Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HvzsrAadq0VXjnGU-bmree3aYNM.roa
File: HvzsrAadq0VXjnGU-bmree3aYNM.roa (raw, json)
Hash identifier: bc3MtE83IRqG/pLuyZM3vt4LoI/TJaJRFAFZ124zlNc=
Subject key identifier: 1E:FC:EC:AC:06:9D:AB:45:57:8E:71:94:F9:B9:AB:79:ED:DA:60:D3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019036B5FD9A2B37F7BBC0303E9A034EB2C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HvzsrAadq0VXjnGU-bmree3aYNM.roa
Signing time: Thu 20 Jun 2024 17:33:34 +0000
ROA not before: Thu 20 Jun 2024 17:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2a0e:97c0:3ea::/48 maxlen: 48
2a0e:97c0:470::/48 maxlen: 48
2a0e:97c0:471::/48 maxlen: 48
2a0f:b9c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Jul 2024 22:51:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:36:b5:fd:9a:2b:37:f7:bb:c0:30:3e:9a:03:4e:b2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 20 17:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1efcecac069dab45578e7194f9b9ab79edda60d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:25:98:a1:59:8e:9c:34:53:65:f9:b6:2b:78:
5b:48:17:5d:f6:09:5d:2a:ba:07:80:96:f1:d6:a7:
eb:4d:c7:38:4a:f4:55:17:e2:2e:68:e7:8e:3e:96:
36:3d:5d:c5:1d:05:09:4c:a9:e2:98:4c:4b:a5:33:
40:06:81:d7:bd:c3:9e:41:a2:82:6f:b2:4b:bb:a0:
3c:08:9a:d9:37:6b:84:e1:4b:1a:33:cf:5c:03:86:
79:4b:3f:c0:cb:5c:28:ed:8a:64:45:cd:fe:02:ef:
aa:c1:42:23:44:0b:f9:55:67:36:6c:6e:67:57:35:
87:7f:47:28:ee:73:7e:7b:b7:19:c5:3f:2f:9c:95:
24:22:99:ac:91:13:5e:9b:07:e0:5a:56:b9:01:21:
cf:40:a2:7c:92:1d:bc:60:80:54:6a:b1:ef:ca:77:
eb:46:07:d4:93:45:9d:95:72:b0:bb:65:24:60:1a:
40:2d:b6:e3:b8:01:68:17:39:97:b8:d6:eb:cb:12:
97:73:f9:b2:3b:ea:00:19:04:09:8e:98:e5:00:14:
2d:2c:0d:ae:8e:23:12:8d:d1:9f:24:8c:09:2f:22:
4e:7c:20:8e:18:a9:6a:32:24:8b:65:d4:61:1f:15:
0d:49:24:d2:b9:26:4b:21:03:46:65:a0:b6:70:3f:
77:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:EC:AC:06:9D:AB:45:57:8E:71:94:F9:B9:AB:79:ED:DA:60:D3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HvzsrAadq0VXjnGU-bmree3aYNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3ea::/48
2a0e:97c0:470::/47
2a0f:b9c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:2f:24:09:e5:a6:59:91:3b:fd:5f:7e:b0:5a:1a:f1:91:23:
20:e0:7a:3b:43:47:f8:7e:98:56:81:29:0d:d9:88:44:aa:3f:
e7:bf:20:63:6b:ec:f7:34:04:bd:f0:f5:ec:7e:94:5f:23:5c:
99:1b:1b:6c:70:23:f7:1b:d4:cb:65:ee:a2:0f:59:14:34:ff:
92:83:86:2d:23:b5:80:e2:f2:cb:aa:eb:25:18:17:86:88:98:
d6:a0:0f:fa:8e:4f:fc:e0:32:b6:05:af:78:b8:dc:2d:fb:fe:
24:dd:a2:ea:e9:af:ca:30:f3:3b:0e:7c:9c:1d:29:79:9e:91:
99:63:eb:d9:e3:e5:61:59:0d:7a:1d:5b:d0:53:cf:df:0f:ea:
01:06:35:1f:ca:a3:2a:c2:aa:15:b1:0c:92:68:b2:19:77:da:
47:02:23:92:5f:71:e7:06:08:3d:23:cc:99:0c:1e:ce:9d:70:
43:b7:70:65:d4:8d:8b:f3:32:ab:38:56:f6:64:e5:3e:1f:a5:
a6:74:6c:5e:6f:c5:6d:d6:86:30:db:f8:56:af:69:0c:6c:a9:
ad:52:6b:14:89:57:1d:ad:a4:58:94:e8:cf:12:8f:c8:69:20:
d5:bd:5f:8c:fc:a1:be:91:3d:61:76:2e:58:04:70:9d:9e:e2:
d3:02:4b:e9
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZA2tf2aKzf3u8AwPpoDTrLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjIwMTczMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjZWNhYzA2OWRhYjQ1NTc4ZTcxOTRmOWI5YWI3OWVkZGE2MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryWYoVmOnDRTZfm2K3hbSBdd9gld
KroHgJbx1qfrTcc4SvRVF+IuaOeOPpY2PV3FHQUJTKnimExLpTNABoHXvcOeQaKC
b7JLu6A8CJrZN2uE4UsaM89cA4Z5Sz/Ay1wo7YpkRc3+Au+qwUIjRAv5VWc2bG5n
VzWHf0co7nN+e7cZxT8vnJUkIpmskRNemwfgWla5ASHPQKJ8kh28YIBUarHvynfr
RgfUk0WdlXKwu2UkYBpALbbjuAFoFzmXuNbryxKXc/myO+oAGQQJjpjlABQtLA2u
jiMSjdGfJIwJLyJOfCCOGKlqMiSLZdRhHxUNSSTSuSZLIQNGZaC2cD93cQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFB787KwGnatFV45xlPm5q3nt2mDTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSHZ6c3JBYWRxMFZYam5HVS1ibXJlZTNhWU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcAKg6XwAPq
AwcBKg6XwARwAwUAKg+5wDANBgkqhkiG9w0BAQsFAAOCAQEAFi8kCeWmWZE7/V9+
sFoa8ZEjIOB6O0NH+H6YVoEpDdmIRKo/578gY2vs9zQEvfD17H6UXyNcmRsbbHAj
9xvUy2Xuog9ZFDT/koOGLSO1gOLyy6rrJRgXhoiY1qAP+o5P/OAytgWveLjcLfv+
JN2i6umvyjDzOw58nB0peZ6RmWPr2ePlYVkNeh1b0FPP3w/qAQY1H8qjKsKqFbEM
kmiyGXfaRwIjkl9x5wYIPSPMmQwezp1wQ7dwZdSNi/MyqzhW9mTlPh+lpnRsXm/F
bdaGMNv4Vq9pDGyprVJrFIlXHa2kWJTozxKPyGkg1b1fjPyhvpE9YXYuWARwnZ7i
0wJL6Q==
-----END CERTIFICATE-----
Generated at Sun Jul 21 00:27:33 2024 by rpki-client on console-fra.rpki-client.org