7 18:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0afa46dc92ba6fa4ae06da0dd0572c08c66e7240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:07:52:c8:28:fb:4f:b7:25:0e:b6:8b:c4:b4:
b5:e2:c3:28:32:8f:37:ac:5e:12:c3:f7:19:42:aa:
81:e7:19:38:c0:cc:fd:1b:d1:b2:b2:89:82:e8:24:
f8:57:61:07:91:29:07:f4:e1:fc:5f:db:d7:c4:67:
92:2f:99:7b:ff:f9:f1:c6:4b:91:08:ba:e3:41:81:
ad:f2:2e:f3:fa:54:7a:8d:9f:01:0f:cd:57:73:bb:
b1:91:d6:64:5c:ef:9e:c8:95:8d:e8:d7:2b:c2:c3:
cf:56:d7:8f:1b:10:39:95:15:37:cd:6b:7e:f1:93:
90:10:2d:9b:39:14:1b:5b:80:d6:37:46:40:c2:9d:
83:06:ec:42:c8:8b:ef:d5:13:4f:5a:5b:d8:d6:da:
24:f6:89:68:bc:5e:c1:16:6c:9e:80:8e:59:80:68:
f3:16:e5:2b:07:eb:ba:84:82:23:70:56:1d:5a:b7:
0f:d4:d4:51:47:ac:71:d6:06:79:af:56:45:88:84:
40:ad:a9:e6:29:4c:a7:bf:f1:ac:2d:7e:26:34:70:
54:86:4c:fd:7f:d9:b9:54:d6:8f:cf:35:75:d8:45:
0c:79:62:4f:78:15:61:a8:46:6d:05:92:9d:a4:cb:
82:c5:50:46:c8:d8:ad:e3:93:30:d7:17:53:c3:00:
b6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FA:46:DC:92:BA:6F:A4:AE:06:DA:0D:D0:57:2C:08:C6:6E:72:40
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CvpG3JK6b6SuBtoN0FcsCMZuckA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:a60::/44
2a0e:b107:10f0::/44
2a10:2f00:138::/48
Signature Algorithm: sha256WithRSAEncryption
c8:e7:e3:78:ea:2d:f4:37:06:56:af:a6:95:a1:bb:48:32:64:
a0:f4:a1:b0:be:9d:73:5b:5d:48:2e:9b:bb:f4:81:75:81:92:
32:61:ec:98:40:46:97:d0:a2:27:8b:fb:a4:15:78:9d:c3:ab:
53:d5:7d:80:b9:52:6d:89:ce:0e:c0:af:00:98:b4:3e:c5:5d:
cb:c9:8e:a4:e1:91:9f:e2:bb:8c:f3:84:b1:b3:ef:45:e3:bd:
19:26:08:7a:69:4c:53:5c:1a:5f:a6:b1:82:a7:ed:c3:df:8e:
02:49:b2:1c:cf:24:fa:9b:d2:62:aa:cc:87:b0:71:fa:d3:1c:
dd:86:0a:4a:7e:73:bc:8c:29:73:b3:d9:29:6a:df:da:d5:4f:
36:be:c1:40:e6:ca:f3:70:f1:64:53:71:4c:1a:86:08:e8:44:
30:99:23:12:39:e9:3a:16:7d:bd:f7:5b:ce:9e:cf:24:bb:a9:
0d:40:ff:3a:63:d4:6f:e2:0d:0a:02:ba:0e:e0:e1:6f:2f:2f:
ce:aa:87:a7:36:5d:b7:69:55:ea:48:f4:57:fb:66:73:87:b1:
c1:1b:cf:a6:35:d9:3c:cf:47:c3:e1:0e:28:56:fc:e9:1b:0d:
b0:f4:ec:a8:8f:b5:93:02:3f:d0:b1:c7:81:19:77:38:15:7b:
27:84:02:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYf3dc5GI2rnOg0VBXB8o6HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA3MTgyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZhNDZkYzkyYmE2ZmE0YWUwNmRhMGRkMDU3MmMwOGM2NmU3MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gdSyCj7T7clDraLxLS14sMoMo83
rF4Sw/cZQqqB5xk4wMz9G9GysomC6CT4V2EHkSkH9OH8X9vXxGeSL5l7//nxxkuR
CLrjQYGt8i7z+lR6jZ8BD81Xc7uxkdZkXO+eyJWN6NcrwsPPVtePGxA5lRU3zWt+
8ZOQEC2bORQbW4DWN0ZAwp2DBuxCyIvv1RNPWlvY1tok9olovF7BFmyegI5ZgGjz
FuUrB+u6hIIjcFYdWrcP1NRRR6xx1gZ5r1ZFiIRAranmKUynv/GsLX4mNHBUhkz9
f9m5VNaPzzV12EUMeWJPeBVhqEZtBZKdpMuCxVBGyNit45Mw1xdTwwC2aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAr6RtySum+krgbaDdBXLAjGbnJAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ3ZwRzNKSzZiNlN1QnRvTjBGY3NDTVp1Y2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBwpg
AwcEKg6xBxDwAwcAKhAvAAE4MA0GCSqGSIb3DQEBCwUAA4IBAQDI5+N46i30NwZW
r6aVobtIMmSg9KGwvp1zW11ILpu79IF1gZIyYeyYQEaX0KIni/ukFXidw6tT1X2A
uVJtic4OwK8AmLQ+xV3LyY6k4ZGf4ruM84Sxs+9F470ZJgh6aUxTXBpfprGCp+3D
344CSbIczyT6m9JiqsyHsHH60xzdhgpKfnO8jClzs9kpat/a1U82vsFA5srzcPFk
U3FMGoYI6EQwmSMSOek6Fn2991vOns8ku6kNQP86Y9Rv4g0KAroO4OFvLy/Oqoen
Nl23aVXqSPRX+2Zzh7HBG8+mNdk8z0fD4Q4oVvzpGw2w9Oyoj7WTAj/QsceBGXc4
FXsnhAJz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:57 2024 by rpki-client on console-ams.rpki-client.org