Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS2F3yZAEhEesuHC2nuLbr2KOv4.roa
File: IS2F3yZAEhEesuHC2nuLbr2KOv4.roa (raw, json)
Hash identifier: tepMaJnY+vjHLyiuWeE86RG62oVpiWcQyBopzBNVDXs=
Subject key identifier: 21:2D:85:DF:26:40:12:11:1E:B2:E1:C2:DA:7B:8B:6E:BD:8A:3A:FE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F61774455A9F6837960A3FECDC9CD55AD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS2F3yZAEhEesuHC2nuLbr2KOv4.roa
Signing time: Fri 10 May 2024 07:45:57 +0000
ROA not before: Fri 10 May 2024 07:45:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214953
IP address blocks: 2a06:de07:de00::/48 maxlen: 48
2a06:de07:de07::/48 maxlen: 48
2a10:2f01:403::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 May 2024 16:38:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:77:44:55:a9:f6:83:79:60:a3:fe:cd:c9:cd:55:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 10 07:45:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=212d85df264012111eb2e1c2da7b8b6ebd8a3afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:b9:39:b9:7c:94:18:84:8a:bd:4d:67:8a:
5d:06:99:fc:74:fb:24:57:7a:31:b8:40:a0:ab:f6:
bf:0a:2f:b9:21:e9:cf:3b:4f:62:b7:32:82:12:98:
eb:79:4a:ee:ee:83:5b:9b:aa:4d:1a:0b:ff:b0:b4:
3d:28:39:eb:cd:aa:7f:b7:2d:c8:16:ab:43:41:a8:
5f:d7:0b:34:7f:50:28:d8:0d:92:18:a4:da:a6:5f:
69:11:13:42:aa:60:b2:19:e3:6f:72:a9:02:b2:f8:
32:6a:dd:11:4a:8c:2c:6a:16:77:3a:66:cb:e7:0a:
35:13:81:ed:28:8b:43:30:44:30:93:cc:5c:2b:a1:
67:5e:c5:0a:2a:80:cc:0b:3d:ce:7d:f7:6a:5d:7f:
3a:c0:b7:3c:3b:c2:0a:8e:82:cf:8b:54:13:29:8b:
db:07:37:7d:6b:aa:3e:92:73:9c:0f:d3:b2:85:52:
6c:29:0f:f7:19:76:78:a0:d0:0b:98:04:f1:6c:cb:
af:00:14:b0:3d:c3:66:2d:05:fa:c6:91:dc:2d:40:
70:8f:5a:cc:a3:a0:51:b1:cc:57:9f:a9:99:89:92:
e2:fa:13:05:58:88:3d:49:40:5a:6e:4d:1e:be:4d:
26:22:3a:01:9b:c9:18:04:fc:d3:ae:91:c3:f9:c9:
10:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2D:85:DF:26:40:12:11:1E:B2:E1:C2:DA:7B:8B:6E:BD:8A:3A:FE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS2F3yZAEhEesuHC2nuLbr2KOv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de07:de00::/48
2a06:de07:de07::/48
2a10:2f01:403::/48
Signature Algorithm: sha256WithRSAEncryption
c5:c0:4e:04:35:67:ea:8f:04:94:43:41:9c:84:40:ae:a9:31:
52:cb:e2:9d:f2:98:e3:90:24:1e:cd:37:ee:3c:43:ae:bf:bd:
85:7d:9a:28:25:f0:cb:c7:72:98:47:f0:aa:b3:6a:b3:32:16:
25:7d:2d:45:3a:02:4e:c1:a6:99:75:50:6b:a7:90:ba:ca:80:
24:31:4b:c3:eb:6b:0f:4f:a8:71:ec:3f:68:c4:46:a4:ed:8d:
d8:91:7c:dc:74:be:ff:3b:93:89:d3:1c:26:91:bf:86:28:70:
03:01:f5:0a:b9:57:96:9e:f6:1f:38:a5:c3:22:55:f0:b5:c3:
d3:59:a0:3e:b8:29:3a:49:53:0a:1e:be:d4:df:a2:3d:eb:c6:
35:20:df:37:bf:f6:fb:e4:4b:f6:c5:1d:a1:a5:43:33:53:b4:
c3:0c:9f:22:f9:de:39:bf:3f:1c:50:aa:5f:a0:7f:70:12:5f:
6d:c5:57:5c:d6:16:97:ac:84:36:c4:38:6e:3f:35:6a:0a:d3:
3e:bc:a8:26:6d:11:6f:62:24:b4:e2:9f:7e:8c:0d:28:64:37:
5d:bb:2b:5e:f2:f4:d3:ea:98:a3:9a:af:e7:2c:11:ea:57:50:
f0:b2:0c:88:e9:4b:0d:8e:c8:df:aa:d0:cf:c6:c9:2d:24:17:
8c:bd:26:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9hd0RVqfaDeWCj/s3JzVWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTEwMDc0NTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJkODVkZjI2NDAxMjExMWViMmUxYzJkYTdiOGI2ZWJkOGEzYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6u5Obl8lBiEir1NZ4pdBpn8dPsk
V3oxuECgq/a/Ci+5IenPO09itzKCEpjreUru7oNbm6pNGgv/sLQ9KDnrzap/ty3I
FqtDQahf1ws0f1Ao2A2SGKTapl9pERNCqmCyGeNvcqkCsvgyat0RSowsahZ3OmbL
5wo1E4HtKItDMEQwk8xcK6FnXsUKKoDMCz3OffdqXX86wLc8O8IKjoLPi1QTKYvb
Bzd9a6o+knOcD9OyhVJsKQ/3GXZ4oNALmATxbMuvABSwPcNmLQX6xpHcLUBwj1rM
o6BRscxXn6mZiZLi+hMFWIg9SUBabk0evk0mIjoBm8kYBPzTrpHD+ckQ+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCEthd8mQBIRHrLhwtp7i269ijr+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSVMyRjN5WkFFaEVlc3VIQzJudUxicjJLT3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgbeB94A
AwcAKgbeB94HAwcAKhAvAQQDMA0GCSqGSIb3DQEBCwUAA4IBAQDFwE4ENWfqjwSU
Q0GchECuqTFSy+Kd8pjjkCQezTfuPEOuv72FfZooJfDLx3KYR/Cqs2qzMhYlfS1F
OgJOwaaZdVBrp5C6yoAkMUvD62sPT6hx7D9oxEak7Y3YkXzcdL7/O5OJ0xwmkb+G
KHADAfUKuVeWnvYfOKXDIlXwtcPTWaA+uCk6SVMKHr7U36I968Y1IN83v/b75Ev2
xR2hpUMzU7TDDJ8i+d45vz8cUKpfoH9wEl9txVdc1haXrIQ2xDhuPzVqCtM+vKgm
bRFvYiS04p9+jA0oZDdduyte8vTT6pijmq/nLBHqV1DwsgyI6UsNjsjfqtDPxskt
JBeMvSZ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org