Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LyFOmA41-xB7ZhKy4yCjzXc-Ap0.roa
File: LyFOmA41-xB7ZhKy4yCjzXc-Ap0.roa (raw, json)
Hash identifier: zQCtBZv5wzmIxp3BJdvpUY2FBvuJUglSq+zuWSCm+Vc=
Subject key identifier: 2F:21:4E:98:0E:35:FB:10:7B:66:12:B2:E3:20:A3:CD:77:3E:02:9D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018EC404D2F456D57656092FA4B99364B7EE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LyFOmA41-xB7ZhKy4yCjzXc-Ap0.roa
Signing time: Tue 09 Apr 2024 18:00:34 +0000
ROA not before: Tue 09 Apr 2024 18:00:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Jun 2024 21:18:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:04:d2:f4:56:d5:76:56:09:2f:a4:b9:93:64:b7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 9 18:00:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f214e980e35fb107b6612b2e320a3cd773e029d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:83:11:1b:d3:38:da:bc:af:e5:61:6a:ca:
83:ce:bb:69:fe:7b:ed:af:d5:10:c2:18:37:54:f6:
4d:f9:84:76:af:d8:b0:5f:7c:52:34:06:f9:6b:35:
c5:ce:5c:d1:62:5f:a7:be:9a:dc:5a:ac:64:b1:ed:
00:73:b5:3d:5c:d3:1d:eb:b3:a4:e6:71:2a:c1:f1:
fd:1e:2c:50:0f:16:b4:2c:80:bb:cd:7b:c8:08:db:
01:cb:3f:6f:73:fa:28:a0:a8:e5:8d:d0:5c:7e:08:
f8:46:78:f1:22:89:bc:06:61:f7:f6:44:02:21:3d:
cb:57:7a:cd:0e:ee:02:b9:d4:e8:a1:f1:f7:bb:39:
8c:2a:ea:e0:88:d2:5a:45:eb:d0:db:d6:71:f4:fd:
ef:cd:a7:4f:55:84:6d:2c:33:f8:1d:68:f0:a6:14:
69:3f:6f:18:2e:58:71:57:46:07:c3:b4:d6:d0:e8:
00:71:47:91:25:03:e8:f8:4f:42:cb:ed:3f:ab:72:
3a:dc:f7:e1:45:55:b9:2e:2f:5b:9f:ff:c4:76:a0:
d6:45:60:e6:06:d9:33:99:3d:95:3f:a4:65:36:53:
e0:22:eb:86:7e:54:a9:44:a3:98:99:9a:8c:51:93:
17:7d:91:11:2a:8b:14:72:bf:7e:f7:87:7e:8e:e8:
c0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:21:4E:98:0E:35:FB:10:7B:66:12:B2:E3:20:A3:CD:77:3E:02:9D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LyFOmA41-xB7ZhKy4yCjzXc-Ap0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::/48
2a0e:b107:12d3::-2a0e:b107:12d5:ffff:ffff:ffff:ffff:ffff
2a0e:b107:12d7::/48
Signature Algorithm: sha256WithRSAEncryption
69:20:a7:a1:87:c1:0e:30:31:e6:14:6d:2d:e5:7f:d0:d5:42:
e1:20:0b:51:fd:04:f0:26:7f:77:ef:c7:3f:43:c8:6d:f0:8a:
54:b8:a0:77:58:fa:4e:19:81:49:92:cc:59:5c:3d:ca:f3:98:
40:cb:52:e7:08:86:7d:e7:48:17:4b:bd:8b:ea:1a:c9:d6:9a:
39:55:e2:2c:15:8e:40:80:1f:ec:72:44:e0:23:86:3a:9f:5d:
85:6c:f5:7f:03:6d:8a:cb:ba:27:7d:c9:bd:f0:5a:24:f9:69:
8d:a8:5e:7a:3a:60:14:ab:04:93:be:c2:5a:38:c1:8d:08:db:
e7:57:9f:b9:5d:93:06:6d:c4:b5:a3:fa:d3:ef:fb:4c:55:0b:
a7:7e:46:24:df:51:d5:13:2b:7a:bc:9c:7a:46:3f:dd:2f:3c:
be:b2:ff:52:44:25:88:3f:b2:21:46:b4:0c:97:a4:12:fa:bd:
a9:17:bb:7a:d4:2a:35:4b:69:a3:a1:86:5a:44:ff:4d:99:ec:
cf:3f:36:df:0e:e0:6a:13:30:9f:df:7f:ad:6d:07:37:bf:de:
7d:45:7f:59:35:a9:d3:ca:cc:6e:57:31:45:95:d6:3e:7f:ee:
ae:d6:b3:19:9c:95:3a:b7:4b:e6:a9:20:03:cd:ca:b3:6e:aa:
e8:3e:7a:05
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY7EBNL0VtV2VgkvpLmTZLfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDA5MTgwMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIxNGU5ODBlMzVmYjEwN2I2NjEyYjJlMzIwYTNjZDc3M2UwMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn62DERvTONq8r+VhasqDzrtp/nvt
r9UQwhg3VPZN+YR2r9iwX3xSNAb5azXFzlzRYl+nvprcWqxkse0Ac7U9XNMd67Ok
5nEqwfH9HixQDxa0LIC7zXvICNsByz9vc/oooKjljdBcfgj4RnjxIom8BmH39kQC
IT3LV3rNDu4CudToofH3uzmMKurgiNJaRevQ29Zx9P3vzadPVYRtLDP4HWjwphRp
P28YLlhxV0YHw7TW0OgAcUeRJQPo+E9Cy+0/q3I63PfhRVW5Li9bn//EdqDWRWDm
BtkzmT2VP6RlNlPgIuuGflSpRKOYmZqMUZMXfZERKosUcr9+94d+jujAWwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC8hTpgONfsQe2YSsuMgo813PgKdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTHlGT21BNDEteEI3WmhLeTR5Q2p6WGMtQXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg6xBxLR
MBIDBwAqDrEHEtMDBwEqDrEHEtQDBwAqDrEHEtcwDQYJKoZIhvcNAQELBQADggEB
AGkgp6GHwQ4wMeYUbS3lf9DVQuEgC1H9BPAmf3fvxz9DyG3wilS4oHdY+k4ZgUmS
zFlcPcrzmEDLUucIhn3nSBdLvYvqGsnWmjlV4iwVjkCAH+xyROAjhjqfXYVs9X8D
bYrLuid9yb3wWiT5aY2oXno6YBSrBJO+wlo4wY0I2+dXn7ldkwZtxLWj+tPv+0xV
C6d+RiTfUdUTK3q8nHpGP90vPL6y/1JEJYg/siFGtAyXpBL6vakXu3rUKjVLaaOh
hlpE/02Z7M8/Nt8O4GoTMJ/ff61tBze/3n1Ff1k1qdPKzG5XMUWV1j5/7q7Wsxmc
lTq3S+apIAPNyrNuqug+egU=
-----END CERTIFICATE-----
Generated at Tue Jun 18 02:28:03 2024 by rpki-client on console-ams.rpki-client.org