Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O2aks6RRQ8J8d8uOzeuyAnHe2LM.roa
File: O2aks6RRQ8J8d8uOzeuyAnHe2LM.roa (raw, json)
Hash identifier: EtTKt08hetpAt6zn3rN6pR1BDsQIVAEDMeE6K+G1FCA=
Subject key identifier: 3B:66:A4:B3:A4:51:43:C2:7C:77:CB:8E:CD:EB:B2:02:71:DE:D8:B3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD43DBDFE29D4E4226346F19D20798
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O2aks6RRQ8J8d8uOzeuyAnHe2LM.roa
Signing time: Tue 02 Jan 2024 10:34:33 +0000
ROA not before: Tue 02 Jan 2024 10:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212332
IP address blocks: 2a0e:b107:27b0::/47 maxlen: 48
2a0e:b107:27b2::/47 maxlen: 48
2a0e:b107:27b4::/47 maxlen: 48
2a0e:b107:27b6::/47 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 16:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:43:db:df:e2:9d:4e:42:26:34:6f:19:d2:07:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b66a4b3a45143c27c77cb8ecdebb20271ded8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d7:a2:a4:9a:0b:15:78:ea:45:8f:4c:81:28:
d8:0d:e5:e3:27:79:3b:55:c0:5c:4b:63:03:ab:85:
3f:c8:71:b0:7e:13:92:ce:97:a3:45:97:88:ac:d3:
f3:31:2f:a8:81:a9:b4:12:78:62:dd:cd:3a:4d:97:
50:71:9f:d3:32:b0:f1:b1:b6:ff:39:7a:f2:92:ec:
cf:50:32:c8:48:2e:88:dd:9a:28:61:07:be:b6:e2:
a9:c0:10:da:54:26:ae:7b:41:d2:65:73:49:92:3e:
bf:db:a0:9e:b0:3d:2f:a5:ad:71:32:70:54:47:a1:
88:66:5a:b2:7b:fd:31:2e:00:f1:ae:d6:03:fd:2c:
4e:29:34:99:7c:71:f9:27:33:e3:ff:c6:e0:1a:b7:
55:8a:68:c1:f5:d8:7f:22:7a:d2:33:11:5a:3a:90:
ce:d1:df:d8:8d:ea:f0:15:dc:e6:38:ba:a1:7b:10:
28:ad:7c:f6:a4:6b:0b:87:53:7e:be:6d:91:6e:dd:
08:6b:be:4e:b8:9a:74:a1:3d:f6:91:69:57:58:f2:
61:aa:d7:9f:b1:60:6a:ae:13:90:dd:34:5f:ee:eb:
4d:7c:85:64:e4:d0:0a:aa:c0:2f:b3:85:14:c8:45:
38:df:e8:f1:7c:c5:cf:c2:64:bd:01:62:66:89:ca:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:66:A4:B3:A4:51:43:C2:7C:77:CB:8E:CD:EB:B2:02:71:DE:D8:B3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/O2aks6RRQ8J8d8uOzeuyAnHe2LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27b0::/45
Signature Algorithm: sha256WithRSAEncryption
74:dd:dd:c2:14:d4:61:fb:27:25:0e:1e:62:9a:b1:25:0a:c4:
3e:2b:81:56:b9:c6:02:f3:e6:bc:e8:fd:35:00:47:18:8c:f0:
ae:3f:cc:4c:ba:4f:42:a0:28:29:e2:3a:c9:6b:ad:f1:d5:ea:
4f:e8:a7:31:e7:83:4f:3a:b0:b7:2c:cd:62:09:98:db:16:5c:
cb:08:26:64:fa:b3:28:57:12:23:53:1c:88:07:e4:ab:55:84:
23:f7:86:83:81:77:20:91:b6:09:c9:9c:79:7d:c9:c6:7c:11:
6d:88:d2:e0:7f:fe:88:91:13:03:0a:13:e9:e3:89:69:47:38:
85:d7:4c:86:74:86:9e:1f:d5:1f:35:21:49:f9:66:30:9d:a9:
8b:b1:4a:36:be:07:bf:56:c7:b2:49:a5:a7:67:91:49:1a:e9:
71:1c:a7:17:57:6c:cc:da:f8:f2:9a:51:c6:0c:40:7e:2e:d5:
17:93:f3:73:7c:9d:20:68:51:6a:17:37:b9:7e:9b:53:77:a6:
7e:c4:54:2f:b3:79:e2:a3:e8:8b:31:83:c7:ed:fa:fc:68:92:
f1:d6:d6:e0:dc:9f:16:c1:8c:c3:a0:fb:f8:7d:d0:4e:9b:43:
17:48:9a:f4:74:a9:39:32:20:b4:44:66:1e:78:9a:02:ea:1e:
ee:96:e5:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUPb3+KdTkImNG8Z0geYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY2YTRiM2E0NTE0M2MyN2M3N2NiOGVjZGViYjIwMjcxZGVkOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9eipJoLFXjqRY9MgSjYDeXjJ3k7
VcBcS2MDq4U/yHGwfhOSzpejRZeIrNPzMS+ogam0Enhi3c06TZdQcZ/TMrDxsbb/
OXrykuzPUDLISC6I3ZooYQe+tuKpwBDaVCaue0HSZXNJkj6/26CesD0vpa1xMnBU
R6GIZlqye/0xLgDxrtYD/SxOKTSZfHH5JzPj/8bgGrdVimjB9dh/InrSMxFaOpDO
0d/YjerwFdzmOLqhexAorXz2pGsLh1N+vm2Rbt0Ia75OuJp0oT32kWlXWPJhqtef
sWBqrhOQ3TRf7utNfIVk5NAKqsAvs4UUyEU43+jxfMXPwmS9AWJmicrCLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtmpLOkUUPCfHfLjs3rsgJx3tizMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTzJha3M2UlJROEo4ZDh1T3pldXlBbkhlMkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xByew
MA0GCSqGSIb3DQEBCwUAA4IBAQB03d3CFNRh+yclDh5imrElCsQ+K4FWucYC8+a8
6P01AEcYjPCuP8xMuk9CoCgp4jrJa63x1epP6Kcx54NPOrC3LM1iCZjbFlzLCCZk
+rMoVxIjUxyIB+SrVYQj94aDgXcgkbYJyZx5fcnGfBFtiNLgf/6IkRMDChPp44lp
RziF10yGdIaeH9UfNSFJ+WYwnamLsUo2vge/VseySaWnZ5FJGulxHKcXV2zM2vjy
mlHGDEB+LtUXk/NzfJ0gaFFqFze5fptTd6Z+xFQvs3nio+iLMYPH7fr8aJLx1tbg
3J8WwYzDoPv4fdBOm0MXSJr0dKk5MiC0RGYeeJoC6h7uluVB
-----END CERTIFICATE-----
Generated at Tue Feb 27 22:11:17 2024 by rpki-client on console-ams.rpki-client.org