Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPDn0bxvfIK-plNZV_dIWPjycRg.roa
File: FPDn0bxvfIK-plNZV_dIWPjycRg.roa (raw, json)
Hash identifier: MpQr3WqXH6SjTcJ9WraD68ckNNycv+T7IgqkR0HNpo0=
Subject key identifier: 14:F0:E7:D1:BC:6F:7C:82:BE:A6:53:59:57:F7:48:58:F8:F2:71:18
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC937418A42B407A73A670AF83C3F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPDn0bxvfIK-plNZV_dIWPjycRg.roa
Signing time: Tue 24 Jan 2023 16:09:38 +0000
ROA not before: Tue 24 Jan 2023 16:09:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142289
IP address blocks: 2a0e:b107:15f0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c9:37:41:8a:42:b4:07:a7:3a:67:0a:f8:3c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14f0e7d1bc6f7c82bea6535957f74858f8f27118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:47:01:8b:9e:c1:35:65:d1:96:40:80:f9:b1:
36:54:8b:44:f7:6f:09:99:8e:c0:7c:c0:81:cc:15:
ee:bc:3c:3f:36:9c:4a:ab:64:ba:66:21:32:af:13:
2c:e6:c5:06:80:ad:70:be:4f:d7:2c:18:34:36:68:
e9:0a:08:23:7f:31:a2:69:4d:52:86:db:bf:21:8d:
41:6b:f3:a6:79:0f:cb:bd:84:ac:56:7e:06:a3:7f:
37:91:46:43:df:4b:9c:95:ee:6f:ae:48:9b:52:13:
85:e0:7e:7a:fb:30:0f:b9:c0:e4:ff:30:4c:c3:ff:
6a:21:ab:d8:ce:b0:69:55:e6:a7:91:4f:77:5b:e1:
e0:b7:9d:96:7b:f5:87:75:7d:ea:ce:3b:19:28:0d:
40:be:ba:c4:e0:e2:e0:e1:ea:fa:03:62:37:cb:b0:
79:21:6d:32:ea:ae:36:3f:5d:e5:a7:87:13:03:e2:
59:09:f9:43:0f:b9:e2:29:8f:69:bc:d9:81:09:34:
b7:0e:64:2b:2a:c2:a5:69:6f:03:68:69:ef:46:86:
b7:3b:a1:f8:85:b9:e9:5a:d4:6a:66:33:0e:5a:d7:
af:3b:ae:42:15:00:d3:da:02:54:db:f0:e5:f7:4d:
6a:59:c2:c9:f4:ea:95:48:69:1b:15:54:82:6d:ee:
5d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F0:E7:D1:BC:6F:7C:82:BE:A6:53:59:57:F7:48:58:F8:F2:71:18
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPDn0bxvfIK-plNZV_dIWPjycRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:15f0::/44
Signature Algorithm: sha256WithRSAEncryption
5f:a3:af:7e:d5:68:6f:8e:17:10:5e:34:eb:b2:49:65:0d:fe:
71:d9:28:d5:8d:51:40:60:a8:f3:d4:2c:ce:73:ef:58:b3:fe:
9c:39:ae:89:d2:53:c6:9d:5c:10:13:25:16:27:5e:a9:1e:19:
a9:42:ca:13:89:40:41:45:15:50:22:da:86:fe:ff:0a:97:c9:
9d:2a:3c:64:60:e2:7a:a3:ed:47:66:f3:5a:82:82:f1:bb:36:
ba:e0:33:c9:70:c7:68:4d:bb:ab:d8:97:50:28:c2:4c:8a:55:
ac:e5:da:9e:6c:79:56:16:34:38:81:be:c9:a2:4d:ad:02:cd:
d6:ca:6d:ea:8d:4d:10:47:2f:94:59:69:d7:f2:eb:b3:c7:e7:
b0:4a:7d:8b:89:b1:19:70:13:d6:71:65:d0:8b:8e:b5:d6:dd:
48:1a:96:e3:aa:82:f2:d8:60:52:91:83:3c:fc:88:55:e8:40:
ac:74:71:86:4a:15:33:d7:e0:42:55:8f:10:c4:c2:7d:cd:5f:
ef:75:ce:93:c9:0a:9c:e3:d8:64:14:94:a5:90:61:48:c0:38:
52:2e:3b:dd:3c:b8:43:79:1c:ae:42:f3:19:5b:ae:8d:47:e4:
ec:57:6f:ee:12:5a:06:fe:d9:6d:6f:60:34:bc:cf:e4:9b:74:
cb:77:cb:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkisk3QYpCtAenOmcK+Dw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGYwZTdkMWJjNmY3YzgyYmVhNjUzNTk1N2Y3NDg1OGY4ZjI3MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUcBi57BNWXRlkCA+bE2VItE928J
mY7AfMCBzBXuvDw/NpxKq2S6ZiEyrxMs5sUGgK1wvk/XLBg0NmjpCggjfzGiaU1S
htu/IY1Ba/OmeQ/LvYSsVn4Go383kUZD30ucle5vrkibUhOF4H56+zAPucDk/zBM
w/9qIavYzrBpVeankU93W+Hgt52We/WHdX3qzjsZKA1AvrrE4OLg4er6A2I3y7B5
IW0y6q42P13lp4cTA+JZCflDD7niKY9pvNmBCTS3DmQrKsKlaW8DaGnvRoa3O6H4
hbnpWtRqZjMOWtevO65CFQDT2gJU2/Dl901qWcLJ9OqVSGkbFVSCbe5dPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBTw59G8b3yCvqZTWVf3SFj48nEYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRlBEbjBieHZmSUstcGxOWlZfZElXUGp5Y1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxXw
MA0GCSqGSIb3DQEBCwUAA4IBAQBfo69+1WhvjhcQXjTrskllDf5x2SjVjVFAYKjz
1CzOc+9Ys/6cOa6J0lPGnVwQEyUWJ16pHhmpQsoTiUBBRRVQItqG/v8Kl8mdKjxk
YOJ6o+1HZvNagoLxuza64DPJcMdoTbur2JdQKMJMilWs5dqebHlWFjQ4gb7Jok2t
As3Wym3qjU0QRy+UWWnX8uuzx+ewSn2LibEZcBPWcWXQi4611t1IGpbjqoLy2GBS
kYM8/IhV6ECsdHGGShUz1+BCVY8QxMJ9zV/vdc6TyQqc49hkFJSlkGFIwDhSLjvd
PLhDeRyuQvMZW66NR+TsV2/uEloG/tltb2A0vM/km3TLd8su
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:58 2024 by rpki-client on console-ams.rpki-client.org