Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQKw1QO-95k_TJcT9WaDU2tCxEY.roa
File: OQKw1QO-95k_TJcT9WaDU2tCxEY.roa (raw, json)
Hash identifier: kGpTRiy3vI11FFClc4UjoKp7Hy6nQQyG0R1ARbuILrg=
Subject key identifier: 39:02:B0:D5:03:BE:F7:99:3F:4C:97:13:F5:66:83:53:6B:42:C4:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C490125298E76A3C9D2A6A9B57EB5A012
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQKw1QO-95k_TJcT9WaDU2tCxEY.roa
Signing time: Fri 08 Dec 2023 10:37:40 +0000
ROA not before: Fri 08 Dec 2023 10:37:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 2a0e:b107:2828::/45 maxlen: 48
2a0e:b107:2818::/45 maxlen: 48
2a0e:b107:2820::/45 maxlen: 48
2a0e:b107:27d0::/45 maxlen: 48
2a0e:b107:2800::/45 maxlen: 48
2a0e:b107:2810::/45 maxlen: 48
2a0e:b107:27f8::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Dec 2023 09:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:01:25:29:8e:76:a3:c9:d2:a6:a9:b5:7e:b5:a0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 8 10:37:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3902b0d503bef7993f4c9713f56683536b42c446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a6:9f:d3:d3:98:6c:8d:13:e5:e8:1e:03:31:
71:e1:4e:fe:29:5f:39:6b:6b:a7:5b:a2:f2:aa:01:
68:a8:29:76:0e:3e:af:09:c1:1c:eb:00:33:a5:25:
90:8f:88:b3:d9:ca:88:1e:8c:b6:da:86:a8:86:04:
a2:28:73:7b:2b:98:63:e1:dc:47:c1:ea:7d:2a:c5:
0b:72:a8:9a:d0:9a:1b:fa:d5:42:59:de:e0:92:ec:
f6:62:05:4e:eb:3c:05:58:01:65:67:e2:4e:4b:0d:
60:92:c0:76:8b:a7:3c:b1:01:9d:ef:c3:99:74:42:
c0:5e:9d:fb:8e:f4:92:cf:46:a8:57:47:bb:6a:4b:
dc:23:9b:b8:8d:8b:32:87:7e:67:62:70:e9:b3:d7:
1e:92:78:f6:68:36:36:79:98:82:87:a2:b0:eb:a7:
2f:90:a0:c6:b4:3d:53:c6:d1:ef:f9:a9:83:2f:86:
18:6c:a5:28:1c:2f:0e:4d:f8:15:a0:d7:10:58:8f:
11:d7:28:14:c6:6b:57:ef:c3:de:d6:21:c3:ad:bd:
8a:ba:3c:4e:50:cf:1f:8b:02:b7:57:17:a7:b9:47:
e3:23:b6:9a:02:07:16:77:95:05:8b:78:eb:0d:eb:
17:2d:16:41:95:6c:bc:c4:5d:72:3d:27:88:e0:ab:
95:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:B0:D5:03:BE:F7:99:3F:4C:97:13:F5:66:83:53:6B:42:C4:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQKw1QO-95k_TJcT9WaDU2tCxEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f8::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2810::-2a0e:b107:282f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:ed:c4:47:8a:48:6c:4c:28:ab:6e:e9:ce:34:14:87:5a:0e:
4a:66:87:69:4c:ba:d0:9f:34:ef:99:fc:fc:ca:57:77:54:98:
b5:47:4d:aa:a8:c4:00:ec:32:eb:e8:8e:e1:8d:73:93:48:52:
58:d0:f1:b3:74:be:58:1e:fe:80:27:71:ba:6a:ab:f1:8f:46:
b1:5a:cd:8f:4e:08:0c:7a:30:8b:e6:52:cd:3a:95:ef:82:d1:
21:c2:79:99:b9:33:42:60:4e:16:f9:02:ca:91:71:75:c2:f9:
40:16:bc:69:21:bb:f7:e4:bd:98:0b:9e:f1:b6:3e:af:32:83:
5a:b9:a3:05:e6:7e:a1:27:68:cb:5f:c5:92:2e:1a:93:84:6f:
86:c1:e2:80:2d:11:7c:80:10:69:ef:55:68:3c:82:38:01:d6:
be:d7:c8:dd:8e:0b:9a:46:8e:8e:e9:52:28:80:be:67:e8:18:
1e:e0:bc:c2:d9:db:9f:6f:eb:a8:d0:b2:9a:36:eb:73:c1:0b:
76:70:64:c9:45:a5:7c:ed:67:d4:19:5f:18:c2:76:f7:22:ed:
08:b0:4c:e3:1e:58:d1:31:e3:0d:de:e5:38:84:f8:9d:d7:fd:
28:16:e4:0e:3d:0b:3f:9e:0d:8b:8e:1c:74:5b:15:3a:81:c4:
b3:e8:70:11
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYxJASUpjnajydKmqbV+taASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjA4MTAzNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAyYjBkNTAzYmVmNzk5M2Y0Yzk3MTNmNTY2ODM1MzZiNDJjNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKaf09OYbI0T5egeAzFx4U7+KV85
a2unW6LyqgFoqCl2Dj6vCcEc6wAzpSWQj4iz2cqIHoy22oaohgSiKHN7K5hj4dxH
wep9KsULcqia0Job+tVCWd7gkuz2YgVO6zwFWAFlZ+JOSw1gksB2i6c8sQGd78OZ
dELAXp37jvSSz0aoV0e7akvcI5u4jYsyh35nYnDps9ceknj2aDY2eZiCh6Kw66cv
kKDGtD1TxtHv+amDL4YYbKUoHC8OTfgVoNcQWI8R1ygUxmtX78Pe1iHDrb2KujxO
UM8fiwK3VxenuUfjI7aaAgcWd5UFi3jrDesXLRZBlWy8xF1yPSeI4KuV0wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDkCsNUDvveZP0yXE/Vmg1NrQsRGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT1FLdzFRTy05NWtfVEpjVDlXYURVMnRDeEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwcDKg6xByfQ
MBIDBwMqDrEHJ/gDBwMqDrEHKAAwEgMHBCoOsQcoEAMHBCoOsQcoIDANBgkqhkiG
9w0BAQsFAAOCAQEAke3ER4pIbEwoq27pzjQUh1oOSmaHaUy60J8075n8/MpXd1SY
tUdNqqjEAOwy6+iO4Y1zk0hSWNDxs3S+WB7+gCdxumqr8Y9GsVrNj04IDHowi+ZS
zTqV74LRIcJ5mbkzQmBOFvkCypFxdcL5QBa8aSG79+S9mAue8bY+rzKDWrmjBeZ+
oSdoy1/Fki4ak4RvhsHigC0RfIAQae9VaDyCOAHWvtfI3Y4LmkaOjulSKIC+Z+gY
HuC8wtnbn2/rqNCymjbrc8ELdnBkyUWlfO1n1BlfGMJ29yLtCLBM4x5Y0THjDd7l
OIT4ndf9KBbkDj0LP54Ni44cdFsVOoHEs+hwEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org