Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M9W7SrfzIxxJsX6O0txtYVFfKkc.roa
File: M9W7SrfzIxxJsX6O0txtYVFfKkc.roa (raw, json)
Hash identifier: BEUzxJ947z1zrGJgR+LUHlnIYG+W0rOkDcZP5riXcJk=
Subject key identifier: 33:D5:BB:4A:B7:F3:23:1C:49:B1:7E:8E:D2:DC:6D:61:51:5F:2A:47
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019050587DAE170C98B8DFE314844BF07827
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M9W7SrfzIxxJsX6O0txtYVFfKkc.roa
Signing time: Tue 25 Jun 2024 17:01:34 +0000
ROA not before: Tue 25 Jun 2024 17:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:97c0:1000::/38 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/38 maxlen: 48
2a13:8380::/32 maxlen: 48
2a13:8381::/32 maxlen: 48
2a13:8382::/32 maxlen: 48
2a13:8383::/32 maxlen: 48
2a13:8384::/32 maxlen: 48
2a13:8385::/32 maxlen: 48
2a13:8386::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 05:52:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:50:58:7d:ae:17:0c:98:b8:df:e3:14:84:4b:f0:78:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 25 17:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33d5bb4ab7f3231c49b17e8ed2dc6d61515f2a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:62:90:24:8f:36:ef:63:92:5b:28:16:2d:fb:
77:a9:f0:ab:02:00:2c:85:10:c1:45:94:e8:29:ec:
a4:a7:21:30:f0:35:b1:ad:65:f6:54:ce:56:b7:1a:
14:23:a9:62:2e:c8:d2:9f:68:d9:ba:9a:79:ff:62:
9e:f6:2e:09:e2:39:6b:a4:aa:90:3c:a3:15:fa:4f:
b0:69:22:66:3a:15:3a:f5:26:98:c0:f2:d9:60:be:
02:95:7a:38:ab:9b:b8:1b:e2:1d:ac:6e:de:8a:40:
38:23:be:71:bc:a1:67:d6:8d:45:63:01:cd:0d:45:
b6:dd:16:f6:15:cc:b2:5d:2c:56:8a:c1:1b:f3:8b:
94:f2:10:08:05:e0:8a:18:3a:3e:e0:4f:49:9f:b5:
33:dd:b5:c8:bb:25:d0:f3:9c:fd:fe:6a:f9:25:b9:
2e:94:bd:be:fe:12:9c:3e:2d:1d:cb:c2:87:d3:f0:
39:c6:7a:70:17:a9:d8:65:ae:53:9e:3d:cd:c9:39:
6c:83:4b:f1:70:80:ce:39:1c:4b:3c:56:98:5b:f0:
5c:65:e6:b7:a7:85:54:5b:89:67:15:c5:81:b3:10:
13:b8:dc:a6:60:26:ac:92:45:7a:86:46:e5:55:10:
c5:ef:ac:8d:10:b3:03:53:5e:78:5e:b0:5a:a0:6d:
4b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D5:BB:4A:B7:F3:23:1C:49:B1:7E:8E:D2:DC:6D:61:51:5F:2A:47
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M9W7SrfzIxxJsX6O0txtYVFfKkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1000::/38
2a10:2f00:187::/48
2a10:ccc0:800::/38
2a13:8380::-2a13:8386:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:be:79:26:a0:0c:29:1e:93:d6:2e:bb:4f:20:ab:80:29:f6:
0f:2c:86:32:6c:2d:63:98:7f:fb:18:0a:f1:e7:5d:c1:28:73:
bb:04:d7:1b:bc:d4:ea:da:dc:cd:1b:0d:f6:f3:46:82:1c:36:
88:31:c7:2b:4b:ec:b0:ff:50:69:a4:92:be:9f:c8:ac:cc:5c:
d1:65:44:d9:f5:06:0c:9b:ff:e3:c1:f1:9b:c4:1e:ad:e4:63:
f8:4d:10:a7:28:0c:36:d8:88:c1:a7:df:be:5f:89:8c:2b:d3:
dd:65:86:8a:79:e3:6d:a6:9c:05:00:48:3e:1b:dc:d0:0b:bc:
ae:ba:ad:4b:6c:f3:76:c2:b6:c4:39:97:df:29:ba:fb:f1:db:
77:e0:3f:76:c2:76:ec:1a:5a:89:48:88:dd:ce:3f:41:13:49:
59:f7:ad:33:23:5b:14:f3:f0:b8:6f:26:56:9b:e8:56:74:3a:
ed:99:ea:b5:e8:8a:6c:e5:92:24:e4:6b:b2:0a:de:9e:25:d7:
b6:71:a9:8f:55:a0:93:94:27:23:0b:a0:ba:ab:70:5a:25:94:
5f:59:f0:fb:39:9f:ee:80:c2:d1:ac:98:97:9e:cd:2f:25:d1:
a9:ed:f3:13:1a:1e:22:1d:b8:eb:e7:17:50:af:64:91:3c:ee:
bd:16:d4:c8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZBQWH2uFwyYuN/jFIRL8HgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjI1MTcwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q1YmI0YWI3ZjMyMzFjNDliMTdlOGVkMmRjNmQ2MTUxNWYyYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWKQJI8272OSWygWLft3qfCrAgAs
hRDBRZToKeykpyEw8DWxrWX2VM5WtxoUI6liLsjSn2jZupp5/2Ke9i4J4jlrpKqQ
PKMV+k+waSJmOhU69SaYwPLZYL4ClXo4q5u4G+IdrG7eikA4I75xvKFn1o1FYwHN
DUW23Rb2FcyyXSxWisEb84uU8hAIBeCKGDo+4E9Jn7Uz3bXIuyXQ85z9/mr5Jbku
lL2+/hKcPi0dy8KH0/A5xnpwF6nYZa5Tnj3NyTlsg0vxcIDOORxLPFaYW/BcZea3
p4VUW4lnFcWBsxATuNymYCaskkV6hkblVRDF76yNELMDU154XrBaoG1LDQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDPVu0q38yMcSbF+jtLcbWFRXypHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTTlXN1NyZnpJeHhKc1g2TzB0eHRZVkZmS2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwYCKg6XwBAD
BwAqEC8AAYcDBgIqEMzACDAOAwUHKhODgAMFACoTg4YwDQYJKoZIhvcNAQELBQAD
ggEBAJ++eSagDCkek9Yuu08gq4Ap9g8shjJsLWOYf/sYCvHnXcEoc7sE1xu81Ora
3M0bDfbzRoIcNogxxytL7LD/UGmkkr6fyKzMXNFlRNn1Bgyb/+PB8ZvEHq3kY/hN
EKcoDDbYiMGn375fiYwr091lhop5422mnAUASD4b3NALvK66rUts83bCtsQ5l98p
uvvx23fgP3bCduwaWolIiN3OP0ETSVn3rTMjWxTz8LhvJlab6FZ0Ou2Z6rXoimzl
kiTka7IK3p4l17ZxqY9VoJOUJyMLoLqrcFollF9Z8Ps5n+6AwtGsmJeezS8l0ant
8xMaHiIduOvnF1CvZJE87r0W1Mg=
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:21:00 2024 by rpki-client on console-ams.rpki-client.org