Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M3oEjeVlhuueiO_ME9vJcOrttNI.roa
File: M3oEjeVlhuueiO_ME9vJcOrttNI.roa (raw, json)
Hash identifier: XBeopFww2radLpuCAssWQi3rhoTsOFU3xOOGPlHT3j4=
Subject key identifier: 33:7A:04:8D:E5:65:86:EB:9E:88:EF:CC:13:DB:C9:70:EA:ED:B4:D2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B011E44C242924942ECF50D175B33
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M3oEjeVlhuueiO_ME9vJcOrttNI.roa
Signing time: Tue 24 Jan 2023 16:09:53 +0000
ROA not before: Tue 24 Jan 2023 16:09:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212196
IP address blocks: 2a0e:b107:ec0::/48 maxlen: 48
2a0e:b107:ec0::/44 maxlen: 48
2a0e:b107:ec2::/48 maxlen: 48
2a0e:b107:ecf::/48 maxlen: 48
2a0e:b107:ec1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Jan 2023 21:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:01:1e:44:c2:42:92:49:42:ec:f5:0d:17:5b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=337a048de56586eb9e88efcc13dbc970eaedb4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:80:b2:34:ba:88:62:b9:57:6d:4f:f4:cb:8a:
f2:08:02:f4:da:3a:39:3f:14:a0:11:32:fe:0b:e0:
0d:54:02:0b:29:4a:38:f1:1d:d1:d6:5c:b7:bf:f0:
6c:58:28:2f:66:c5:70:e8:e5:7f:ab:dd:1d:f3:11:
a1:4b:84:dc:76:a3:93:4a:05:fa:b4:87:dd:d6:fb:
f5:1b:86:f4:cb:26:32:58:09:95:97:04:6f:eb:3b:
5c:52:e0:fa:8e:e5:1e:1a:69:5c:52:58:a0:d2:50:
72:90:64:49:b4:34:a8:07:02:4e:29:13:86:6e:ae:
81:17:2d:22:ec:b8:87:2b:50:6c:54:3b:53:88:a1:
0a:59:11:ff:8d:60:da:44:34:ae:2b:27:f5:b7:22:
dd:ce:c0:86:e6:38:27:c8:28:9e:fe:d0:19:77:80:
29:ef:be:f2:25:cf:9d:dc:04:ab:10:d7:9e:a8:22:
c9:2b:71:1d:bc:01:cc:f6:25:1b:36:e8:4d:06:37:
f0:98:d1:2f:aa:50:1b:86:00:a5:96:72:8d:5a:29:
d6:ea:d2:34:30:32:d8:31:ad:61:38:98:2b:17:2c:
85:33:72:31:87:f6:25:69:27:2e:69:da:a9:c9:b4:
a6:4c:9b:e9:ed:41:39:65:0f:1a:44:84:82:4b:79:
1c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7A:04:8D:E5:65:86:EB:9E:88:EF:CC:13:DB:C9:70:EA:ED:B4:D2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M3oEjeVlhuueiO_ME9vJcOrttNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
5e:8c:a2:e6:29:61:49:8e:71:47:83:96:9a:da:7c:85:41:f1:
19:e4:d6:be:bc:d4:b6:2a:53:36:0e:69:66:65:f9:e0:b7:e7:
b3:fe:4a:42:d3:b7:78:55:fe:a1:0c:3e:b3:cf:e2:89:65:31:
df:4e:dc:dd:75:b1:b0:6d:09:34:db:ba:77:21:20:b7:f6:57:
45:ed:83:ad:46:c2:bd:a1:bc:2b:dd:fe:f8:5a:a3:78:5b:bb:
a5:cb:e9:e5:ea:8d:b2:9c:27:2d:a8:e5:a2:2f:58:05:19:75:
9e:2b:11:10:ed:3f:2f:fc:be:15:30:64:06:5d:14:58:0f:61:
59:58:a0:97:82:b6:59:e0:a4:01:7f:79:ff:58:4b:61:ae:dd:
ec:85:59:b3:83:ee:bb:51:27:78:bf:aa:64:7c:fa:8f:f8:08:
32:ed:e1:f9:09:9e:ca:7a:3d:0e:a7:2f:5a:02:da:3d:98:5c:
35:1e:e3:89:85:18:63:b3:02:bf:61:7b:35:37:68:4b:44:c1:
5b:9d:24:ef:4d:07:6a:44:1d:a9:94:fc:bf:58:8a:cf:7e:43:
62:b8:08:d2:15:2c:b0:37:b4:1d:0f:bd:a0:f8:58:f8:42:52:
3f:b2:3f:93:98:0c:2d:02:bd:4d:69:f3:4a:5d:e4:74:fe:64:
4a:6a:0c:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiwEeRMJCkklC7PUNF1szMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdhMDQ4ZGU1NjU4NmViOWU4OGVmY2MxM2RiYzk3MGVhZWRiNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYCyNLqIYrlXbU/0y4ryCAL02jo5
PxSgETL+C+ANVAILKUo48R3R1ly3v/BsWCgvZsVw6OV/q90d8xGhS4TcdqOTSgX6
tIfd1vv1G4b0yyYyWAmVlwRv6ztcUuD6juUeGmlcUlig0lBykGRJtDSoBwJOKROG
bq6BFy0i7LiHK1BsVDtTiKEKWRH/jWDaRDSuKyf1tyLdzsCG5jgnyCie/tAZd4Ap
777yJc+d3ASrENeeqCLJK3EdvAHM9iUbNuhNBjfwmNEvqlAbhgCllnKNWinW6tI0
MDLYMa1hOJgrFyyFM3Ixh/YlaScuadqpybSmTJvp7UE5ZQ8aRISCS3kcTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDN6BI3lZYbrnojvzBPbyXDq7bTSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTTNvRWplVmxodXVlaU9fTUU5dkpjT3J0dE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw7A
MA0GCSqGSIb3DQEBCwUAA4IBAQBejKLmKWFJjnFHg5aa2nyFQfEZ5Na+vNS2KlM2
DmlmZfngt+ez/kpC07d4Vf6hDD6zz+KJZTHfTtzddbGwbQk027p3ISC39ldF7YOt
RsK9obwr3f74WqN4W7uly+nl6o2ynCctqOWiL1gFGXWeKxEQ7T8v/L4VMGQGXRRY
D2FZWKCXgrZZ4KQBf3n/WEthrt3shVmzg+67USd4v6pkfPqP+Agy7eH5CZ7Kej0O
py9aAto9mFw1HuOJhRhjswK/YXs1N2hLRMFbnSTvTQdqRB2plPy/WIrPfkNiuAjS
FSywN7QdD72g+Fj4QlI/sj+TmAwtAr1NafNKXeR0/mRKagwx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:30 2024 by rpki-client on console-fra.rpki-client.org