Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IbekVC00hx8bdEy82oFK2Y22yTA.roa
File: IbekVC00hx8bdEy82oFK2Y22yTA.roa (raw, json)
Hash identifier: 1GCkeh6rKoFIEAGNHVDHPgkt1HbEvZTOFfruR/Z+AbQ=
Subject key identifier: 21:B7:A4:54:2D:34:87:1F:1B:74:4C:BC:DA:81:4A:D9:8D:B6:C9:30
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCFA659947CB84619D499DD16846B6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IbekVC00hx8bdEy82oFK2Y22yTA.roa
Signing time: Tue 02 Jan 2024 10:34:14 +0000
ROA not before: Tue 02 Jan 2024 10:34:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200950
IP address blocks: 2a10:cc45:121::/48 maxlen: 48
2a10:cc45:126::/48 maxlen: 48
2a10:cc45:12f::/48 maxlen: 48
2a10:cc45:124::/48 maxlen: 48
2a10:cc45:125::/48 maxlen: 48
2a10:cc45:122::/48 maxlen: 48
2a10:cc45:123::/48 maxlen: 48
2a10:cc45:120::/44 maxlen: 48
2a10:cc45:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jan 2024 07:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fa:65:99:47:cb:84:61:9d:49:9d:d1:68:46:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21b7a4542d34871f1b744cbcda814ad98db6c930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b6:b6:c1:2c:63:8c:3d:da:f1:6d:98:78:36:
3d:bb:f1:fc:5f:8b:15:d0:d8:87:af:d0:60:52:24:
a2:e8:8b:2a:ea:e5:ec:30:78:fc:53:e8:0c:7a:10:
6e:14:b4:c0:92:3b:96:c1:f2:70:d0:20:1d:64:de:
2d:50:23:cf:f6:df:88:0d:28:80:91:bc:f8:26:00:
c4:ff:a9:93:cf:a9:b2:85:35:bd:b0:09:a8:9d:3a:
7c:50:69:a3:9e:14:4c:3a:d8:22:0c:5f:c2:56:54:
26:d3:45:31:fd:a7:94:c8:18:1a:d5:c2:b9:09:85:
a7:40:f9:f8:5b:7e:98:04:62:c8:89:9d:45:43:f4:
24:40:f6:f2:0c:1a:1b:d9:97:69:93:97:7f:1e:ce:
fe:85:19:cc:ea:4e:86:37:23:a0:3e:18:50:bf:37:
82:df:1f:64:78:6c:b6:5d:bc:5c:b1:ab:d9:b4:23:
25:3c:02:fb:d0:53:45:0f:b9:0e:2b:1e:7a:cd:65:
c8:85:ca:e2:8e:91:58:cd:98:d5:b7:21:41:6b:ce:
a6:17:28:d4:33:db:a3:f6:fd:4c:8d:5c:e4:d5:ba:
bd:97:0b:09:b9:c5:8b:b7:80:99:db:52:55:7b:58:
4d:14:30:e4:80:4f:66:05:01:66:d6:83:80:32:95:
0c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B7:A4:54:2D:34:87:1F:1B:74:4C:BC:DA:81:4A:D9:8D:B6:C9:30
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IbekVC00hx8bdEy82oFK2Y22yTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc45:120::/44
Signature Algorithm: sha256WithRSAEncryption
20:e0:21:c7:66:04:ed:0c:a3:70:c3:6a:c7:bb:97:cc:9a:4d:
84:6a:06:d2:cc:cd:8f:cf:32:b1:d7:d9:4c:c5:8f:6f:ff:c9:
f6:3f:18:fe:81:23:76:56:a8:c2:9b:1a:47:a5:4b:87:49:d8:
8e:7b:a6:5f:22:4d:ed:d5:62:0f:8e:01:44:02:3a:e6:f1:21:
31:1f:e2:cf:02:dc:17:c2:24:71:20:35:2f:7a:75:8d:d0:c1:
f6:33:a9:53:2a:a4:25:a1:23:f5:29:e6:19:ad:9c:b6:81:42:
34:d2:99:02:f5:31:8e:4d:a6:a6:48:27:96:fa:bd:9e:5c:5c:
14:51:e9:50:e9:85:17:9e:e5:25:55:54:b0:9a:33:41:23:aa:
06:ea:ee:5b:e2:f5:95:b3:e9:1e:a4:e2:18:4b:aa:9e:6f:6d:
8e:61:06:58:af:25:3e:c1:de:b8:b6:a3:94:78:51:65:41:6f:
8a:fe:d5:0a:3f:76:f1:3a:e3:ea:d0:d2:9c:98:56:81:ec:9c:
62:f0:a2:9b:f1:f7:b7:29:11:a1:41:c1:12:63:fb:d4:a6:81:
3a:fd:33:60:9c:1e:fb:be:9c:35:18:5d:d2:68:ed:b3:9a:50:
51:f3:18:7c:71:bd:11:f3:47:ff:f8:a8:5e:3c:3d:fd:8c:62:
c4:25:a9:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvPplmUfLhGGdSZ3RaEa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI3YTQ1NDJkMzQ4NzFmMWI3NDRjYmNkYTgxNGFkOThkYjZjOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhba2wSxjjD3a8W2YeDY9u/H8X4sV
0NiHr9BgUiSi6Isq6uXsMHj8U+gMehBuFLTAkjuWwfJw0CAdZN4tUCPP9t+IDSiA
kbz4JgDE/6mTz6myhTW9sAmonTp8UGmjnhRMOtgiDF/CVlQm00Ux/aeUyBga1cK5
CYWnQPn4W36YBGLIiZ1FQ/QkQPbyDBob2Zdpk5d/Hs7+hRnM6k6GNyOgPhhQvzeC
3x9keGy2XbxcsavZtCMlPAL70FNFD7kOKx56zWXIhcrijpFYzZjVtyFBa86mFyjU
M9uj9v1MjVzk1bq9lwsJucWLt4CZ21JVe1hNFDDkgE9mBQFm1oOAMpUMiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCG3pFQtNIcfG3RMvNqBStmNtskwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSWJla1ZDMDBoeDhiZEV5ODJvRksyWTIyeVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAg4CHHZgTtDKNww2rHu5fMmk2EagbSzM2PzzKx
19lMxY9v/8n2Pxj+gSN2VqjCmxpHpUuHSdiOe6ZfIk3t1WIPjgFEAjrm8SExH+LP
AtwXwiRxIDUvenWN0MH2M6lTKqQloSP1KeYZrZy2gUI00pkC9TGOTaamSCeW+r2e
XFwUUelQ6YUXnuUlVVSwmjNBI6oG6u5b4vWVs+kepOIYS6qeb22OYQZYryU+wd64
tqOUeFFlQW+K/tUKP3bxOuPq0NKcmFaB7Jxi8KKb8fe3KRGhQcESY/vUpoE6/TNg
nB77vpw1GF3SaO2zmlBR8xh8cb0R80f/+KhePD39jGLEJanM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org