Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E9MJ1oYKo6Z0xIkpsjU75O6EBgA.roa
File: E9MJ1oYKo6Z0xIkpsjU75O6EBgA.roa (raw, json)
Hash identifier: ZTnRTtzobyas1Ktxdn7Ixn4g68BRyrenX5d+P0jxAdA=
Subject key identifier: 13:D3:09:D6:86:0A:A3:A6:74:C4:89:29:B2:35:3B:E4:EE:84:06:00
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194003B63299D6E806174D61312D87A9453
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E9MJ1oYKo6Z0xIkpsjU75O6EBgA.roa
Signing time: Wed 25 Dec 2024 23:51:19 +0000
ROA not before: Wed 25 Dec 2024 23:51:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212793
IP address blocks: 2a0e:b107:1fd1::/48 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a10:2f01:2d0::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:00:3b:63:29:9d:6e:80:61:74:d6:13:12:d8:7a:94:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 25 23:51:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13d309d6860aa3a674c48929b2353be4ee840600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:3a:2f:b2:e2:7b:8b:ab:f5:f7:b1:95:de:
2f:ae:0e:07:81:c9:8a:e8:d1:9d:6f:6a:2a:f6:44:
b2:f3:ab:de:94:74:2b:cc:c4:ac:7f:51:be:29:ab:
4f:16:b4:33:77:8b:69:ea:da:ef:ef:be:4b:7a:4e:
7f:92:00:d2:cd:d7:72:14:f2:99:7c:27:55:c0:a1:
1e:20:0f:86:36:2d:b2:65:19:3e:62:e7:2e:eb:d0:
c0:99:84:e8:0a:e4:0c:d6:11:b9:1c:bc:26:e6:91:
7d:ae:8b:7b:94:f1:d9:47:ae:c1:43:6f:53:ad:cc:
4d:b7:75:7f:e6:18:f8:d3:c2:85:ec:9a:24:9c:ad:
0e:db:38:79:c1:3c:38:2e:41:48:83:7e:76:cf:21:
fa:6d:82:6b:39:35:17:82:40:6d:4d:ea:5e:56:d3:
37:88:ba:67:a8:88:f9:11:66:a3:67:a5:48:18:bf:
c1:f5:7a:dc:7b:99:ac:0c:a3:71:87:31:b7:fb:e3:
74:9a:d4:9c:59:81:d5:3c:8a:42:1f:4c:26:49:fa:
05:80:90:a1:20:e9:e3:35:a4:f7:59:ba:be:9d:ad:
34:a9:ec:50:2b:9a:09:4a:24:7e:a9:3f:c1:69:75:
a7:47:9d:16:db:1c:d6:e7:74:12:85:73:97:34:88:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D3:09:D6:86:0A:A3:A6:74:C4:89:29:B2:35:3B:E4:EE:84:06:00
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/E9MJ1oYKo6Z0xIkpsjU75O6EBgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1fd1::/48
2a10:2f00:147::/48
2a10:2f01:2d0::/44
Signature Algorithm: sha256WithRSAEncryption
76:0d:f5:05:a6:0a:25:fb:fa:27:6a:6f:ee:ea:26:d3:c4:a4:
31:c9:38:09:c1:8a:7b:c3:cf:8e:b9:de:6a:19:53:cf:c0:03:
01:69:7a:66:60:d7:7f:9a:65:d1:25:f0:d4:2e:b0:02:a8:1b:
cd:8f:92:7d:46:84:86:32:bd:c6:d4:45:25:16:57:2a:04:53:
45:c0:da:84:fc:d9:1c:51:e3:c8:39:b1:d9:13:27:8e:0c:cf:
b8:c3:7a:33:61:28:e2:66:d5:d9:b8:09:08:e3:5f:71:c8:f6:
82:94:f5:0c:91:1b:c7:46:8c:5e:58:4c:5b:68:41:d8:5c:d4:
2f:ea:48:87:cb:cc:be:8a:98:fe:f8:c5:0e:f6:2a:df:37:0b:
3e:19:34:78:ed:f0:fb:21:ef:b7:4c:76:2e:3d:bd:58:28:22:
86:35:a8:2f:60:a5:bd:70:a0:da:14:94:1f:88:a0:1f:26:49:
26:0e:84:3c:d8:81:44:e2:c5:81:e5:13:84:a9:a9:ee:9f:37:
9a:36:82:dc:3d:cb:cf:06:c8:19:3d:0d:34:40:c1:51:1d:cf:
35:a3:99:21:df:b9:6a:a8:97:82:e2:28:99:60:8f:c5:15:b7:
0a:99:27:ca:84:93:73:78:1f:7e:c2:9c:e2:e7:6d:64:2b:cb:
32:fb:3e:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQAO2MpnW6AYXTWExLYepRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMjI1MjM1MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QzMDlkNjg2MGFhM2E2NzRjNDg5MjliMjM1M2JlNGVlODQwNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPQ6L7Lie4ur9fexld4vrg4HgcmK
6NGdb2oq9kSy86velHQrzMSsf1G+KatPFrQzd4tp6trv775Lek5/kgDSzddyFPKZ
fCdVwKEeIA+GNi2yZRk+Yucu69DAmYToCuQM1hG5HLwm5pF9rot7lPHZR67BQ29T
rcxNt3V/5hj408KF7JoknK0O2zh5wTw4LkFIg352zyH6bYJrOTUXgkBtTepeVtM3
iLpnqIj5EWajZ6VIGL/B9Xrce5msDKNxhzG3++N0mtScWYHVPIpCH0wmSfoFgJCh
IOnjNaT3Wbq+na00qexQK5oJSiR+qT/BaXWnR50W2xzW53QShXOXNIiF8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBPTCdaGCqOmdMSJKbI1O+TuhAYAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRTlNSjFvWUtvNloweElrcHNqVTc1TzZFQmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xBx/R
AwcAKhAvAAFHAwcEKhAvAQLQMA0GCSqGSIb3DQEBCwUAA4IBAQB2DfUFpgol+/on
am/u6ibTxKQxyTgJwYp7w8+Oud5qGVPPwAMBaXpmYNd/mmXRJfDULrACqBvNj5J9
RoSGMr3G1EUlFlcqBFNFwNqE/NkcUePIObHZEyeODM+4w3ozYSjiZtXZuAkI419x
yPaClPUMkRvHRoxeWExbaEHYXNQv6kiHy8y+ipj++MUO9irfNws+GTR47fD7Ie+3
THYuPb1YKCKGNagvYKW9cKDaFJQfiKAfJkkmDoQ82IFE4sWB5ROEqanunzeaNoLc
PcvPBsgZPQ00QMFRHc81o5kh37lqqJeC4iiZYI/FFbcKmSfKhJNzeB9+wpzi521k
K8sy+z7a
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:56:49 2025 by rpki-client