Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS48VPpvG9IXLCkMPCizykpO8Jk.roa
File: IS48VPpvG9IXLCkMPCizykpO8Jk.roa (raw, json)
Hash identifier: 5LP3G5XCc1yyxlnTWnVPpYLJVHlJo+SeRBmYiIstCdM=
Subject key identifier: 21:2E:3C:54:FA:6F:1B:D2:17:2C:29:0C:3C:28:B3:CA:4A:4E:F0:99
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CE48F0AB4100AEA882C0217DA6C20729B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS48VPpvG9IXLCkMPCizykpO8Jk.roa
Signing time: Sun 07 Jan 2024 15:33:48 +0000
ROA not before: Sun 07 Jan 2024 15:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a0e:b107:2804::/46 maxlen: 48
2a0e:b107:27fc::/46 maxlen: 48
2a0e:b107:27d4::/46 maxlen: 48
2a0e:b107:2800::/46 maxlen: 48
2a0e:b107:27f8::/46 maxlen: 48
2a0e:b107:27d0::/46 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 21:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:8f:0a:b4:10:0a:ea:88:2c:02:17:da:6c:20:72:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 7 15:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=212e3c54fa6f1bd2172c290c3c28b3ca4a4ef099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:62:5e:fd:c1:d9:ea:b5:de:1f:b0:fc:b3:
89:93:54:43:73:d4:d9:db:e1:4b:f1:2e:47:e1:e2:
c6:3f:48:21:b2:db:a9:4b:8f:41:c6:cf:94:58:3f:
3a:cb:e7:9d:58:d4:43:21:0c:de:12:ee:6d:58:45:
74:28:fc:4e:80:4d:2c:b4:ba:07:d0:f4:ff:68:25:
30:0a:fa:ac:d2:20:5c:3b:2d:81:aa:94:69:41:62:
8d:14:52:27:ee:92:d0:e7:54:46:67:78:78:4c:a1:
d5:4f:1c:bb:16:be:ea:ee:8c:8b:4d:d8:49:77:d6:
f0:06:8a:9f:96:64:89:f1:d2:4d:00:a7:e5:91:87:
23:bd:bd:72:23:90:4c:71:bb:e8:23:25:27:a8:dd:
b0:fe:18:8d:e3:ae:81:b3:3c:4f:04:27:13:e5:3c:
d0:8d:7c:6c:7e:38:d8:36:e9:39:55:26:6c:2f:b8:
dd:34:d6:33:4d:0c:f0:70:c7:f7:7e:2e:ab:f4:f9:
16:6c:ee:d2:d8:53:49:f0:45:42:0b:84:1b:71:0b:
e1:39:a1:60:43:bf:3b:ec:c0:89:69:f1:eb:c3:98:
5e:ed:a0:e3:80:83:9e:e6:21:0a:4d:ec:8d:ee:59:
f8:e5:f3:1f:32:ea:c4:20:25:97:86:58:28:69:91:
5b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2E:3C:54:FA:6F:1B:D2:17:2C:29:0C:3C:28:B3:CA:4A:4E:F0:99
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IS48VPpvG9IXLCkMPCizykpO8Jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f8::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7b:bd:f6:29:d3:25:ab:5b:1e:bf:4b:32:f5:1a:ae:c2:9d:cc:
d6:67:65:75:02:06:79:36:34:05:45:48:69:5e:56:eb:ca:69:
e2:51:58:c6:9c:c9:05:77:d3:56:4b:5c:a3:29:fa:98:57:bc:
da:16:c3:7a:d9:2b:dd:a1:8f:89:f4:33:82:65:d6:4c:a9:78:
38:6b:b3:0c:57:a5:d1:9e:0f:4c:0e:ce:7f:a8:99:3a:53:fd:
47:88:ef:84:ab:6a:da:1a:ec:12:96:27:32:ee:a7:a6:6a:d4:
f3:09:bf:43:4f:53:26:16:4f:7c:78:b6:35:e1:af:9c:bd:0b:
5e:73:43:12:78:b2:21:55:42:fb:66:56:13:b3:47:37:88:5f:
8a:92:b2:0f:df:74:9d:6c:6b:1e:77:02:f9:04:04:d0:7a:8f:
a5:2a:5b:31:83:c4:e4:2f:e6:6b:27:d5:0d:97:5b:5a:b9:af:
ac:7d:d7:04:d8:7b:27:9b:e0:88:d4:10:19:e2:46:a9:4b:1c:
7c:0b:69:31:f9:07:b9:2c:7c:bb:a4:33:c9:15:27:b0:43:2c:
3e:b8:8b:6c:76:ad:40:59:f0:ab:c8:77:07:51:11:4c:1a:67:
fe:c2:81:2a:5e:9c:a3:a5:98:fb:55:1c:9f:5b:52:df:15:e1:
20:34:35:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzkjwq0EArqiCwCF9psIHKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTA3MTUzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJlM2M1NGZhNmYxYmQyMTcyYzI5MGMzYzI4YjNjYTRhNGVmMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj81iXv3B2eq13h+w/LOJk1RDc9TZ
2+FL8S5H4eLGP0ghstupS49Bxs+UWD86y+edWNRDIQzeEu5tWEV0KPxOgE0stLoH
0PT/aCUwCvqs0iBcOy2BqpRpQWKNFFIn7pLQ51RGZ3h4TKHVTxy7Fr7q7oyLTdhJ
d9bwBoqflmSJ8dJNAKflkYcjvb1yI5BMcbvoIyUnqN2w/hiN466BszxPBCcT5TzQ
jXxsfjjYNuk5VSZsL7jdNNYzTQzwcMf3fi6r9PkWbO7S2FNJ8EVCC4QbcQvhOaFg
Q7877MCJafHrw5he7aDjgIOe5iEKTeyN7ln45fMfMurEICWXhlgoaZFbPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCEuPFT6bxvSFywpDDwos8pKTvCZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSVM0OFZQcHZHOUlYTENrTVBDaXp5a3BPOEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcDKg6xByfQ
MBIDBwMqDrEHJ/gDBwMqDrEHKAAwDQYJKoZIhvcNAQELBQADggEBAHu99inTJatb
Hr9LMvUarsKdzNZnZXUCBnk2NAVFSGleVuvKaeJRWMacyQV301ZLXKMp+phXvNoW
w3rZK92hj4n0M4Jl1kypeDhrswxXpdGeD0wOzn+omTpT/UeI74Sratoa7BKWJzLu
p6Zq1PMJv0NPUyYWT3x4tjXhr5y9C15zQxJ4siFVQvtmVhOzRzeIX4qSsg/fdJ1s
ax53AvkEBNB6j6UqWzGDxOQv5msn1Q2XW1q5r6x91wTYeyeb4IjUEBniRqlLHHwL
aTH5B7ksfLukM8kVJ7BDLD64i2x2rUBZ8KvIdwdREUwaZ/7CgSpenKOlmPtVHJ9b
Ut8V4SA0Ncw=
-----END CERTIFICATE-----
Generated at Fri Jan 12 00:46:59 2024 by rpki-client on console-ams.rpki-client.org