Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JNyRpto2F5yRJUF6xmmqYKZOS7c.roa
File: JNyRpto2F5yRJUF6xmmqYKZOS7c.roa (raw, json)
Hash identifier: 8FbLKyCEgUpb+L3GGA+jezl3woLumVSbk+rN5G4/1To=
Subject key identifier: 24:DC:91:A6:DA:36:17:9C:91:25:41:7A:C6:69:AA:60:A6:4E:4B:B7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BAA30FA5F0C136FFE4040089C2485ED3E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JNyRpto2F5yRJUF6xmmqYKZOS7c.roa
Signing time: Tue 07 Nov 2023 14:30:18 +0000
ROA not before: Tue 07 Nov 2023 14:30:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204307
IP address blocks: 2a0e:b107:ac0::/48 maxlen: 48
2a0e:b107:ac2::/48 maxlen: 48
2a0f:e401:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:30:fa:5f:0c:13:6f:fe:40:40:08:9c:24:85:ed:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 7 14:30:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24dc91a6da36179c9125417ac669aa60a64e4bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:ea:e8:0c:bd:98:39:7e:6f:79:d5:c1:79:
7d:4b:1b:1a:99:6a:93:e9:b0:8e:fe:13:e5:7f:55:
36:e8:aa:8a:cd:5a:78:ce:68:2d:13:7d:77:68:9f:
bb:54:0d:bd:ea:72:fa:db:73:c2:e1:6b:7b:a3:80:
ea:5e:44:c8:40:09:6c:39:2f:65:c4:f8:99:02:c0:
5b:ba:ce:4f:5f:41:7c:6d:f3:ce:64:a7:40:f1:7d:
0f:d1:d7:d9:fe:d0:bc:a2:ea:74:ae:88:e9:26:ee:
3d:ec:d1:51:be:a1:14:56:93:38:9a:af:5c:bb:d3:
0c:be:80:7c:89:df:3f:6d:bc:bf:8d:c4:74:d6:18:
bf:cf:44:42:ed:68:44:ae:e8:a9:61:13:0e:ff:2d:
96:7a:5a:da:0d:0c:14:5f:1c:f6:c1:5c:63:66:f6:
ac:29:7e:fa:cb:6b:1f:ca:1c:cc:31:2f:f3:d3:c2:
cc:ee:2d:ad:6c:cb:23:7f:84:f4:2c:d5:f7:1f:6f:
8d:b2:cd:c0:27:e9:95:3f:b9:ab:8a:19:bd:3f:31:
16:cc:91:00:8b:87:ca:16:1a:f8:58:29:3a:65:15:
b0:78:38:fe:2e:82:d1:34:a0:a3:b7:5d:0c:c1:ac:
eb:1c:60:bb:9f:31:ac:7c:79:c0:d2:80:e2:90:66:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DC:91:A6:DA:36:17:9C:91:25:41:7A:C6:69:AA:60:A6:4E:4B:B7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JNyRpto2F5yRJUF6xmmqYKZOS7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ac0::/48
2a0e:b107:ac2::/48
2a0f:e401:110::/44
Signature Algorithm: sha256WithRSAEncryption
2d:3e:ef:ea:b8:c4:f0:6a:1e:ff:91:c8:a7:91:44:5e:b7:9a:
0e:45:77:92:09:73:41:24:1c:f8:60:39:03:31:86:f1:d5:03:
8c:07:99:5e:88:7a:3c:d6:ee:46:57:df:f0:7c:d0:e9:48:2e:
a1:fe:d3:a0:fa:9c:df:61:1f:40:92:65:70:4a:b6:d3:71:02:
bc:ff:82:2f:e3:82:24:16:d3:6f:5e:e7:a3:5f:62:44:d2:dd:
80:e4:78:5c:e5:f2:2b:85:f3:70:88:87:ff:dd:20:58:82:f5:
a4:5c:b3:d5:27:39:53:cc:ea:22:fc:99:03:72:5c:92:31:f3:
1a:ad:a1:e2:8c:f6:7f:a2:79:7b:2d:2b:ee:4a:ad:2e:41:60:
8b:49:26:e0:a8:b9:3a:73:72:ad:aa:c4:31:8c:15:50:5f:8f:
bb:8c:40:2d:06:f8:30:ec:d0:e9:3e:8d:c1:6d:03:71:ff:46:
25:95:5d:51:3b:50:c3:3c:9f:3b:88:4e:b3:96:75:84:11:b9:
10:dc:da:88:11:2a:a8:14:41:55:ca:e3:00:5a:d2:e3:a3:ad:
60:a6:36:83:b5:1d:63:7e:7c:f7:b3:7f:af:ec:d5:9a:5c:f7:
1e:93:14:6b:8f:fb:5e:9a:a6:2f:e8:10:83:d7:3b:30:f1:41:
fa:2e:ff:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuqMPpfDBNv/kBACJwkhe0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTA3MTQzMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRjOTFhNmRhMzYxNzljOTEyNTQxN2FjNjY5YWE2MGE2NGU0YmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIXq6Ay9mDl+b3nVwXl9SxsamWqT
6bCO/hPlf1U26KqKzVp4zmgtE313aJ+7VA296nL623PC4Wt7o4DqXkTIQAlsOS9l
xPiZAsBbus5PX0F8bfPOZKdA8X0P0dfZ/tC8oup0rojpJu497NFRvqEUVpM4mq9c
u9MMvoB8id8/bby/jcR01hi/z0RC7WhEruipYRMO/y2WelraDQwUXxz2wVxjZvas
KX76y2sfyhzMMS/z08LM7i2tbMsjf4T0LNX3H2+Nss3AJ+mVP7mrihm9PzEWzJEA
i4fKFhr4WCk6ZRWweDj+LoLRNKCjt10MwazrHGC7nzGsfHnA0oDikGZ+BwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCTckabaNheckSVBesZpqmCmTku3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSk55UnB0bzJGNXlSSlVGNnhtbXFZS1pPUzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xBwrA
AwcAKg6xBwrCAwcEKg/kAQEQMA0GCSqGSIb3DQEBCwUAA4IBAQAtPu/quMTwah7/
kcinkURet5oORXeSCXNBJBz4YDkDMYbx1QOMB5leiHo81u5GV9/wfNDpSC6h/tOg
+pzfYR9AkmVwSrbTcQK8/4Iv44IkFtNvXuejX2JE0t2A5Hhc5fIrhfNwiIf/3SBY
gvWkXLPVJzlTzOoi/JkDclySMfMaraHijPZ/onl7LSvuSq0uQWCLSSbgqLk6c3Kt
qsQxjBVQX4+7jEAtBvgw7NDpPo3BbQNx/0YllV1RO1DDPJ87iE6zlnWEEbkQ3NqI
ESqoFEFVyuMAWtLjo61gpjaDtR1jfnz3s3+v7NWaXPcekxRrj/temqYv6BCD1zsw
8UH6Lv8f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org