Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gi1pSjLTVIBqKt-5s5XX5uzyozI.roa
File: Gi1pSjLTVIBqKt-5s5XX5uzyozI.roa (raw, json)
Hash identifier: 7lxzlK7DYZBHLO8SY+Xa9hwZGWKfaVf5nLlwShlo/3c=
Subject key identifier: 1A:2D:69:4A:32:D3:54:80:6A:2A:DF:B9:B3:95:D7:E6:EC:F2:A3:32
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D4F98A5B4BDD21B10C70C02CC4CD4768D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gi1pSjLTVIBqKt-5s5XX5uzyozI.roa
Signing time: Sun 28 Jan 2024 10:23:40 +0000
ROA not before: Sun 28 Jan 2024 10:23:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 2a0e:97c0:880::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Jan 2024 17:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:98:a5:b4:bd:d2:1b:10:c7:0c:02:cc:4c:d4:76:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 10:23:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a2d694a32d354806a2adfb9b395d7e6ecf2a332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1f:6f:37:6b:f8:53:b5:c1:31:39:a2:8b:5e:
de:ee:09:fa:fe:3f:f0:05:2f:bb:35:4b:6d:df:a0:
32:b4:5b:36:9f:93:87:66:14:6f:3d:8d:28:00:23:
f7:78:8e:94:1e:c6:4c:2e:53:d0:db:c1:6d:80:5c:
88:93:a8:c5:22:3d:2f:16:81:23:81:8f:31:78:f6:
5d:23:a5:37:e7:9e:d5:51:7d:e3:9d:e3:2c:83:94:
fc:f8:c5:55:73:24:7d:e0:d6:0f:b9:e9:9e:4f:fa:
9f:d9:19:76:e4:31:3a:92:97:81:0b:ff:77:e5:66:
39:fb:a7:b0:43:ee:63:86:17:d5:2d:c7:9f:90:99:
5f:41:11:a7:37:2d:4e:25:8b:fe:49:6e:2b:59:fc:
81:d3:d7:a9:ab:ae:ee:f6:13:0a:34:01:be:aa:e0:
71:a7:05:ad:7f:d4:1e:25:00:40:dd:43:51:92:1e:
fc:cc:07:2a:26:e4:e7:59:9d:3d:9a:e4:8e:70:67:
c4:80:fa:71:4f:1e:55:59:e8:1a:35:5b:9e:c2:a3:
9c:22:d4:a5:0f:5f:92:79:7f:76:e0:21:bc:0d:2c:
45:cb:7b:98:15:15:25:d4:34:ab:7c:c3:73:57:19:
7b:b1:40:93:e0:92:0e:f7:9e:9a:0a:ef:94:16:a0:
63:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2D:69:4A:32:D3:54:80:6A:2A:DF:B9:B3:95:D7:E6:EC:F2:A3:32
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Gi1pSjLTVIBqKt-5s5XX5uzyozI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:880::/44
Signature Algorithm: sha256WithRSAEncryption
94:8a:25:45:9c:00:65:b4:a1:34:ba:03:62:53:a5:d0:bc:69:
e0:ef:e0:ec:3e:e9:4a:e8:25:f2:2f:ba:15:54:3a:09:c2:81:
78:af:d9:94:fe:f1:cf:20:03:65:e5:4c:fc:2c:e2:34:9f:45:
ef:75:2e:76:b7:6f:69:c5:2c:63:37:d4:7c:b2:ba:c8:ba:8e:
c9:34:9d:80:3f:09:60:f8:83:b4:38:c9:d0:47:09:3f:12:bb:
c5:04:cc:25:d6:5e:9d:d7:eb:1b:a6:4c:fb:84:17:9f:e8:bf:
93:50:b5:f1:a2:6b:83:ed:90:2a:a2:01:61:e4:bf:94:98:6e:
9b:a0:51:45:76:84:f9:64:80:a1:38:a3:22:f0:21:8a:c6:f7:
50:0a:3d:0b:cb:64:63:48:e5:7c:50:dc:75:12:5a:33:ea:4a:
a7:db:e1:98:18:5d:14:44:72:3d:22:e3:28:a2:9c:14:a8:0a:
64:d1:63:c3:b5:ab:80:3d:74:e1:9d:a5:3b:57:a8:37:be:d3:
23:4c:7a:34:6f:81:1a:06:0a:46:8a:07:68:b2:fc:cd:cb:71:
f0:52:a7:56:71:2c:3c:ca:9e:8a:d7:b3:18:5c:13:a0:31:da:
6f:d6:0c:05:5b:e4:38:73:5d:b7:fc:98:7e:d5:c3:3e:ec:32:
b1:6e:96:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1PmKW0vdIbEMcMAsxM1HaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI4MTAyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJkNjk0YTMyZDM1NDgwNmEyYWRmYjliMzk1ZDdlNmVjZjJhMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh9vN2v4U7XBMTmii17e7gn6/j/w
BS+7NUtt36AytFs2n5OHZhRvPY0oACP3eI6UHsZMLlPQ28FtgFyIk6jFIj0vFoEj
gY8xePZdI6U3557VUX3jneMsg5T8+MVVcyR94NYPuemeT/qf2Rl25DE6kpeBC/93
5WY5+6ewQ+5jhhfVLcefkJlfQRGnNy1OJYv+SW4rWfyB09epq67u9hMKNAG+quBx
pwWtf9QeJQBA3UNRkh78zAcqJuTnWZ09muSOcGfEgPpxTx5VWegaNVuewqOcItSl
D1+SeX924CG8DSxFy3uYFRUl1DSrfMNzVxl7sUCT4JIO956aCu+UFqBjyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBotaUoy01SAairfubOV1+bs8qMyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR2kxcFNqTFRWSUJxS3QtNXM1WFg1dXp5b3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUiiVFnABltKE0ugNiU6XQvGng7+DsPulK6CXy
L7oVVDoJwoF4r9mU/vHPIANl5Uz8LOI0n0XvdS52t29pxSxjN9R8srrIuo7JNJ2A
Pwlg+IO0OMnQRwk/ErvFBMwl1l6d1+sbpkz7hBef6L+TULXxomuD7ZAqogFh5L+U
mG6boFFFdoT5ZIChOKMi8CGKxvdQCj0Ly2RjSOV8UNx1Eloz6kqn2+GYGF0URHI9
IuMoopwUqApk0WPDtauAPXThnaU7V6g3vtMjTHo0b4EaBgpGigdosvzNy3HwUqdW
cSw8yp6K17MYXBOgMdpv1gwFW+Q4c123/Jh+1cM+7DKxbpby
-----END CERTIFICATE-----
Generated at Sun Jan 28 18:50:26 2024 by rpki-client on console-fra.rpki-client.org