Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N_gKojI0Gb0-sg7urN-VTNcbdxE.roa
File: N_gKojI0Gb0-sg7urN-VTNcbdxE.roa (raw, json)
Hash identifier: iZi6XmskTw2P3DNKr7vQ2IS53sA2yTa4VRmlCa6RBA8=
Subject key identifier: 37:F8:0A:A2:32:34:19:BD:3E:B2:0E:EE:AC:DF:95:4C:D7:1B:77:11
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186690288C57814D89F91C46E231E3A2A96
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N_gKojI0Gb0-sg7urN-VTNcbdxE.roa
Signing time: Sun 19 Feb 2023 09:30:19 +0000
ROA not before: Sun 19 Feb 2023 09:30:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41732
IP address blocks: 2a0e:b107:820::/44 maxlen: 48
2a0e:b107:9d0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Nov 2023 07:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:69:02:88:c5:78:14:d8:9f:91:c4:6e:23:1e:3a:2a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 19 09:30:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37f80aa2323419bd3eb20eeeacdf954cd71b7711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9f:b8:6e:5d:fb:31:20:ad:87:70:63:19:bd:
70:d2:22:19:6d:f8:a4:df:58:01:34:27:bc:15:6c:
fa:a0:60:5e:6e:6b:2e:68:11:a0:8a:86:08:3a:6d:
46:fd:8d:c6:39:75:69:5b:c2:0f:aa:c2:46:2a:62:
47:06:ca:6f:56:b3:55:4a:d7:a7:cd:22:30:51:95:
97:1c:08:aa:dd:4b:ad:11:9b:e1:ab:b9:b6:6c:c0:
6e:14:52:f4:b0:43:1b:4f:42:00:5c:4a:bc:17:7a:
8a:57:b3:f3:0d:e3:ba:95:c4:3e:73:a2:6f:40:fd:
17:13:db:03:3a:c0:e1:94:1b:04:d2:11:f9:46:05:
aa:86:0b:67:f4:1f:de:94:37:73:93:99:85:fe:04:
19:f5:30:10:df:2e:cd:d9:4e:c4:0a:1c:75:bc:93:
6d:17:f8:2b:d2:12:c0:e5:7d:48:04:28:2a:06:64:
fe:dd:2f:24:8c:38:bc:db:33:66:ea:da:43:e0:da:
b0:a6:d7:94:89:25:83:38:9d:80:02:c3:c0:b5:e0:
bf:18:9c:c5:00:35:c3:be:3c:cc:58:a9:11:5c:f8:
85:66:ee:87:9c:b8:d5:84:97:c7:a4:11:75:98:fb:
64:c9:6a:77:54:5a:f8:c6:fc:55:d0:48:20:aa:be:
19:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F8:0A:A2:32:34:19:BD:3E:B2:0E:EE:AC:DF:95:4C:D7:1B:77:11
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N_gKojI0Gb0-sg7urN-VTNcbdxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:820::/44
2a0e:b107:9d0::/44
Signature Algorithm: sha256WithRSAEncryption
c6:98:70:02:26:51:5d:d9:46:48:62:56:f1:c0:ed:18:0e:16:
6a:cf:f6:9b:37:76:13:94:95:68:06:8e:51:7f:ed:6f:0e:16:
af:d2:93:09:d6:a1:ab:cc:7a:39:0f:46:57:ba:c7:94:7d:c8:
65:b4:b8:7c:7c:e8:21:1b:5b:7f:69:9a:c9:4f:05:42:ef:2c:
6f:e8:b3:5e:2d:cd:7c:2a:1b:b6:f1:59:9d:49:ab:b7:fb:d1:
65:12:f7:6f:15:fb:50:be:62:d7:da:da:7e:04:04:65:c1:19:
af:7a:6d:36:80:1a:9f:31:7e:5c:38:1e:66:a7:7d:0e:35:91:
3b:09:e3:ea:de:5d:56:c7:c1:67:84:3a:7f:6a:f9:5d:b8:eb:
e6:a9:24:0b:d4:ed:c6:e3:2e:59:57:0b:07:23:88:bb:f6:77:
c8:7d:58:db:3a:bc:2c:d0:58:4e:f1:84:40:7a:49:b9:e3:eb:
e3:17:ee:75:d2:19:27:e7:e1:8c:ff:33:69:a8:12:04:1a:25:
e4:3c:be:9c:fd:18:8e:d1:31:bd:e8:fb:54:78:1c:29:a8:79:
5a:52:e9:97:ea:11:5b:e3:e0:b6:3c:37:d6:64:b2:b3:9b:e6:
90:56:96:0c:9d:4b:19:e9:09:4b:fa:3b:93:d1:b0:53:ad:0d:
41:8b:83:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZpAojFeBTYn5HEbiMeOiqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjE5MDkzMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Y4MGFhMjMyMzQxOWJkM2ViMjBlZWVhY2RmOTU0Y2Q3MWI3NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup+4bl37MSCth3BjGb1w0iIZbfik
31gBNCe8FWz6oGBebmsuaBGgioYIOm1G/Y3GOXVpW8IPqsJGKmJHBspvVrNVSten
zSIwUZWXHAiq3UutEZvhq7m2bMBuFFL0sEMbT0IAXEq8F3qKV7PzDeO6lcQ+c6Jv
QP0XE9sDOsDhlBsE0hH5RgWqhgtn9B/elDdzk5mF/gQZ9TAQ3y7N2U7EChx1vJNt
F/gr0hLA5X1IBCgqBmT+3S8kjDi82zNm6tpD4NqwpteUiSWDOJ2AAsPAteC/GJzF
ADXDvjzMWKkRXPiFZu6HnLjVhJfHpBF1mPtkyWp3VFr4xvxV0Eggqr4ZjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDf4CqIyNBm9PrIO7qzflUzXG3cRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTl9nS29qSTBHYjAtc2c3dXJOLVZUTmNiZHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwgg
AwcEKg6xBwnQMA0GCSqGSIb3DQEBCwUAA4IBAQDGmHACJlFd2UZIYlbxwO0YDhZq
z/abN3YTlJVoBo5Rf+1vDhav0pMJ1qGrzHo5D0ZXuseUfchltLh8fOghG1t/aZrJ
TwVC7yxv6LNeLc18Khu28VmdSau3+9FlEvdvFftQvmLX2tp+BARlwRmvem02gBqf
MX5cOB5mp30ONZE7CePq3l1Wx8FnhDp/avlduOvmqSQL1O3G4y5ZVwsHI4i79nfI
fVjbOrws0FhO8YRAekm54+vjF+510hkn5+GM/zNpqBIEGiXkPL6c/RiO0TG96PtU
eBwpqHlaUumX6hFb4+C2PDfWZLKzm+aQVpYMnUsZ6QlL+juT0bBTrQ1Bi4NL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org