Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JcukM0TzPuR7YaU1wNIe9P7cEQA.roa
File: JcukM0TzPuR7YaU1wNIe9P7cEQA.roa (raw, json)
Hash identifier: Gwt7RBLMzJvQ80wxwtQGXLvhw4iKWyrZDibIWxQzWXE=
Subject key identifier: 25:CB:A4:33:44:F3:3E:E4:7B:61:A5:35:C0:D2:1E:F4:FE:DC:11:00
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D2A8A7174D5E48CDEA415AB9EFBF10F08
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JcukM0TzPuR7YaU1wNIe9P7cEQA.roa
Signing time: Sun 21 Jan 2024 05:42:12 +0000
ROA not before: Sun 21 Jan 2024 05:42:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215751
IP address blocks: 2a10:cc40:cc40::/48 maxlen: 48
2a10:cc40:cc41::/48 maxlen: 48
2a10:cc40:cc42::/48 maxlen: 48
2a10:cc40:cc46::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 04:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2a:8a:71:74:d5:e4:8c:de:a4:15:ab:9e:fb:f1:0f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 21 05:42:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25cba43344f33ee47b61a535c0d21ef4fedc1100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:4d:63:22:f9:58:25:77:8a:8e:a4:47:90:
9f:eb:a1:08:73:fb:84:40:34:03:d5:26:92:57:28:
98:77:dd:c9:2d:8c:55:2b:89:0b:84:d2:52:13:55:
90:59:5c:be:2b:c8:60:79:dd:ac:a5:21:fd:a1:aa:
d8:81:5e:52:a9:7b:f8:f2:d0:83:0b:73:33:1c:65:
5a:0c:7a:00:59:a7:ff:ce:37:d2:5e:67:7a:af:e8:
ab:1d:61:36:28:60:5a:39:fb:3b:3c:bf:f4:17:fc:
94:ec:2b:b4:db:d7:f7:e4:28:6f:a0:73:ab:1e:5d:
11:27:30:67:c0:3d:e8:d1:87:87:25:21:57:97:88:
84:84:65:23:c5:a8:66:f6:f4:52:cb:eb:0c:8d:2d:
e6:6b:ee:ce:30:c1:5b:4d:e9:e7:fd:66:19:4e:32:
cb:51:cf:21:8e:91:99:c8:59:0d:aa:87:56:91:0b:
d0:da:79:e3:96:ae:67:53:2b:5e:e2:08:27:44:9d:
80:45:5b:2a:6f:07:c7:af:87:26:46:aa:5a:9c:cc:
85:66:a9:04:82:8b:df:c2:dd:6a:ff:3c:d1:5a:8b:
6c:8e:9c:a5:fd:80:42:b3:73:ad:df:36:04:da:0e:
34:83:a3:81:43:10:79:f0:11:c4:25:b4:31:ef:6c:
3d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CB:A4:33:44:F3:3E:E4:7B:61:A5:35:C0:D2:1E:F4:FE:DC:11:00
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JcukM0TzPuR7YaU1wNIe9P7cEQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:cc40::-2a10:cc40:cc42:ffff:ffff:ffff:ffff:ffff
2a10:cc40:cc46::/48
Signature Algorithm: sha256WithRSAEncryption
b5:20:d9:1e:27:5c:d9:f5:49:b5:6e:38:45:db:14:cc:84:46:
0c:d0:7e:28:4b:51:ae:b2:9e:1e:08:71:8f:f6:23:5d:7a:b4:
48:5f:9a:a7:65:50:57:6b:11:1d:69:0e:9d:85:27:8d:73:48:
8a:6d:f4:ca:67:18:44:28:64:5f:0e:07:65:ed:24:c4:1f:65:
78:ef:8b:7c:bc:cd:1b:13:16:f2:4e:3d:b2:77:24:5c:36:f3:
49:1e:3e:da:c8:12:d9:7f:80:4e:6a:4a:00:ed:ad:75:d6:bf:
08:26:c4:b5:04:8c:93:1a:c2:d8:d5:15:38:12:95:6d:ee:18:
f8:dd:bd:ab:f6:88:c8:9e:f7:b7:01:39:0c:d6:13:50:72:be:
0c:c2:4d:3f:a0:c9:48:56:21:d1:3f:7c:58:90:05:88:fc:9a:
10:27:21:0a:ea:b6:73:e9:3c:5e:ae:27:fa:d7:73:68:97:69:
68:9f:7a:68:94:b0:e5:a3:87:ae:49:f4:45:12:aa:cf:ae:65:
c3:72:d4:f5:fe:48:cf:e3:3e:19:96:53:3a:03:dd:da:82:75:
75:b0:62:0d:19:ce:e9:af:9d:3b:e4:b5:7c:93:4f:45:b9:d9:
90:66:94:cc:91:55:ae:a4:f9:e4:16:1f:ab:25:89:36:ff:e9:
5c:fd:83:e6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY0qinF01eSM3qQVq5778Q8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTIxMDU0MjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNiYTQzMzQ0ZjMzZWU0N2I2MWE1MzVjMGQyMWVmNGZlZGMxMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTlNYyL5WCV3io6kR5Cf66EIc/uE
QDQD1SaSVyiYd93JLYxVK4kLhNJSE1WQWVy+K8hged2spSH9oarYgV5SqXv48tCD
C3MzHGVaDHoAWaf/zjfSXmd6r+irHWE2KGBaOfs7PL/0F/yU7Cu029f35ChvoHOr
Hl0RJzBnwD3o0YeHJSFXl4iEhGUjxahm9vRSy+sMjS3ma+7OMMFbTenn/WYZTjLL
Uc8hjpGZyFkNqodWkQvQ2nnjlq5nUyte4ggnRJ2ARVsqbwfHr4cmRqpanMyFZqkE
govfwt1q/zzRWotsjpyl/YBCs3Ot3zYE2g40g6OBQxB58BHEJbQx72w9SQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCXLpDNE8z7ke2GlNcDSHvT+3BEAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSmN1a00wVHpQdVI3WWFVMXdOSWU5UDdjRVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwYqEMxA
zEADBwAqEMxAzEIDBwAqEMxAzEYwDQYJKoZIhvcNAQELBQADggEBALUg2R4nXNn1
SbVuOEXbFMyERgzQfihLUa6ynh4IcY/2I116tEhfmqdlUFdrER1pDp2FJ41zSIpt
9MpnGEQoZF8OB2XtJMQfZXjvi3y8zRsTFvJOPbJ3JFw280kePtrIEtl/gE5qSgDt
rXXWvwgmxLUEjJMawtjVFTgSlW3uGPjdvav2iMie97cBOQzWE1ByvgzCTT+gyUhW
IdE/fFiQBYj8mhAnIQrqtnPpPF6uJ/rXc2iXaWifemiUsOWjh65J9EUSqs+uZcNy
1PX+SM/jPhmWUzoD3dqCdXWwYg0ZzumvnTvktXyTT0W52ZBmlMyRVa6k+eQWH6sl
iTb/6Vz9g+Y=
-----END CERTIFICATE-----
Generated at Tue Jan 30 08:44:05 2024 by rpki-client on console-ams.rpki-client.org