Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JaeGQQh7o9XZM0gsjSGt4pyners.roa
File: JaeGQQh7o9XZM0gsjSGt4pyners.roa (raw, json)
Hash identifier: MOzHy0+vIMBlBlyPOpit5BfPjOf0qF+hkpnBFwufh3A=
Subject key identifier: 25:A7:86:41:08:7B:A3:D5:D9:33:48:2C:8D:21:AD:E2:9C:A7:7A:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D0E62F0961466CD226434B87D7C5F323D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JaeGQQh7o9XZM0gsjSGt4pyners.roa
Signing time: Mon 15 Jan 2024 18:29:41 +0000
ROA not before: Mon 15 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215751
IP address blocks: 2a10:cc40:cc42::/48 maxlen: 48
2a10:cc40:cc40::/48 maxlen: 48
2a10:cc40:cc46::/48 maxlen: 48
2a10:cc40:cc41::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 21:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0e:62:f0:96:14:66:cd:22:64:34:b8:7d:7c:5f:32:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 15 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25a78641087ba3d5d933482c8d21ade29ca77abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a1:74:23:ab:4f:08:a3:ba:e6:67:52:95:5e:
3e:8f:9d:85:8c:fe:89:2f:d7:12:fd:eb:b3:43:59:
a4:9c:f9:2d:33:c4:f5:64:22:40:35:db:8d:6f:e4:
d2:2e:8f:9a:a8:7a:c4:17:59:72:1c:7c:0e:9f:eb:
54:b1:76:a4:1f:30:8a:34:f4:bc:a4:19:07:a4:7d:
2c:0a:a2:4b:a1:53:32:62:1e:db:3a:73:88:a4:f7:
42:b7:e2:ec:dc:73:8d:13:00:91:5c:d5:cd:5f:dc:
4f:1a:ee:9e:d7:7a:01:10:15:5d:02:a1:3c:88:33:
14:e7:01:04:b4:ad:32:99:86:2e:98:cc:c5:57:8e:
37:95:8c:70:93:28:78:c6:eb:28:23:3d:a7:ca:3c:
e0:04:de:10:4f:ab:28:4d:83:9c:c4:60:77:ef:cb:
62:5e:cc:93:4e:ce:75:18:d3:fc:a3:84:11:29:37:
46:37:fb:7e:33:e5:33:9a:bf:f2:95:2c:0b:6e:c4:
28:55:94:79:e8:36:4f:5f:5d:f3:3a:24:c1:a5:9a:
0b:33:ff:0c:76:65:e9:5b:40:b0:18:a0:e0:6e:c4:
e8:c4:43:94:1a:aa:a4:dd:b0:16:a8:ad:35:cd:d4:
d3:82:c2:fc:d4:38:8b:61:31:d5:4b:22:16:eb:12:
53:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A7:86:41:08:7B:A3:D5:D9:33:48:2C:8D:21:AD:E2:9C:A7:7A:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JaeGQQh7o9XZM0gsjSGt4pyners.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:cc40::-2a10:cc40:cc42:ffff:ffff:ffff:ffff:ffff
2a10:cc40:cc46::/48
Signature Algorithm: sha256WithRSAEncryption
90:16:ee:31:86:37:37:c5:29:1d:d6:6d:ad:90:49:83:e7:c7:
b2:0b:41:48:c4:41:3c:5b:a7:2d:a5:38:c5:0e:ae:a8:0a:f4:
6e:7a:2f:e2:5c:12:3b:0e:5d:fc:da:a1:84:ba:93:49:97:d9:
0a:d1:d3:70:8f:b6:3e:de:3e:cb:8e:cc:e1:2b:b8:ee:9a:29:
66:d2:5e:19:bc:96:f3:ed:9e:51:80:d9:77:56:95:33:9d:79:
2f:5f:17:f6:11:22:03:4e:50:6f:8e:03:2e:ab:59:b1:65:2b:
df:4e:d9:63:4c:92:c9:3e:b2:c2:53:7d:9b:98:1b:d1:90:64:
5a:a6:c9:6e:0d:98:da:7e:86:a2:b4:69:d9:23:fe:67:05:66:
2e:5d:fa:f7:e4:ef:a9:12:3f:58:50:d3:2c:ac:af:50:16:8b:
5d:de:e1:b7:5c:5d:10:d6:71:e4:2f:43:4e:f1:d8:e0:6d:39:
91:51:c7:e1:2c:58:7c:37:f8:33:9e:5c:89:35:ba:d5:3f:6d:
51:57:a7:70:d9:7f:61:20:56:cb:96:ce:a1:dd:29:1c:62:c6:
9a:2a:3a:a1:39:a2:27:1a:d4:34:6b:09:88:bc:29:e7:42:1f:
cf:b4:e1:5e:19:0c:52:aa:7f:4a:e8:3e:75:6b:90:7e:47:d3:
b1:ff:be:5d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY0OYvCWFGbNImQ0uH18XzI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE1MTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE3ODY0MTA4N2JhM2Q1ZDkzMzQ4MmM4ZDIxYWRlMjljYTc3YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqF0I6tPCKO65mdSlV4+j52FjP6J
L9cS/euzQ1mknPktM8T1ZCJANduNb+TSLo+aqHrEF1lyHHwOn+tUsXakHzCKNPS8
pBkHpH0sCqJLoVMyYh7bOnOIpPdCt+Ls3HONEwCRXNXNX9xPGu6e13oBEBVdAqE8
iDMU5wEEtK0ymYYumMzFV443lYxwkyh4xusoIz2nyjzgBN4QT6soTYOcxGB378ti
XsyTTs51GNP8o4QRKTdGN/t+M+Uzmr/ylSwLbsQoVZR56DZPX13zOiTBpZoLM/8M
dmXpW0CwGKDgbsToxEOUGqqk3bAWqK01zdTTgsL81DiLYTHVSyIW6xJTNQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCWnhkEIe6PV2TNILI0hreKcp3q7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSmFlR1FRaDdvOVhaTTBnc2pTR3Q0cHluZXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwYqEMxA
zEADBwAqEMxAzEIDBwAqEMxAzEYwDQYJKoZIhvcNAQELBQADggEBAJAW7jGGNzfF
KR3Wba2QSYPnx7ILQUjEQTxbpy2lOMUOrqgK9G56L+JcEjsOXfzaoYS6k0mX2QrR
03CPtj7ePsuOzOEruO6aKWbSXhm8lvPtnlGA2XdWlTOdeS9fF/YRIgNOUG+OAy6r
WbFlK99O2WNMksk+ssJTfZuYG9GQZFqmyW4NmNp+hqK0adkj/mcFZi5d+vfk76kS
P1hQ0yysr1AWi13e4bdcXRDWceQvQ07x2OBtOZFRx+EsWHw3+DOeXIk1utU/bVFX
p3DZf2EgVsuWzqHdKRxixpoqOqE5oica1DRrCYi8KedCH8+04V4ZDFKqf0roPnVr
kH5H07H/vl0=
-----END CERTIFICATE-----
Generated at Thu Jan 18 22:06:20 2024 by rpki-client on console-ams.rpki-client.org