Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D99sXNfdhGd2DP2FNugbAonDGqU.roa
File: D99sXNfdhGd2DP2FNugbAonDGqU.roa (raw, json)
Hash identifier: sH9xR7fs/DVsbcwt8nP4WkolldFL0cqaaJw3cNejsrU=
Subject key identifier: 0F:DF:6C:5C:D7:DD:84:67:76:0C:FD:85:36:E8:1B:02:89:C3:1A:A5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187D42DC5C2ECF37A95A0960552C225C3E0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D99sXNfdhGd2DP2FNugbAonDGqU.roa
Signing time: Sun 30 Apr 2023 21:59:42 +0000
ROA not before: Sun 30 Apr 2023 21:59:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b70::/44 maxlen: 48
2a0e:97c0:b78::/48 maxlen: 48
2a0e:97c0:b77::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Dec 2023 09:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d4:2d:c5:c2:ec:f3:7a:95:a0:96:05:52:c2:25:c3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 30 21:59:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fdf6c5cd7dd8467760cfd8536e81b0289c31aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d7:9f:c5:a2:e1:cb:4c:fe:05:1c:a9:d5:8b:
73:92:6d:b5:ad:b9:06:98:6d:48:8c:40:ae:da:2a:
cf:e1:0d:73:6c:5d:a7:a8:b1:19:1a:26:8c:d2:55:
f2:d5:dc:9a:ed:ab:40:67:b4:e9:e6:a7:0c:87:1a:
a7:3a:18:46:40:e7:46:e5:9d:65:d5:4e:02:15:b4:
6d:86:7b:4a:ce:0d:f6:49:64:8d:7d:ae:2a:d8:38:
8b:4f:2f:17:79:25:15:b0:7e:6f:4d:66:d4:06:2f:
00:14:1e:54:8f:b6:25:21:82:6b:ae:35:d4:d7:1a:
14:ff:1a:d2:47:b4:62:30:c9:54:a1:cf:b2:5f:ea:
b2:87:97:97:67:b1:08:db:b4:a3:f9:81:4d:89:31:
4c:7b:7a:77:84:09:c1:61:59:e7:39:a9:03:34:54:
6b:e1:c4:e0:75:ed:90:66:cc:0d:9d:ea:88:16:93:
3c:08:5f:59:96:4d:85:68:f8:2c:71:d2:d3:05:bf:
74:e2:41:0b:e2:75:ee:a8:cd:bc:db:fd:8f:cb:45:
c3:8e:67:68:16:cc:b3:ba:d5:21:ab:65:00:55:ba:
c7:75:18:96:16:46:eb:cb:08:39:43:23:16:60:63:
1e:db:46:fa:de:ed:c5:af:74:53:b4:c1:25:7b:d2:
5e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DF:6C:5C:D7:DD:84:67:76:0C:FD:85:36:E8:1B:02:89:C3:1A:A5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D99sXNfdhGd2DP2FNugbAonDGqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/44
Signature Algorithm: sha256WithRSAEncryption
ab:fe:a6:d0:d2:53:9e:1d:74:33:31:16:8b:09:7e:46:79:cc:
3f:4b:78:2b:98:12:f9:6c:ab:6d:63:bc:7e:6a:ed:a1:39:07:
74:8f:0b:01:da:70:e6:38:3d:c9:f0:90:3e:61:05:5c:c7:77:
7b:0c:c8:91:5c:60:f3:cf:13:a1:fa:31:aa:a6:79:62:f1:a4:
30:7d:c3:19:66:3b:60:68:60:3c:50:e0:91:14:a8:2f:0e:2d:
eb:87:a2:fe:31:e0:f1:5f:79:d3:b2:8b:c9:8d:2d:ea:52:5f:
03:bb:23:27:90:23:35:6c:23:18:c3:84:e1:88:60:23:09:bd:
91:87:7b:87:12:7d:1f:69:de:ba:df:ea:51:c5:56:f5:69:c3:
b7:ab:c4:a6:84:93:19:8c:ff:af:e8:e7:aa:69:f2:6e:a2:74:
93:f7:fc:16:fa:10:f2:fa:79:60:33:d9:6b:86:bf:30:61:e5:
25:d6:d3:90:ad:5e:31:a6:30:e4:e0:42:72:5a:8d:b5:96:28:
bd:e7:a9:02:54:b7:b8:c0:c2:2e:9a:aa:3b:f0:08:40:4f:03:
19:a8:db:aa:be:e3:ce:94:70:67:5b:3c:b9:22:1d:e2:bf:ac:
08:17:96:63:b1:de:54:0d:26:da:aa:81:b4:1a:fe:20:e6:c9:
17:a1:d4:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfULcXC7PN6laCWBVLCJcPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDMwMjE1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmRmNmM1Y2Q3ZGQ4NDY3NzYwY2ZkODUzNmU4MWIwMjg5YzMxYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNefxaLhy0z+BRyp1Ytzkm21rbkG
mG1IjECu2irP4Q1zbF2nqLEZGiaM0lXy1dya7atAZ7Tp5qcMhxqnOhhGQOdG5Z1l
1U4CFbRthntKzg32SWSNfa4q2DiLTy8XeSUVsH5vTWbUBi8AFB5Uj7YlIYJrrjXU
1xoU/xrSR7RiMMlUoc+yX+qyh5eXZ7EI27Sj+YFNiTFMe3p3hAnBYVnnOakDNFRr
4cTgde2QZswNneqIFpM8CF9Zlk2FaPgscdLTBb904kEL4nXuqM282/2Py0XDjmdo
FsyzutUhq2UAVbrHdRiWFkbrywg5QyMWYGMe20b63u3Fr3RTtMEle9JeSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA/fbFzX3YRndgz9hTboGwKJwxqlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRDk5c1hOZmRoR2QyRFAyRk51Z2JBb25ER3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtw
MA0GCSqGSIb3DQEBCwUAA4IBAQCr/qbQ0lOeHXQzMRaLCX5Gecw/S3grmBL5bKtt
Y7x+au2hOQd0jwsB2nDmOD3J8JA+YQVcx3d7DMiRXGDzzxOh+jGqpnli8aQwfcMZ
ZjtgaGA8UOCRFKgvDi3rh6L+MeDxX3nTsovJjS3qUl8DuyMnkCM1bCMYw4ThiGAj
Cb2Rh3uHEn0fad663+pRxVb1acO3q8SmhJMZjP+v6OeqafJuonST9/wW+hDy+nlg
M9lrhr8wYeUl1tOQrV4xpjDk4EJyWo21lii956kCVLe4wMIumqo78AhATwMZqNuq
vuPOlHBnWzy5Ih3iv6wIF5Zjsd5UDSbaqoG0Gv4g5skXodR9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org