Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H-jNclMMsHMFYtn10yDU4WTV2SU.roa
File: H-jNclMMsHMFYtn10yDU4WTV2SU.roa (raw, json)
Hash identifier: 4XlVEyz8Sd686PtYEakDSJYACmFwR4+atUsUEeqXlKU=
Subject key identifier: 1F:E8:CD:72:53:0C:B0:73:05:62:D9:F5:D3:20:D4:E1:64:D5:D9:25
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E82C9D31667E8B2A90402E53B87DE9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H-jNclMMsHMFYtn10yDU4WTV2SU.roa
Signing time: Mon 02 Jan 2023 05:15:41 +0000
ROA not before: Mon 02 Jan 2023 05:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213372
IP address blocks: 2a0e:b107:8e0::/44 maxlen: 48
2a10:2f00:128::/48 maxlen: 48
2a09:4c2:34::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:2c:9d:31:66:7e:8b:2a:90:40:2e:53:b8:7d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fe8cd72530cb0730562d9f5d320d4e164d5d925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:95:59:29:f5:b8:31:5a:bf:5a:39:62:8a:
e4:4c:0d:23:26:18:9b:2b:6f:ce:e0:68:94:47:88:
5c:6b:ee:2d:99:47:83:22:59:2b:5d:05:f3:ce:7d:
d6:dc:d7:c7:7c:d8:f6:48:2b:42:0f:09:cd:64:2c:
fb:b7:3b:7f:a2:87:ae:f9:5c:33:a4:e7:d2:25:d6:
77:6f:7e:d2:6a:1a:b6:52:65:bd:73:cd:11:c3:aa:
2f:ad:5b:8e:a6:97:44:2f:c0:37:d8:00:d6:6f:4a:
c0:73:f7:bf:74:2f:3a:97:fc:c3:0b:ff:e0:26:ba:
f3:e9:05:2d:02:fc:96:cb:18:f6:86:f6:84:82:74:
8b:a3:b2:ec:bf:a3:16:5d:54:31:66:8a:bd:5c:6b:
a8:70:f3:7e:66:4e:3b:d8:71:10:43:65:34:1b:67:
2d:3f:93:b4:38:02:e5:b3:9e:6d:64:e3:8d:16:1a:
f2:ae:54:ed:57:d8:9a:83:68:cc:67:e5:03:5b:06:
1e:ad:43:e3:74:6a:ee:38:34:1f:3d:b7:98:1d:04:
62:80:fc:6b:68:b3:66:95:8c:08:ca:75:27:d6:0d:
8b:40:b0:9b:9b:77:02:39:cb:f5:4b:25:1c:e8:af:
bd:80:90:d4:00:ae:1d:83:2d:ab:9a:5b:d4:78:77:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E8:CD:72:53:0C:B0:73:05:62:D9:F5:D3:20:D4:E1:64:D5:D9:25
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H-jNclMMsHMFYtn10yDU4WTV2SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4c2:34::/48
2a0e:b107:8e0::/44
2a10:2f00:128::/48
Signature Algorithm: sha256WithRSAEncryption
93:df:10:2c:0c:93:63:0b:86:8f:36:f1:4f:21:ad:d1:49:22:
3d:e5:2e:43:00:63:9f:c4:14:28:23:7b:99:f3:18:b2:85:52:
a4:2c:8a:98:6a:d2:c9:c9:14:b5:23:18:cd:0a:ad:b3:3f:e9:
b6:5a:a7:c0:6f:04:2d:24:8e:2a:c1:f9:a9:9f:01:11:ac:af:
fa:2c:3f:5a:5b:18:c3:53:c9:a0:ef:bb:2c:84:9f:b7:cc:c6:
8d:83:36:8f:e4:10:21:3a:bd:87:a6:b2:05:17:7a:fd:e3:91:
3f:bf:cf:b7:a4:ed:43:a7:d9:56:0f:f1:3c:84:60:3a:4d:dc:
41:25:bc:2c:d0:2a:a0:10:9a:82:08:c4:fe:7f:17:c0:0e:72:
f4:2a:22:b6:24:8c:37:6a:8a:1f:08:17:74:c5:b1:f0:a9:cf:
ad:1d:23:9c:33:28:0a:37:09:d0:b4:d4:c7:12:02:20:44:89:
2f:df:c2:0e:e3:70:ba:d4:f8:8e:78:e4:5e:a8:fc:82:85:cc:
f8:de:5a:f0:8e:fe:1b:02:05:46:6a:91:46:1e:24:65:80:64:
5e:68:c8:4c:52:f9:e5:10:64:8a:a8:51:14:71:8f:03:db:72:
f0:37:ad:a4:75:3c:73:02:41:47:b9:25:77:ef:0b:03:f2:8f:
18:c3:20:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw6CydMWZ+iyqQQC5TuH3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmU4Y2Q3MjUzMGNiMDczMDU2MmQ5ZjVkMzIwZDRlMTY0ZDVkOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF6VWSn1uDFav1o5YorkTA0jJhib
K2/O4GiUR4hca+4tmUeDIlkrXQXzzn3W3NfHfNj2SCtCDwnNZCz7tzt/ooeu+Vwz
pOfSJdZ3b37Sahq2UmW9c80Rw6ovrVuOppdEL8A32ADWb0rAc/e/dC86l/zDC//g
Jrrz6QUtAvyWyxj2hvaEgnSLo7Lsv6MWXVQxZoq9XGuocPN+Zk472HEQQ2U0G2ct
P5O0OALls55tZOONFhryrlTtV9iag2jMZ+UDWwYerUPjdGruODQfPbeYHQRigPxr
aLNmlYwIynUn1g2LQLCbm3cCOcv1SyUc6K+9gJDUAK4dgy2rmlvUeHeT9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB/ozXJTDLBzBWLZ9dMg1OFk1dklMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSC1qTmNsTU1zSE1GWXRuMTB5RFU0V1RWMlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgkEwgA0
AwcEKg6xBwjgAwcAKhAvAAEoMA0GCSqGSIb3DQEBCwUAA4IBAQCT3xAsDJNjC4aP
NvFPIa3RSSI95S5DAGOfxBQoI3uZ8xiyhVKkLIqYatLJyRS1IxjNCq2zP+m2WqfA
bwQtJI4qwfmpnwERrK/6LD9aWxjDU8mg77sshJ+3zMaNgzaP5BAhOr2HprIFF3r9
45E/v8+3pO1Dp9lWD/E8hGA6TdxBJbws0CqgEJqCCMT+fxfADnL0KiK2JIw3aoof
CBd0xbHwqc+tHSOcMygKNwnQtNTHEgIgRIkv38IO43C61PiOeOReqPyChcz43lrw
jv4bAgVGapFGHiRlgGReaMhMUvnlEGSKqFEUcY8D23LwN62kdTxzAkFHuSV37wsD
8o8YwyAF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org