Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OnTWgu2Cxuas6Kx7IKObDwYpMZs.roa
File: OnTWgu2Cxuas6Kx7IKObDwYpMZs.roa (raw, json)
Hash identifier: 6+qekW2fEG+TS7xapiXOeAN5WA7uSikPmJtZNnfRmNI=
Subject key identifier: 3A:74:D6:82:ED:82:C6:E6:AC:E8:AC:7B:20:A3:9B:0F:06:29:31:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01917563898002C572EC7EC708B9695710B0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OnTWgu2Cxuas6Kx7IKObDwYpMZs.roa
Signing time: Wed 21 Aug 2024 14:42:23 +0000
ROA not before: Wed 21 Aug 2024 14:42:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc3:3330::/44 maxlen: 48
2a10:ccc6:6660::/44 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Aug 2024 17:39:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:63:89:80:02:c5:72:ec:7e:c7:08:b9:69:57:10:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 21 14:42:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a74d682ed82c6e6ace8ac7b20a39b0f0629319b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:31:89:75:5e:78:77:61:55:90:e9:c0:22:35:
be:3c:9a:86:f1:aa:f5:42:6d:ae:eb:07:c7:f2:95:
01:b6:ed:b8:92:aa:05:63:22:f1:74:91:a1:7e:e6:
0d:a2:54:6e:91:09:ef:7b:49:71:ed:88:78:55:90:
90:b7:a1:ab:ea:4c:48:3b:87:da:5b:a7:3b:0a:78:
80:38:73:ec:99:d3:e2:b0:02:7d:70:5b:56:5c:ed:
03:e2:18:93:3c:05:29:ad:36:43:10:fd:de:c1:f6:
1d:09:3f:2b:53:b3:99:3b:90:0b:e5:61:e8:a2:e6:
c3:99:a8:3f:fb:03:52:d9:a9:2c:91:cf:d3:dc:8c:
07:54:15:5b:e8:5e:3b:09:6b:61:ff:12:ac:9f:47:
6a:0e:4c:f7:e4:0c:ea:68:d8:73:20:06:7a:24:a9:
bf:59:9b:33:f4:4d:26:d2:65:3f:7b:26:e0:b7:a0:
8e:ef:c0:ff:68:0b:70:1a:f3:55:ef:d1:9d:d4:c3:
e2:ff:4b:4c:af:10:b2:da:d4:f2:8d:c7:87:d5:e5:
03:30:c5:b2:f7:9b:88:8b:5b:aa:56:b1:3c:dd:64:
bf:c9:e0:ad:da:31:91:29:2a:40:23:46:76:33:f1:
62:cf:46:98:c6:15:a0:25:78:36:c6:a5:dc:b2:ec:
a0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:74:D6:82:ED:82:C6:E6:AC:E8:AC:7B:20:A3:9B:0F:06:29:31:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OnTWgu2Cxuas6Kx7IKObDwYpMZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:3330::/44
2a10:ccc6:6660::/44
Signature Algorithm: sha256WithRSAEncryption
3b:7c:bc:ae:f0:16:0e:2d:29:25:39:c4:2c:9d:68:f1:36:86:
3a:dd:a7:09:1a:fe:ae:40:cb:81:78:90:69:7f:fb:ef:46:72:
37:75:1a:1c:96:e6:0c:a3:a5:5d:b6:e8:0d:69:2b:98:0f:2b:
33:d1:af:ba:f5:53:15:2c:0c:b0:0f:fe:89:f6:ba:72:d2:60:
58:59:95:06:17:86:f2:d9:20:19:30:b0:d5:cd:f3:ed:2b:8c:
0b:82:ec:58:ad:45:97:3a:c1:ec:ba:96:a4:e6:8d:aa:02:ad:
25:37:49:9e:11:0d:a5:c8:f4:6d:41:4e:18:27:a2:f9:73:a4:
6e:ef:21:50:4a:a6:b6:3d:58:10:8c:59:1d:64:b0:48:5c:8e:
41:88:92:c6:a9:8f:a8:58:3c:1e:83:4d:60:50:3b:f6:b8:c4:
d2:52:70:9c:eb:30:d5:66:dc:0b:71:e2:91:14:5e:ed:fd:63:
c4:f7:97:cc:b2:b3:2f:e9:f6:e7:b5:4d:32:43:6f:07:f1:33:
57:fb:be:fb:ad:23:8c:8e:ac:02:f4:e6:d5:aa:c6:24:7e:50:
e8:eb:fd:6f:03:4d:f0:0c:fc:81:01:26:dd:dc:06:16:ab:93:
25:ea:1e:01:2b:23:86:be:03:93:c8:9f:31:8e:04:5b:a8:35:
f5:b5:8e:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF1Y4mAAsVy7H7HCLlpVxCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODIxMTQ0MjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTc0ZDY4MmVkODJjNmU2YWNlOGFjN2IyMGEzOWIwZjA2MjkzMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzGJdV54d2FVkOnAIjW+PJqG8ar1
Qm2u6wfH8pUBtu24kqoFYyLxdJGhfuYNolRukQnve0lx7Yh4VZCQt6Gr6kxIO4fa
W6c7CniAOHPsmdPisAJ9cFtWXO0D4hiTPAUprTZDEP3ewfYdCT8rU7OZO5AL5WHo
oubDmag/+wNS2akskc/T3IwHVBVb6F47CWth/xKsn0dqDkz35AzqaNhzIAZ6JKm/
WZsz9E0m0mU/eybgt6CO78D/aAtwGvNV79Gd1MPi/0tMrxCy2tTyjceH1eUDMMWy
95uIi1uqVrE83WS/yeCt2jGRKSpAI0Z2M/Fiz0aYxhWgJXg2xqXcsuygOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDp01oLtgsbmrOiseyCjmw8GKTGbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT25UV2d1MkN4dWFzNkt4N0lLT2JEd1lwTVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhDMwzMw
AwcEKhDMxmZgMA0GCSqGSIb3DQEBCwUAA4IBAQA7fLyu8BYOLSklOcQsnWjxNoY6
3acJGv6uQMuBeJBpf/vvRnI3dRocluYMo6VdtugNaSuYDysz0a+69VMVLAywD/6J
9rpy0mBYWZUGF4by2SAZMLDVzfPtK4wLguxYrUWXOsHsupak5o2qAq0lN0meEQ2l
yPRtQU4YJ6L5c6Ru7yFQSqa2PVgQjFkdZLBIXI5BiJLGqY+oWDweg01gUDv2uMTS
UnCc6zDVZtwLceKRFF7t/WPE95fMsrMv6fbntU0yQ28H8TNX+777rSOMjqwC9ObV
qsYkflDo6/1vA03wDPyBASbd3AYWq5Ml6h4BKyOGvgOTyJ8xjgRbqDX1tY78
-----END CERTIFICATE-----
Generated at Sat Aug 24 18:59:41 2024 by rpki-client on console-fra.rpki-client.org