Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NoJF19cazLsPm7G0Fj6De9dN3qk.roa
File: NoJF19cazLsPm7G0Fj6De9dN3qk.roa (raw, json)
Hash identifier: oXTMMQ+fv0QL3eKd5w4RSxFu0I2RoAohJ0ZKi3GoL0w=
Subject key identifier: 36:82:45:D7:D7:1A:CC:BB:0F:9B:B1:B4:16:3E:83:7B:D7:4D:DE:A9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E8AFFD41A744CAB12351102A9C01356A9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NoJF19cazLsPm7G0Fj6De9dN3qk.roa
Signing time: Fri 29 Mar 2024 16:16:45 +0000
ROA not before: Fri 29 Mar 2024 16:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a0e:b104:100::/44 maxlen: 48
2a0e:b107:1240::/44 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Apr 2024 20:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:ff:d4:1a:74:4c:ab:12:35:11:02:a9:c0:13:56:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 29 16:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=368245d7d71accbb0f9bb1b4163e837bd74ddea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:5d:82:91:08:c5:41:d4:64:1b:2e:11:12:
a8:00:d4:c8:77:ff:74:82:93:d6:ab:75:40:bc:b2:
fb:e9:04:aa:c8:32:7e:db:c4:17:03:e8:b8:66:2c:
83:60:fb:b7:5f:68:15:32:85:67:56:39:9d:01:ff:
44:8f:d1:49:10:ca:77:7d:9a:34:da:6a:13:6a:87:
5a:a8:b8:49:02:79:9e:4f:84:55:90:e4:1d:a2:2e:
b3:84:5d:a0:84:1d:a9:65:84:0c:21:34:e0:ee:2b:
9a:f8:bc:c1:ea:3e:42:b7:b9:e4:20:b4:c8:a6:e1:
18:f1:b3:77:ed:be:60:06:87:3a:33:80:a7:17:92:
2a:cb:0c:0d:16:b9:db:9c:5b:9e:34:36:c0:c6:cd:
9e:c7:63:df:99:10:de:1e:e8:71:79:d7:b2:be:7e:
5c:ee:d2:67:15:05:96:0f:88:b6:3b:39:85:6d:2e:
d8:73:b5:9e:f7:45:78:d3:10:b4:56:18:9b:cb:58:
7d:b6:4e:6f:ef:ef:1f:b2:d5:85:d3:98:ee:1d:e5:
1f:36:9e:d4:7f:12:79:f4:0f:d2:78:c9:a8:b7:2f:
6d:5e:8b:13:ba:68:62:ae:7a:9e:e7:3f:16:e0:ae:
03:30:63:be:1b:5c:2d:1f:41:22:7e:7e:09:ba:f3:
05:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:82:45:D7:D7:1A:CC:BB:0F:9B:B1:B4:16:3E:83:7B:D7:4D:DE:A9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/NoJF19cazLsPm7G0Fj6De9dN3qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
2a0e:b104:100::/44
2a0e:b107:1240::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
87:84:35:c0:3d:40:e0:64:07:96:b1:a9:47:77:1c:c7:ab:02:
24:c2:a6:f9:bd:b5:98:5a:06:ea:ca:ef:d5:0e:1f:94:9f:96:
53:3d:fe:13:04:e1:e3:1d:c4:6e:3a:3d:02:9a:81:0f:11:4e:
8a:38:26:4f:6b:f2:11:11:6e:47:45:f5:a8:76:49:87:51:f1:
aa:23:5b:d5:a7:2c:f8:35:2d:97:9e:e6:6c:ba:91:64:f7:b9:
8c:04:1a:65:28:86:5d:42:13:8a:2a:9e:3a:80:b5:57:f2:cd:
81:22:78:f6:c1:1d:16:c1:00:64:6c:b5:8f:71:0a:92:47:0a:
7b:8c:3d:ce:c3:b6:2c:c4:5b:72:63:fd:6d:87:09:d1:6e:45:
f0:7f:34:02:52:5e:bf:68:c5:76:e0:c1:0b:94:07:26:f4:80:
45:c4:ee:b9:8c:00:5d:22:e9:ca:d3:04:d2:1d:3d:01:50:c4:
c3:68:c3:45:f2:b1:26:50:87:ca:c4:c2:cb:cf:1e:b2:60:4b:
48:0a:85:a3:33:bf:fb:50:d6:a6:7d:6f:29:c1:d3:5f:a5:07:
d5:00:b9:ea:c5:d3:35:95:b1:4a:16:97:f1:06:a3:ee:ee:9b:
65:01:24:25:07:f5:89:a4:eb:24:9e:02:88:55:25:31:1a:33:
50:e8:35:6b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6K/9QadEyrEjURAqnAE1apMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzI5MTYxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjgyNDVkN2Q3MWFjY2JiMGY5YmIxYjQxNjNlODM3YmQ3NGRkZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri5dgpEIxUHUZBsuERKoANTId/90
gpPWq3VAvLL76QSqyDJ+28QXA+i4ZiyDYPu3X2gVMoVnVjmdAf9Ej9FJEMp3fZo0
2moTaodaqLhJAnmeT4RVkOQdoi6zhF2ghB2pZYQMITTg7iua+LzB6j5Ct7nkILTI
puEY8bN37b5gBoc6M4CnF5IqywwNFrnbnFueNDbAxs2ex2PfmRDeHuhxedeyvn5c
7tJnFQWWD4i2OzmFbS7Yc7We90V40xC0Vhiby1h9tk5v7+8fstWF05juHeUfNp7U
fxJ59A/SeMmoty9tXosTumhirnqe5z8W4K4DMGO+G1wtH0Eifn4JuvMFvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDaCRdfXGsy7D5uxtBY+g3vXTd6pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTm9KRjE5Y2F6THNQbTdHMEZqNkRlOWROM3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwASA
AwcEKg6xBAEAAwcEKg6xBxJAAwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQCH
hDXAPUDgZAeWsalHdxzHqwIkwqb5vbWYWgbqyu/VDh+Un5ZTPf4TBOHjHcRuOj0C
moEPEU6KOCZPa/IREW5HRfWodkmHUfGqI1vVpyz4NS2XnuZsupFk97mMBBplKIZd
QhOKKp46gLVX8s2BInj2wR0WwQBkbLWPcQqSRwp7jD3Ow7YsxFtyY/1thwnRbkXw
fzQCUl6/aMV24MELlAcm9IBFxO65jABdIunK0wTSHT0BUMTDaMNF8rEmUIfKxMLL
zx6yYEtICoWjM7/7UNamfW8pwdNfpQfVALnqxdM1lbFKFpfxBqPu7ptlASQlB/WJ
pOskngKIVSUxGjNQ6DVr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org