Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FO8ygHcMbze5KhhiCdjhXG4YLhE.roa
File: FO8ygHcMbze5KhhiCdjhXG4YLhE.roa (raw, json)
Hash identifier: JbUfXx6RDEOgLcJ4EkX79/7joBXLyPBPCX5Sn+QSfyo=
Subject key identifier: 14:EF:32:80:77:0C:6F:37:B9:2A:18:62:09:D8:E1:5C:6E:18:2E:11
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AEB70C7C8CDED05125AA444F8BC2F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FO8ygHcMbze5KhhiCdjhXG4YLhE.roa
Signing time: Tue 24 Jan 2023 16:09:47 +0000
ROA not before: Tue 24 Jan 2023 16:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210537
IP address blocks: 2a10:cc46:105::/48 maxlen: 48
2a0e:97c0:600::/44 maxlen: 48
2a10:cc46:130::/44 maxlen: 48
2a0e:b107:17c0::/44 maxlen: 48
2a10:cc46:100::/48 maxlen: 48
2a10:cc46:102::/48 maxlen: 48
2a10:cc46:101::/48 maxlen: 48
2a10:cc46:104::/48 maxlen: 48
2a10:cc46:103::/48 maxlen: 48
2a10:cc46:106::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jul 2023 22:50:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:eb:70:c7:c8:cd:ed:05:12:5a:a4:44:f8:bc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14ef3280770c6f37b92a186209d8e15c6e182e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:60:48:dd:83:e6:28:40:cd:2b:c7:78:b9:
62:4a:91:b0:e1:27:bf:db:cf:51:c1:45:2b:d9:e9:
57:7f:91:08:e3:97:cc:d9:f7:64:1a:d0:f6:32:b6:
5f:f3:de:ea:7e:a6:51:b9:1d:7a:61:56:3a:77:fb:
36:ba:a5:d6:20:82:87:6f:2e:e5:66:66:f3:9c:cf:
fb:bc:c5:48:bf:21:c8:f4:e1:8e:8c:30:6e:df:b8:
53:08:bc:46:cd:dd:99:dc:0f:ff:32:28:07:b2:1a:
6b:ef:57:74:d2:b1:a8:3b:10:f8:74:a3:7d:b5:ae:
12:96:f5:e6:74:63:27:ff:dd:a2:8f:18:fc:d1:2c:
58:af:0e:fb:b1:47:20:5d:dd:54:f3:ba:a1:e2:27:
f8:fe:ae:a4:fd:f7:52:5d:49:68:46:73:bd:b0:75:
88:e6:a2:6a:1c:f5:95:8d:6c:10:97:84:90:63:b6:
da:c0:1e:5b:fe:db:ba:24:a3:5e:15:5a:ee:58:ce:
5e:75:6f:36:2e:4c:1a:00:31:b9:f0:cd:15:a9:86:
a4:be:2b:12:d7:2e:bd:fd:2f:14:d0:11:99:c1:7a:
56:6e:b8:a0:cb:65:28:95:56:ab:9f:16:10:fd:1e:
8a:ad:a8:4b:55:72:8c:84:09:f4:0f:b3:3d:4d:0f:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:EF:32:80:77:0C:6F:37:B9:2A:18:62:09:D8:E1:5C:6E:18:2E:11
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FO8ygHcMbze5KhhiCdjhXG4YLhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:600::/44
2a0e:b107:17c0::/44
2a10:cc46:100::-2a10:cc46:106:ffff:ffff:ffff:ffff:ffff
2a10:cc46:130::/44
Signature Algorithm: sha256WithRSAEncryption
8a:51:64:b6:39:25:5f:a5:e1:39:bc:a9:65:60:ef:e9:54:bf:
c2:21:cf:4d:aa:1b:b1:60:9e:09:aa:a0:32:d8:d9:a3:c3:39:
70:2e:a2:83:b8:70:62:3b:ce:4f:75:87:34:6c:75:45:58:1d:
f8:dd:87:e3:79:01:16:3d:f2:64:0f:0d:05:93:c0:0d:52:b7:
13:3b:9f:db:56:b8:99:ea:37:7a:ff:7c:cd:e9:b9:d9:0e:ac:
9c:68:84:7a:96:f0:4e:f8:03:20:42:65:53:75:57:a9:16:d2:
ea:6a:2f:20:30:4e:2e:f1:84:e3:59:52:8e:cb:00:99:42:08:
1b:f4:8b:fa:59:27:fe:81:6e:ce:a3:d6:e7:e8:7b:22:83:c1:
a9:a0:eb:0e:3b:c5:94:5e:18:4c:af:a5:1b:49:60:4e:bb:ae:
7c:b8:0b:72:f6:78:41:33:aa:ac:b9:24:fa:d4:86:0d:db:79:
f6:c6:dc:b9:f6:d2:7a:f9:2b:66:a0:89:09:e7:ac:62:2f:59:
5c:c3:ef:87:ed:d3:e3:f1:68:b2:c2:f3:55:79:84:80:68:23:
ba:8a:f1:9e:80:9b:24:82:66:53:8d:89:16:2c:8f:ea:5b:90:
e6:9d:ef:c9:a7:c3:3c:c7:44:12:34:22:ae:23:cb:dc:8f:63:
e8:fc:43:da
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYXkiutwx8jN7QUSWqRE+LwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGVmMzI4MDc3MGM2ZjM3YjkyYTE4NjIwOWQ4ZTE1YzZlMTgyZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh1gSN2D5ihAzSvHeLliSpGw4Se/
289RwUUr2elXf5EI45fM2fdkGtD2MrZf897qfqZRuR16YVY6d/s2uqXWIIKHby7l
ZmbznM/7vMVIvyHI9OGOjDBu37hTCLxGzd2Z3A//MigHshpr71d00rGoOxD4dKN9
ta4SlvXmdGMn/92ijxj80SxYrw77sUcgXd1U87qh4if4/q6k/fdSXUloRnO9sHWI
5qJqHPWVjWwQl4SQY7bawB5b/tu6JKNeFVruWM5edW82LkwaADG58M0VqYakvisS
1y69/S8U0BGZwXpWbrigy2UolVarnxYQ/R6KrahLVXKMhAn0D7M9TQ8T1wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBTvMoB3DG83uSoYYgnY4VxuGC4RMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRk84eWdIY01iemU1S2hoaUNkamhYRzRZTGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcEKg6XwAYA
AwcEKg6xBxfAMBEDBgAqEMxGAQMHACoQzEYBBgMHBCoQzEYBMDANBgkqhkiG9w0B
AQsFAAOCAQEAilFktjklX6XhObypZWDv6VS/wiHPTaobsWCeCaqgMtjZo8M5cC6i
g7hwYjvOT3WHNGx1RVgd+N2H43kBFj3yZA8NBZPADVK3Ezuf21a4meo3ev98zem5
2Q6snGiEepbwTvgDIEJlU3VXqRbS6movIDBOLvGE41lSjssAmUIIG/SL+lkn/oFu
zqPW5+h7IoPBqaDrDjvFlF4YTK+lG0lgTruufLgLcvZ4QTOqrLkk+tSGDdt59sbc
ufbSevkrZqCJCeesYi9ZXMPvh+3T4/FossLzVXmEgGgjuorxnoCbJIJmU42JFiyP
6luQ5p3vyafDPMdEEjQiriPL3I9j6PxD2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:58 2024 by rpki-client on console-ams.rpki-client.org