Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQPg-DnFQVCsIzf_On3sya_4qYA.roa
File: OQPg-DnFQVCsIzf_On3sya_4qYA.roa (raw, json)
Hash identifier: 8YYQXtyUGoLLDGXg90I+geG7aCcYpXrj/KvvItD8/uY=
Subject key identifier: 39:03:E0:F8:39:C5:41:50:AC:23:37:FF:3A:7D:EC:C9:AF:F8:A9:80
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01871DACAA5C8D5410FC867910DF92E2113A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQPg-DnFQVCsIzf_On3sya_4qYA.roa
Signing time: Sun 26 Mar 2023 11:27:47 +0000
ROA not before: Sun 26 Mar 2023 11:27:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199310
IP address blocks: 2a0e:97c0:220::/44 maxlen: 48
2a0e:b107:1b40::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Apr 2023 18:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1d:ac:aa:5c:8d:54:10:fc:86:79:10:df:92:e2:11:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 26 11:27:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3903e0f839c54150ac2337ff3a7decc9aff8a980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:3b:5d:c8:5f:91:90:ae:3c:75:8c:83:b6:
b1:aa:11:fd:43:c1:cf:63:2f:3e:ba:7d:2c:39:e8:
6c:62:50:55:76:08:e6:45:82:13:68:06:9e:3a:a7:
d0:ac:fb:0f:3d:7a:8d:1f:2d:9b:86:da:77:2f:ea:
20:85:b9:3e:99:1d:78:9c:39:e2:04:06:e6:b5:b9:
c0:33:d2:e0:a1:cd:a7:21:e4:03:16:ce:f3:79:8f:
f9:e5:3c:09:df:99:82:0f:00:d2:e8:6a:56:6e:c4:
f6:1b:ac:99:39:90:75:dd:a9:e8:ff:da:ad:92:55:
01:08:9d:2b:c9:7a:a4:c7:42:59:65:33:2b:f7:7f:
41:3f:ee:39:b1:6b:8f:dc:9d:81:b8:ba:cb:86:59:
24:78:3c:71:1c:51:d3:2b:5c:5c:ac:c9:8b:eb:74:
ce:c6:32:ad:55:7d:c2:02:35:fa:ff:dd:64:d1:c0:
aa:73:f1:91:13:dd:8c:6d:18:03:3b:ec:bb:b0:06:
1f:63:1e:74:3d:ff:99:81:4d:ca:66:7c:4e:24:44:
6b:c1:c2:fb:46:c6:b6:0f:e5:5d:76:4f:01:54:03:
30:84:69:33:55:08:15:b1:c6:6f:84:89:dd:e4:7f:
a7:25:67:90:cd:03:09:46:dd:53:ce:94:35:f5:25:
7f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:03:E0:F8:39:C5:41:50:AC:23:37:FF:3A:7D:EC:C9:AF:F8:A9:80
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OQPg-DnFQVCsIzf_On3sya_4qYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:220::/44
2a0e:b107:1b40::/44
Signature Algorithm: sha256WithRSAEncryption
4b:80:87:36:81:92:85:26:b2:ff:e7:df:d2:1e:c7:21:af:6d:
5c:eb:a3:88:0f:3b:d4:6c:22:d4:6a:54:56:6d:3e:7d:bc:c6:
a5:4a:0d:66:6c:66:a3:53:ca:20:eb:54:b1:e5:f8:31:a7:05:
df:17:ab:fc:b6:1e:59:65:2d:07:8e:ca:7d:aa:a6:43:31:6a:
a8:3a:e8:a7:b3:a0:d9:4f:84:ef:12:88:65:06:ef:db:17:5f:
08:71:e0:a4:7b:8a:f8:08:6c:8e:73:40:01:e5:80:07:de:a9:
56:9a:8c:b0:49:0f:82:a3:ad:f6:17:d9:a6:16:27:75:7f:7f:
91:98:24:27:31:c3:3c:23:76:b0:68:8d:35:71:68:97:84:97:
98:c9:ed:8e:30:da:47:50:ce:dd:d0:a6:29:a8:ae:0f:23:90:
d9:05:61:f7:52:a8:3f:5d:32:8c:41:49:fa:4d:26:90:fe:ca:
70:0f:9e:e2:b2:18:4a:37:69:c4:3d:22:7d:5a:69:18:1d:b1:
77:e3:0a:94:56:d6:3d:c0:8f:81:e6:ee:59:02:c7:c8:31:25:
6a:61:96:8c:92:0c:c3:b6:6c:4f:c0:4f:80:44:4c:e0:81:01:
f2:d5:46:3f:14:67:22:47:b2:c4:d2:72:d4:60:42:f6:6c:be:
f2:2d:e6:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcdrKpcjVQQ/IZ5EN+S4hE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzI2MTEyNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAzZTBmODM5YzU0MTUwYWMyMzM3ZmYzYTdkZWNjOWFmZjhhOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz07XchfkZCuPHWMg7axqhH9Q8HP
Yy8+un0sOehsYlBVdgjmRYITaAaeOqfQrPsPPXqNHy2bhtp3L+oghbk+mR14nDni
BAbmtbnAM9Lgoc2nIeQDFs7zeY/55TwJ35mCDwDS6GpWbsT2G6yZOZB13ano/9qt
klUBCJ0ryXqkx0JZZTMr939BP+45sWuP3J2BuLrLhlkkeDxxHFHTK1xcrMmL63TO
xjKtVX3CAjX6/91k0cCqc/GRE92MbRgDO+y7sAYfYx50Pf+ZgU3KZnxOJERrwcL7
Rsa2D+Vddk8BVAMwhGkzVQgVscZvhInd5H+nJWeQzQMJRt1TzpQ19SV/FwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDkD4Pg5xUFQrCM3/zp97Mmv+KmAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT1FQZy1EbkZRVkNzSXpmX09uM3N5YV80cVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAIg
AwcEKg6xBxtAMA0GCSqGSIb3DQEBCwUAA4IBAQBLgIc2gZKFJrL/59/SHschr21c
66OIDzvUbCLUalRWbT59vMalSg1mbGajU8og61Sx5fgxpwXfF6v8th5ZZS0Hjsp9
qqZDMWqoOuins6DZT4TvEohlBu/bF18IceCke4r4CGyOc0AB5YAH3qlWmoywSQ+C
o632F9mmFid1f3+RmCQnMcM8I3awaI01cWiXhJeYye2OMNpHUM7d0KYpqK4PI5DZ
BWH3Uqg/XTKMQUn6TSaQ/spwD57ishhKN2nEPSJ9WmkYHbF34wqUVtY9wI+B5u5Z
AsfIMSVqYZaMkgzDtmxPwE+AREzggQHy1UY/FGciR7LE0nLUYEL2bL7yLeZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org