Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K_tZyw-n30VNd-2pOPK3HzCbUkg.roa
File: K_tZyw-n30VNd-2pOPK3HzCbUkg.roa (raw, json)
Hash identifier: C4KdaeqLpnI14BBVko4ExTPU/ACvaV6YE2Nrrjol8Rc=
Subject key identifier: 2B:FB:59:CB:0F:A7:DF:45:4D:77:ED:A9:38:F2:B7:1F:30:9B:52:48
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FDF311B6AED8ECBF71E329B9D85F36D0B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K_tZyw-n30VNd-2pOPK3HzCbUkg.roa
Signing time: Mon 03 Jun 2024 17:41:28 +0000
ROA not before: Mon 03 Jun 2024 17:41:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 194.50.111.0/24 maxlen: 24
2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Jul 2024 22:51:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:df:31:1b:6a:ed:8e:cb:f7:1e:32:9b:9d:85:f3:6d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 3 17:41:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bfb59cb0fa7df454d77eda938f2b71f309b5248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:f5:fb:91:ac:53:9d:6e:33:f4:3b:55:a9:
cc:ee:f1:20:1f:0b:02:51:81:50:ff:47:8b:98:4b:
75:1e:3c:d6:7d:55:16:ca:62:cb:2c:cb:b2:12:b9:
f7:03:a1:4a:26:b6:3d:c1:80:87:b8:21:30:13:7b:
11:4b:87:ad:a7:55:f3:49:45:ad:1f:15:0e:e2:e6:
f0:58:2a:78:ec:1a:f1:c1:9c:c3:db:43:4b:20:61:
bc:ab:17:f0:2e:3a:df:8c:bf:90:13:72:18:0d:62:
e7:48:19:ef:fc:5b:28:a4:f0:26:5c:8a:0c:94:2e:
0f:99:e6:30:05:8a:8a:83:2c:68:3e:05:8a:e5:d2:
c6:7b:56:be:2b:2d:0b:d8:c3:1b:bc:53:9b:25:88:
82:e9:56:55:f2:44:bf:3e:1e:a0:aa:e3:d0:8b:3c:
5a:b1:e3:66:0c:dc:6c:92:4e:d3:15:ec:92:66:46:
68:9d:15:9a:84:d0:70:b3:17:52:1e:ad:b9:90:aa:
6e:7a:bb:9b:bf:72:04:1d:d1:59:0d:a8:6e:23:30:
f8:7b:77:78:c5:7f:d3:07:f2:b2:3f:63:12:00:b2:
34:83:92:27:7b:73:71:26:f1:af:72:79:d2:1b:5e:
74:ed:0c:18:48:f2:f9:66:97:67:09:18:cc:e4:33:
0a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FB:59:CB:0F:A7:DF:45:4D:77:ED:A9:38:F2:B7:1F:30:9B:52:48
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/K_tZyw-n30VNd-2pOPK3HzCbUkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
5a:ad:9a:32:d8:6f:d5:c9:5a:ff:28:34:a4:cf:d4:f3:07:ec:
f8:a0:8c:49:93:bc:da:cc:db:10:fa:3f:b5:af:7d:4c:35:7a:
36:07:43:9e:0c:61:4b:e1:66:81:0c:be:5c:3f:ce:76:b7:36:
9d:bf:3b:33:1e:10:af:c7:77:36:a3:91:fb:8a:25:5a:ab:dd:
14:f9:a2:9e:3f:40:e3:ad:11:9f:a3:0e:7e:49:83:51:f4:a7:
8e:47:7d:80:ea:1f:f2:5f:be:62:d9:8b:ed:27:aa:83:e6:c6:
61:84:ee:18:c2:a3:d8:7d:5a:1f:18:79:b5:43:52:5a:b7:85:
c3:8c:f8:24:4d:a2:07:87:17:30:af:35:8b:57:52:9c:e5:1c:
08:cf:be:b9:f4:90:14:ca:3e:d8:7a:f9:20:9c:f9:39:17:88:
b3:73:f6:a0:3e:a1:e8:9f:5f:ed:50:1e:53:6d:01:ca:16:fa:
cc:61:a6:22:73:ae:da:46:e4:bc:80:c5:f2:ec:36:a1:7e:68:
2b:a8:ff:e5:e9:ee:5b:c3:72:8a:24:3b:3e:2e:6b:3f:ea:67:
c6:35:a1:57:7f:1e:06:ee:8b:2d:fb:ba:25:9a:21:04:d0:95:
0c:99:34:00:9b:66:a1:e2:9f:3e:e7:ff:26:5c:5e:50:24:77:
f8:a3:18:8f
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY/fMRtq7Y7L9x4ym52F820LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjAzMTc0MTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZiNTljYjBmYTdkZjQ1NGQ3N2VkYTkzOGYyYjcxZjMwOWI1MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq671+5GsU51uM/Q7VanM7vEgHwsC
UYFQ/0eLmEt1HjzWfVUWymLLLMuyErn3A6FKJrY9wYCHuCEwE3sRS4etp1XzSUWt
HxUO4ubwWCp47BrxwZzD20NLIGG8qxfwLjrfjL+QE3IYDWLnSBnv/FsopPAmXIoM
lC4PmeYwBYqKgyxoPgWK5dLGe1a+Ky0L2MMbvFObJYiC6VZV8kS/Ph6gquPQizxa
seNmDNxskk7TFeySZkZonRWahNBwsxdSHq25kKpuerubv3IEHdFZDahuIzD4e3d4
xX/TB/KyP2MSALI0g5Ine3NxJvGvcnnSG1507QwYSPL5ZpdnCRjM5DMKnQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFCv7WcsPp99FTXftqTjytx8wm1JIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS190Wnl3LW4zMFZOZC0ycE9QSzNIekNiVWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAMBAIAATAGAwQAwjJvMEcE
AgACMEEDBwAqBt4AABADBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoO
sQcaYwMHACoOsQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEAWq2aMthv
1cla/yg0pM/U8wfs+KCMSZO82szbEPo/ta99TDV6NgdDngxhS+FmgQy+XD/Odrc2
nb87Mx4Qr8d3NqOR+4olWqvdFPminj9A460Rn6MOfkmDUfSnjkd9gOof8l++YtmL
7Seqg+bGYYTuGMKj2H1aHxh5tUNSWreFw4z4JE2iB4cXMK81i1dSnOUcCM++ufSQ
FMo+2Hr5IJz5OReIs3P2oD6h6J9f7VAeU20Byhb6zGGmInOu2kbkvIDF8uw2oX5o
K6j/5enuW8NyiiQ7Pi5rP+pnxjWhV38eBu6LLfu6JZohBNCVDJk0AJtmoeKfPuf/
JlxeUCR3+KMYjw==
-----END CERTIFICATE-----
Generated at Sun Jul 21 01:55:01 2024 by rpki-client on console-ams.rpki-client.org