Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I9V2rIjGCNpey3WhglMQ49pc3t8.roa
File: I9V2rIjGCNpey3WhglMQ49pc3t8.roa (raw, json)
Hash identifier: da/kfOyP4lie+5tDo7/brtezQExBsU0bBNUrwdkBD9o=
Subject key identifier: 23:D5:76:AC:88:C6:08:DA:5E:CB:75:A1:82:53:10:E3:DA:5C:DE:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FA4DB4094D3F4122AB85CC6CA21192245
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I9V2rIjGCNpey3WhglMQ49pc3t8.roa
Signing time: Thu 23 May 2024 09:49:43 +0000
ROA not before: Thu 23 May 2024 09:49:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:97c0:1000::/48 maxlen: 48
2a10:ccc0:800::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Jun 2024 04:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:db:40:94:d3:f4:12:2a:b8:5c:c6:ca:21:19:22:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 23 09:49:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23d576ac88c608da5ecb75a1825310e3da5cdedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4f:6f:e8:a4:84:71:60:d9:2c:f9:dd:81:7c:
6a:f2:f3:cf:e1:28:1d:35:5f:81:d3:af:fb:3f:c3:
48:51:36:3c:3c:63:d3:cf:38:6c:d8:6e:b0:27:98:
99:3d:27:30:4c:84:6e:5a:0f:20:b1:d1:3b:05:2c:
2e:11:e1:1e:be:56:af:ac:e4:35:59:08:14:6c:96:
c1:80:4c:8d:92:97:5d:7e:9b:33:11:06:a4:8d:07:
99:1a:ed:7c:a9:6c:d0:f4:2e:5c:ce:01:0a:81:6e:
63:1b:cd:fa:d3:ed:9d:65:16:d9:ab:63:0c:b3:07:
f9:46:6a:57:d1:64:ef:e8:d4:88:f8:73:61:94:a8:
6f:d2:87:bf:ed:ed:3f:8f:8b:22:d8:76:dc:64:c3:
38:9c:ac:68:1a:09:e1:ec:30:ae:de:a7:83:ca:e2:
06:17:df:d3:6e:f0:aa:d8:3f:c1:3c:30:51:78:59:
28:ed:2d:67:8c:9f:62:2c:4a:39:12:f9:65:f2:9d:
aa:8d:8c:fc:f6:c0:7c:4a:44:f5:57:6e:2a:06:e2:
20:da:65:70:3b:c7:65:f8:fe:cf:dc:dd:dc:65:51:
96:f9:97:79:d5:98:a8:d8:11:d9:3f:f3:31:67:89:
59:2a:cb:c9:2e:74:11:bb:22:ed:f7:5e:db:d3:af:
d1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D5:76:AC:88:C6:08:DA:5E:CB:75:A1:82:53:10:E3:DA:5C:DE:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I9V2rIjGCNpey3WhglMQ49pc3t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1000::/48
2a10:ccc0:800::/48
Signature Algorithm: sha256WithRSAEncryption
6d:f1:22:df:b1:94:ef:41:64:2c:ed:47:22:d1:52:80:3d:b1:
5a:ed:a2:19:76:e8:47:7c:df:cf:37:bc:69:31:e1:a1:0c:50:
d6:a3:34:b7:a3:80:ff:eb:38:d2:a5:cc:81:c2:1c:d5:bd:c9:
4e:b7:0e:2a:f1:81:43:3d:43:2b:2f:9c:83:24:2b:45:70:70:
cb:b7:c2:b6:76:77:03:55:31:46:1e:ec:78:3c:99:09:a5:f5:
4a:49:7e:09:79:05:a0:70:15:ff:51:36:63:56:fa:ce:0a:9d:
8a:ae:e3:96:6e:13:b9:53:13:a5:d5:7d:0f:b5:ef:3a:ef:8b:
49:cb:6c:96:6d:0c:ef:90:20:b0:87:f0:d8:12:f8:34:29:7b:
ac:d9:d2:9e:52:b2:71:10:7c:8a:50:d9:25:fb:ed:54:bc:e0:
bf:e7:d8:22:6c:e3:b2:8d:a1:45:f6:e3:8e:65:e7:11:6e:c3:
9c:de:9b:96:61:90:53:79:7b:0b:a5:4f:da:27:08:78:47:c2:
7f:0d:f2:9b:95:d9:7d:16:5c:dc:15:aa:aa:7a:1f:b4:3e:b9:
17:66:21:e2:52:16:ed:98:a0:91:07:ea:fc:49:26:c1:3d:79:
b2:73:6c:3d:4b:6e:c1:41:f7:13:89:dc:cf:85:59:66:1a:69:
ac:73:d2:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+k20CU0/QSKrhcxsohGSJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIzMDk0OTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q1NzZhYzg4YzYwOGRhNWVjYjc1YTE4MjUzMTBlM2RhNWNkZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E9v6KSEcWDZLPndgXxq8vPP4Sgd
NV+B06/7P8NIUTY8PGPTzzhs2G6wJ5iZPScwTIRuWg8gsdE7BSwuEeEevlavrOQ1
WQgUbJbBgEyNkpddfpszEQakjQeZGu18qWzQ9C5czgEKgW5jG8360+2dZRbZq2MM
swf5RmpX0WTv6NSI+HNhlKhv0oe/7e0/j4si2HbcZMM4nKxoGgnh7DCu3qeDyuIG
F9/TbvCq2D/BPDBReFko7S1njJ9iLEo5Evll8p2qjYz89sB8SkT1V24qBuIg2mVw
O8dl+P7P3N3cZVGW+Zd51Zio2BHZP/MxZ4lZKsvJLnQRuyLt917b06/RfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCPVdqyIxgjaXst1oYJTEOPaXN7fMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSTlWMnJJakdDTnBleTNXaGdsTVE0OXBjM3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwBAA
AwcAKhDMwAgAMA0GCSqGSIb3DQEBCwUAA4IBAQBt8SLfsZTvQWQs7Uci0VKAPbFa
7aIZduhHfN/PN7xpMeGhDFDWozS3o4D/6zjSpcyBwhzVvclOtw4q8YFDPUMrL5yD
JCtFcHDLt8K2dncDVTFGHux4PJkJpfVKSX4JeQWgcBX/UTZjVvrOCp2KruOWbhO5
UxOl1X0Pte8674tJy2yWbQzvkCCwh/DYEvg0KXus2dKeUrJxEHyKUNkl++1UvOC/
59gibOOyjaFF9uOOZecRbsOc3puWYZBTeXsLpU/aJwh4R8J/DfKbldl9FlzcFaqq
eh+0PrkXZiHiUhbtmKCRB+r8SSbBPXmyc2w9S27BQfcTidzPhVlmGmmsc9Jm
-----END CERTIFICATE-----
Generated at Thu Jun 13 07:03:02 2024 by rpki-client on console-fra.rpki-client.org