Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OipoN2A056Zg4H0qCXK-4E99Sjg.roa
File: OipoN2A056Zg4H0qCXK-4E99Sjg.roa (raw, json)
Hash identifier: 6sMpCH9P7n9AMaNuNUpsqFDe1pBlUnlhhErrz8fp8VA=
Subject key identifier: 3A:2A:68:37:60:34:E7:A6:60:E0:7D:2A:09:72:BE:E0:4F:7D:4A:38
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018EC2D798C866143A69ECF3B2D01B717C82
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OipoN2A056Zg4H0qCXK-4E99Sjg.roa
Signing time: Tue 09 Apr 2024 12:31:32 +0000
ROA not before: Tue 09 Apr 2024 12:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212248
IP address blocks: 2a10:ccc1:108::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 01 Sep 2024 10:44:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:d7:98:c8:66:14:3a:69:ec:f3:b2:d0:1b:71:7c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 9 12:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a2a68376034e7a660e07d2a0972bee04f7d4a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9d:83:37:5f:80:c6:83:2b:70:fb:00:60:4d:
cc:85:26:3d:b1:7f:e8:74:af:7b:38:67:c7:ef:8c:
38:ad:89:61:a7:42:cd:0b:c8:fd:a8:c2:44:59:88:
40:de:3f:86:6b:a8:0c:77:9a:4f:1e:b8:2a:1b:69:
c7:21:88:b3:67:01:a7:4c:91:75:ad:12:76:b9:ab:
ef:f2:9a:f5:7b:f0:c5:8f:44:e2:b2:cb:03:da:6d:
b5:c6:b0:83:9f:6f:13:de:ea:c3:d8:9d:84:ee:bd:
a2:ba:45:2e:f9:df:1c:05:41:af:bb:6e:3c:c6:9a:
46:14:17:aa:d5:da:ae:1e:59:2d:52:b8:55:45:2b:
cc:aa:8f:90:79:16:51:cf:4f:ea:9c:33:0f:ee:19:
2a:5b:50:84:d9:bc:97:cd:78:06:45:5c:cb:8e:fa:
55:7e:1b:5a:2b:11:0a:fc:32:bf:09:99:5c:16:1f:
d0:8e:06:3e:ef:19:8b:7b:05:70:45:66:f2:52:b9:
ec:9a:b7:ff:21:21:80:b7:4b:b6:98:54:18:3e:c1:
12:40:cb:75:ae:76:73:43:78:9a:1f:24:b1:1c:e2:
56:5c:ee:b7:4c:59:6a:ca:eb:2c:47:93:0e:dc:5c:
bf:9f:ac:5d:2b:e7:92:2e:ea:63:58:a6:c4:d5:ad:
2e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2A:68:37:60:34:E7:A6:60:E0:7D:2A:09:72:BE:E0:4F:7D:4A:38
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OipoN2A056Zg4H0qCXK-4E99Sjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc1:108::/48
Signature Algorithm: sha256WithRSAEncryption
ca:f7:f3:b2:05:3e:fa:4a:2a:72:24:9b:f8:9b:de:b5:33:2a:
a9:17:c1:27:3b:36:5e:f7:a0:99:46:66:a3:6d:92:4e:c0:3f:
0b:b2:c2:bc:aa:fc:b8:50:8e:c8:5c:81:d8:d5:95:7c:e4:c4:
71:b4:6e:d0:6d:b3:f5:43:1f:f4:f5:88:7e:31:ea:aa:77:a3:
68:be:1c:cf:3e:f7:ba:49:52:92:d6:0d:58:77:05:a9:84:4d:
c8:08:31:d9:70:92:7b:9b:34:ed:65:fe:e2:db:f3:7d:bd:40:
ae:27:a8:6e:5f:7c:a0:e3:36:bd:bf:47:4f:87:e0:c2:96:57:
09:6c:97:03:05:34:18:fe:55:c1:0c:be:f3:92:14:1c:25:40:
97:b4:82:ab:2c:6b:df:cc:21:e4:3d:d4:97:d5:ff:15:13:a8:
07:a5:fa:a9:a3:ad:ed:ad:98:5a:8c:03:57:df:60:ad:60:8c:
86:be:55:73:fd:69:7f:9e:48:95:df:a4:9b:a0:b3:98:af:fe:
8b:46:11:df:bf:0b:75:42:8a:42:4d:30:a8:e4:af:b8:7e:48:
91:b4:a8:74:fe:ab:ad:1c:d8:3a:81:0e:3c:df:6b:9e:b7:30:
f8:f5:ee:82:05:bb:8e:6a:7d:5c:69:33:1f:a3:b1:82:ca:27:
1d:97:9a:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7C15jIZhQ6aezzstAbcXyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDA5MTIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJhNjgzNzYwMzRlN2E2NjBlMDdkMmEwOTcyYmVlMDRmN2Q0YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp2DN1+AxoMrcPsAYE3MhSY9sX/o
dK97OGfH74w4rYlhp0LNC8j9qMJEWYhA3j+Ga6gMd5pPHrgqG2nHIYizZwGnTJF1
rRJ2uavv8pr1e/DFj0TisssD2m21xrCDn28T3urD2J2E7r2iukUu+d8cBUGvu248
xppGFBeq1dquHlktUrhVRSvMqo+QeRZRz0/qnDMP7hkqW1CE2byXzXgGRVzLjvpV
fhtaKxEK/DK/CZlcFh/QjgY+7xmLewVwRWbyUrnsmrf/ISGAt0u2mFQYPsESQMt1
rnZzQ3iaHySxHOJWXO63TFlqyussR5MO3Fy/n6xdK+eSLupjWKbE1a0uKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDoqaDdgNOemYOB9KglyvuBPfUo4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT2lwb04yQTA1NlpnNEgwcUNYSy00RTk5U2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMwQEI
MA0GCSqGSIb3DQEBCwUAA4IBAQDK9/OyBT76SipyJJv4m961MyqpF8EnOzZe96CZ
RmajbZJOwD8LssK8qvy4UI7IXIHY1ZV85MRxtG7QbbP1Qx/09Yh+Meqqd6NovhzP
Pve6SVKS1g1YdwWphE3ICDHZcJJ7mzTtZf7i2/N9vUCuJ6huX3yg4za9v0dPh+DC
llcJbJcDBTQY/lXBDL7zkhQcJUCXtIKrLGvfzCHkPdSX1f8VE6gHpfqpo63trZha
jANX32CtYIyGvlVz/Wl/nkiV36SboLOYr/6LRhHfvwt1QopCTTCo5K+4fkiRtKh0
/qutHNg6gQ4832uetzD49e6CBbuOan1caTMfo7GCyicdl5qC
-----END CERTIFICATE-----
Generated at Sun Sep 1 12:45:46 2024 by rpki-client on console-fra.rpki-client.org