Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H4qwuwTJtmY6j49lstAPSK0-0bo.roa
File: H4qwuwTJtmY6j49lstAPSK0-0bo.roa (raw, json)
Hash identifier: RVam47SKdnoa9WQo6ysXJoY2sId51Pu3nNdo/2aG2TM=
Subject key identifier: 1F:8A:B0:BB:04:C9:B6:66:3A:8F:8F:65:B2:D0:0F:48:AD:3E:D1:BA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD457294F800DC97E25770E2B8B1B2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H4qwuwTJtmY6j49lstAPSK0-0bo.roa
Signing time: Tue 02 Jan 2024 10:34:33 +0000
ROA not before: Tue 02 Jan 2024 10:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212504
IP address blocks: 2a0e:97c0:9f0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 26 Oct 2024 18:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:45:72:94:f8:00:dc:97:e2:57:70:e2:b8:b1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8ab0bb04c9b6663a8f8f65b2d00f48ad3ed1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bf:c1:0d:a6:15:f9:e8:fa:42:7e:70:19:0f:
d8:27:62:2b:bd:de:e0:48:52:af:cf:54:42:3c:d4:
c5:b1:7b:b3:2e:71:d4:45:6f:30:3b:19:b5:2b:6c:
b6:cd:c1:66:7f:f8:a5:f7:13:ac:9e:30:b1:7b:0a:
94:c6:4d:46:59:e2:62:6e:23:6a:96:d5:78:ac:5c:
c8:4a:52:1c:39:10:15:c8:12:8a:25:91:f3:13:98:
fd:09:a9:02:44:39:8a:5b:8a:3b:9b:3d:8d:4e:35:
b5:e2:2f:6a:b2:d7:b0:cc:05:5e:9d:f5:02:1c:f9:
68:22:91:60:a7:0f:d5:22:fe:d8:22:1a:4a:76:9c:
73:46:23:f9:59:8a:6d:1b:be:9a:09:c1:9a:be:fb:
ce:f0:90:ba:4d:6e:40:92:42:14:27:d2:b3:86:60:
d7:72:c3:ef:e7:ad:6c:9a:6f:c9:82:4d:fa:d4:ca:
cf:96:06:e2:69:ce:fa:00:3b:68:0c:a3:52:a1:e1:
75:31:93:63:50:1b:83:03:00:c0:42:e8:3a:ce:c1:
6d:a8:57:68:51:bd:83:04:b3:31:95:24:df:8f:e3:
66:d3:21:f1:0f:e1:86:51:d7:d6:ad:f7:5f:8e:8c:
fa:62:5c:d0:eb:6e:fe:61:85:a8:5d:5f:30:73:d0:
31:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8A:B0:BB:04:C9:B6:66:3A:8F:8F:65:B2:D0:0F:48:AD:3E:D1:BA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/H4qwuwTJtmY6j49lstAPSK0-0bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:9f0::/44
Signature Algorithm: sha256WithRSAEncryption
6a:b5:35:c1:24:55:c5:64:ae:a8:86:b7:9b:04:6c:e9:3f:46:
e8:ea:c8:3e:d5:19:99:ef:2e:3b:b1:34:90:32:65:1c:e9:de:
37:46:06:3a:56:47:5e:d8:c8:75:1c:9b:64:24:f9:7b:e6:4a:
f4:6c:3c:cc:1d:65:29:9e:24:6d:62:4e:02:90:1e:f3:d3:13:
3c:0f:05:8c:15:64:e9:ca:d4:4a:d0:b2:71:f4:90:c9:9c:9e:
dc:ff:64:92:b0:50:3f:f6:79:98:90:53:b2:bd:1b:c9:45:25:
3e:d9:ef:34:47:4f:0a:e1:82:d2:07:50:d3:7d:16:33:1c:e3:
93:fd:d1:de:bb:53:79:9c:16:c7:56:6f:96:32:61:c2:08:52:
b7:70:63:89:80:90:c0:66:3a:78:4e:9e:63:79:b1:82:5c:64:
37:14:e7:e5:5f:69:94:45:d7:05:c7:a0:90:f5:5c:ea:78:77:
9d:96:41:4d:d9:84:ce:87:d0:90:2f:d0:38:3f:cf:6e:e0:96:
b3:48:fc:ff:48:b9:a4:5a:cd:ac:f4:7a:83:9d:22:96:6e:2f:
55:79:fe:f5:13:e7:2e:08:55:8e:13:73:64:43:13:f7:2b:03:
20:57:53:c2:d0:2d:69:95:a3:3d:6e:87:38:0c:8c:70:20:c4:
ba:12:a6:ac
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUVylPgA3JfiV3DiuLGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhhYjBiYjA0YzliNjY2M2E4ZjhmNjViMmQwMGY0OGFkM2VkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r/BDaYV+ej6Qn5wGQ/YJ2Irvd7g
SFKvz1RCPNTFsXuzLnHURW8wOxm1K2y2zcFmf/il9xOsnjCxewqUxk1GWeJibiNq
ltV4rFzISlIcORAVyBKKJZHzE5j9CakCRDmKW4o7mz2NTjW14i9qstewzAVenfUC
HPloIpFgpw/VIv7YIhpKdpxzRiP5WYptG76aCcGavvvO8JC6TW5AkkIUJ9KzhmDX
csPv561smm/Jgk361MrPlgbiac76ADtoDKNSoeF1MZNjUBuDAwDAQug6zsFtqFdo
Ub2DBLMxlSTfj+Nm0yHxD+GGUdfWrfdfjoz6YlzQ627+YYWoXV8wc9AxOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB+KsLsEybZmOo+PZbLQD0itPtG6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSDRxd3V3VEp0bVk2ajQ5bHN0QVBTSzAtMGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAnw
MA0GCSqGSIb3DQEBCwUAA4IBAQBqtTXBJFXFZK6ohrebBGzpP0bo6sg+1RmZ7y47
sTSQMmUc6d43RgY6Vkde2Mh1HJtkJPl75kr0bDzMHWUpniRtYk4CkB7z0xM8DwWM
FWTpytRK0LJx9JDJnJ7c/2SSsFA/9nmYkFOyvRvJRSU+2e80R08K4YLSB1DTfRYz
HOOT/dHeu1N5nBbHVm+WMmHCCFK3cGOJgJDAZjp4Tp5jebGCXGQ3FOflX2mURdcF
x6CQ9VzqeHedlkFN2YTOh9CQL9A4P89u4JazSPz/SLmkWs2s9HqDnSKWbi9Vef71
E+cuCFWOE3NkQxP3KwMgV1PC0C1plaM9boc4DIxwIMS6Eqas
-----END CERTIFICATE-----
Generated at Sat Oct 26 20:18:49 2024 by rpki-client on console-fra.rpki-client.org