Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HMw5WUi6C1VSQb0qJkqK8436-xg.roa
File: HMw5WUi6C1VSQb0qJkqK8436-xg.roa (raw, json)
Hash identifier: J22sTM3gB5K2SbAFwvqu2KOqTk1TGqRrj8PC9i3ftXg=
Subject key identifier: 1C:CC:39:59:48:BA:0B:55:52:41:BD:2A:26:4A:8A:F3:8D:FA:FB:18
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D414BF0F37FF185F8EC28578B8403FA4B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HMw5WUi6C1VSQb0qJkqK8436-xg.roa
Signing time: Thu 25 Jan 2024 15:45:12 +0000
ROA not before: Thu 25 Jan 2024 15:45:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215669
IP address blocks: 2a0e:97c0:8b0::/44 maxlen: 48
2a0e:97c0:8b0::/48 maxlen: 48
2a0e:97c0:8b1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Jan 2024 16:35:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:4b:f0:f3:7f:f1:85:f8:ec:28:57:8b:84:03:fa:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 25 15:45:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ccc395948ba0b555241bd2a264a8af38dfafb18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5c:8c:50:d9:50:9c:24:89:e6:29:77:64:01:
44:4c:1f:c5:a9:e5:0b:c8:6e:7a:7e:42:c6:44:4d:
56:e6:90:af:d5:81:45:26:b7:3f:01:fe:5d:bd:8a:
46:87:f0:27:4c:f7:4a:50:3e:d4:48:99:44:57:ed:
af:1e:4f:28:47:0b:75:d3:96:19:71:01:fd:ab:61:
a5:9f:1d:40:66:3a:2f:59:45:2d:7f:45:4f:5d:4b:
50:b6:e3:c9:44:94:ae:f5:0a:26:f8:05:32:92:6e:
a1:44:03:fb:bc:5c:9d:9d:8a:de:c9:f1:fd:18:8b:
a8:e6:dd:31:8c:e0:9e:50:3b:6a:7c:71:75:70:8f:
43:2c:6f:3c:a8:8f:1e:81:e8:59:bf:cc:5c:2e:32:
a0:bb:33:cd:fd:54:f3:f2:e7:a8:25:38:62:9a:6d:
df:5f:6f:82:09:04:c5:ba:e4:bc:d8:b3:a2:22:c4:
ca:38:48:e5:9d:b0:2a:54:71:50:f7:f1:93:3e:a6:
3d:ee:fc:f5:ed:82:49:82:9b:46:1a:81:e3:5a:48:
41:c7:f0:33:e3:ee:4b:21:cb:00:83:7f:12:21:47:
78:b7:96:f2:e6:52:f0:a2:57:da:9c:39:e8:86:2e:
54:4f:ae:db:5b:14:6d:c1:f2:7f:27:3a:f9:af:7c:
da:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CC:39:59:48:BA:0B:55:52:41:BD:2A:26:4A:8A:F3:8D:FA:FB:18
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HMw5WUi6C1VSQb0qJkqK8436-xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:8b0::/44
Signature Algorithm: sha256WithRSAEncryption
13:f6:58:1c:de:71:eb:22:53:fc:0f:c7:12:8e:fe:4a:9e:a1:
49:c0:85:6f:83:da:08:53:95:c6:2f:28:d1:b8:2c:a8:32:74:
a9:ac:64:6d:79:cc:16:ad:91:c2:56:19:3c:8b:52:bf:ce:28:
bb:97:72:e5:f1:04:a1:e0:35:3c:53:9e:77:39:e6:d0:7c:e4:
d6:4f:df:cf:30:39:cf:5d:e2:0e:4f:4c:17:b5:3b:fd:0e:80:
c6:eb:bc:0a:d4:05:7a:f3:60:ba:db:44:77:a3:97:15:27:1f:
9f:d3:ed:76:31:c4:5e:90:96:42:ce:a8:3f:05:0d:fa:61:66:
59:ab:99:a2:5d:ba:1b:4a:35:70:60:36:fc:50:0a:a6:1a:b0:
83:4b:29:ae:54:a9:78:c2:45:c2:5f:43:f1:54:fc:f1:30:85:
45:8c:b9:85:c3:54:9e:a3:06:c0:ea:44:b7:cd:cb:ec:87:d2:
3b:51:13:ef:82:97:81:bf:a1:31:1a:d6:ab:ac:d3:77:25:7d:
ab:86:ea:6b:6b:72:e0:24:b2:f2:22:10:af:67:30:1a:ac:b3:
89:eb:5f:99:6d:c1:aa:0b:e1:cd:16:1a:54:9b:37:0d:07:03:
39:25:63:fe:69:1d:0f:c4:d8:f7:f3:92:cf:af:fe:d5:e8:c7:
57:d3:92:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1BS/Dzf/GF+OwoV4uEA/pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI1MTU0NTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NjMzk1OTQ4YmEwYjU1NTI0MWJkMmEyNjRhOGFmMzhkZmFmYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVyMUNlQnCSJ5il3ZAFETB/FqeUL
yG56fkLGRE1W5pCv1YFFJrc/Af5dvYpGh/AnTPdKUD7USJlEV+2vHk8oRwt105YZ
cQH9q2Glnx1AZjovWUUtf0VPXUtQtuPJRJSu9Qom+AUykm6hRAP7vFydnYreyfH9
GIuo5t0xjOCeUDtqfHF1cI9DLG88qI8egehZv8xcLjKguzPN/VTz8ueoJThimm3f
X2+CCQTFuuS82LOiIsTKOEjlnbAqVHFQ9/GTPqY97vz17YJJgptGGoHjWkhBx/Az
4+5LIcsAg38SIUd4t5by5lLwolfanDnohi5UT67bWxRtwfJ/Jzr5r3zaPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBzMOVlIugtVUkG9KiZKivON+vsYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSE13NVdVaTZDMVZTUWIwcUprcUs4NDM2LXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAiw
MA0GCSqGSIb3DQEBCwUAA4IBAQAT9lgc3nHrIlP8D8cSjv5KnqFJwIVvg9oIU5XG
LyjRuCyoMnSprGRtecwWrZHCVhk8i1K/zii7l3Ll8QSh4DU8U553OebQfOTWT9/P
MDnPXeIOT0wXtTv9DoDG67wK1AV682C620R3o5cVJx+f0+12McRekJZCzqg/BQ36
YWZZq5miXbobSjVwYDb8UAqmGrCDSymuVKl4wkXCX0PxVPzxMIVFjLmFw1SeowbA
6kS3zcvsh9I7URPvgpeBv6ExGtarrNN3JX2rhupra3LgJLLyIhCvZzAarLOJ61+Z
bcGqC+HNFhpUmzcNBwM5JWP+aR0PxNj385LPr/7V6MdX05KW
-----END CERTIFICATE-----
Generated at Sun Jan 28 17:23:42 2024 by rpki-client on console-fra.rpki-client.org