Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OVrg0Htf-g3vLyBIuygEq1WkUDM.roa
File: OVrg0Htf-g3vLyBIuygEq1WkUDM.roa (raw, json)
Hash identifier: fT6c7mDjLLdTwt6pHaNEIS4qcmzX1uC/YGjf/1xtgBE=
Subject key identifier: 39:5A:E0:D0:7B:5F:FA:0D:EF:2F:20:48:BB:28:04:AB:55:A4:50:33
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE469A4632BB797D12D3982EA0CFD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OVrg0Htf-g3vLyBIuygEq1WkUDM.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151194
IP address blocks: 2a10:ccc0:ccc0::/44 maxlen: 48
2a10:ccc0:ccc0::/46 maxlen: 48
2a06:de00:de00::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 16 Nov 2024 16:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e4:69:a4:63:2b:b7:97:d1:2d:39:82:ea:0c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=395ae0d07b5ffa0def2f2048bb2804ab55a45033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0d:92:85:99:47:76:9d:2b:34:94:87:fe:02:
71:91:77:aa:46:ee:8c:85:44:07:bd:10:01:6c:11:
29:e1:8d:8f:5f:40:7e:64:85:57:b1:d7:7c:ef:a0:
41:a9:c2:49:29:29:ab:ae:38:f8:fc:5e:23:38:4b:
00:b4:7d:b4:f8:80:06:14:96:9a:e4:ae:ad:f3:62:
a0:a1:76:20:72:98:6b:92:b0:52:73:3b:dd:c3:23:
73:b7:3f:a3:55:39:09:2f:a0:9f:47:a2:87:b9:c7:
9e:1d:97:9e:00:9e:dc:54:f0:68:16:c2:a8:56:87:
65:65:7b:3f:43:5a:74:c2:96:39:8a:4e:43:9b:1c:
ff:75:c4:96:97:2f:1a:54:a4:32:06:0d:d6:0e:9a:
82:f0:f9:da:e6:b5:09:cc:c5:59:5b:eb:5b:40:86:
f9:f0:81:8e:c7:a1:e8:3c:e1:43:38:bc:8d:40:26:
0a:da:e5:ab:14:3f:e3:7a:65:c3:c5:28:b8:ab:ff:
e4:78:84:f1:c6:fe:a9:d1:2d:de:17:e7:55:c6:ae:
44:d1:39:52:c6:bb:3d:6d:5d:b9:c7:26:b4:a2:ee:
63:74:5d:b7:2b:a7:81:a9:54:e8:81:62:92:86:3d:
18:e0:e7:7f:4a:ea:e6:be:e3:80:ac:aa:11:17:63:
31:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5A:E0:D0:7B:5F:FA:0D:EF:2F:20:48:BB:28:04:AB:55:A4:50:33
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OVrg0Htf-g3vLyBIuygEq1WkUDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:de00::/44
2a10:ccc0:ccc0::/44
Signature Algorithm: sha256WithRSAEncryption
9d:36:47:71:e6:c7:3e:2e:74:4b:25:a6:00:cb:e5:19:f4:23:
3f:ee:18:f5:ef:bb:d5:0a:b4:f3:8f:b4:25:d1:14:b5:32:97:
af:fd:4a:21:b1:55:0b:1a:0c:01:4e:0e:be:c1:1e:b0:33:a5:
3e:00:40:80:bb:46:cb:7c:f7:10:83:0b:2a:52:e5:2b:ca:e8:
6f:aa:f4:7d:e2:0a:0c:1d:30:cc:5e:42:90:c9:48:67:46:e0:
a1:6f:16:52:53:d2:d8:a3:32:d1:76:12:7f:75:bb:32:c3:fb:
f6:2d:fd:35:61:e3:32:a0:44:a9:09:77:b7:9e:1a:10:4b:f1:
b1:e5:02:99:86:3d:0b:b7:28:d5:f1:9c:31:7d:20:d9:88:66:
78:8c:0f:e0:14:99:65:e0:03:90:e8:b9:e4:cc:e2:bf:4b:d4:
f6:a8:c2:dd:68:69:49:8e:5d:e9:bc:09:79:5b:a8:dc:89:6f:
99:35:2d:4d:ac:94:6b:10:e2:14:c5:1e:60:01:70:58:fb:a5:
6f:6c:b2:fa:bb:04:bc:1b:2e:e4:b6:43:da:ce:cf:1f:51:dc:
b9:a8:78:f0:c1:f9:de:f0:51:6a:46:a2:d9:69:12:b7:ee:97:
e6:29:39:11:8f:d6:4c:da:cd:81:85:21:5a:12:ed:ca:8d:fc:
3c:44:31:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvORppGMrt5fRLTmC6gz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVhZTBkMDdiNWZmYTBkZWYyZjIwNDhiYjI4MDRhYjU1YTQ1MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw2ShZlHdp0rNJSH/gJxkXeqRu6M
hUQHvRABbBEp4Y2PX0B+ZIVXsdd876BBqcJJKSmrrjj4/F4jOEsAtH20+IAGFJaa
5K6t82KgoXYgcphrkrBSczvdwyNztz+jVTkJL6CfR6KHuceeHZeeAJ7cVPBoFsKo
VodlZXs/Q1p0wpY5ik5Dmxz/dcSWly8aVKQyBg3WDpqC8Pna5rUJzMVZW+tbQIb5
8IGOx6HoPOFDOLyNQCYK2uWrFD/jemXDxSi4q//keITxxv6p0S3eF+dVxq5E0TlS
xrs9bV25xya0ou5jdF23K6eBqVTogWKShj0Y4Od/SurmvuOArKoRF2MxqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDla4NB7X/oN7y8gSLsoBKtVpFAzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT1ZyZzBIdGYtZzN2THlCSXV5Z0VxMVdrVURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAN4A
AwcEKhDMwMzAMA0GCSqGSIb3DQEBCwUAA4IBAQCdNkdx5sc+LnRLJaYAy+UZ9CM/
7hj177vVCrTzj7Ql0RS1Mpev/UohsVULGgwBTg6+wR6wM6U+AECAu0bLfPcQgwsq
UuUryuhvqvR94goMHTDMXkKQyUhnRuChbxZSU9LYozLRdhJ/dbsyw/v2Lf01YeMy
oESpCXe3nhoQS/Gx5QKZhj0LtyjV8ZwxfSDZiGZ4jA/gFJll4AOQ6LnkzOK/S9T2
qMLdaGlJjl3pvAl5W6jciW+ZNS1NrJRrEOIUxR5gAXBY+6VvbLL6uwS8Gy7ktkPa
zs8fUdy5qHjwwfne8FFqRqLZaRK37pfmKTkRj9ZM2s2BhSFaEu3Kjfw8RDFc
-----END CERTIFICATE-----
Generated at Sat Nov 16 18:19:09 2024 by rpki-client on console-ams.rpki-client.org