Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OxkEyPhHv6nhO5e_aIhV_6OLGnk.roa
File: OxkEyPhHv6nhO5e_aIhV_6OLGnk.roa (raw, json)
Hash identifier: nkZiJEZ3GnJGiBYfTUtqkjTHoHcwz+kPi7plkEd7ci8=
Subject key identifier: 3B:19:04:C8:F8:47:BF:A9:E1:3B:97:BF:68:88:55:FF:A3:8B:1A:79
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DB1B05F6BBD4F265361F7A105874EF33F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OxkEyPhHv6nhO5e_aIhV_6OLGnk.roa
Signing time: Fri 16 Feb 2024 11:32:22 +0000
ROA not before: Fri 16 Feb 2024 11:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199304
IP address blocks: 2a0e:b107:16c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 17 Feb 2024 01:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:b0:5f:6b:bd:4f:26:53:61:f7:a1:05:87:4e:f3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 16 11:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b1904c8f847bfa9e13b97bf688855ffa38b1a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:80:97:7b:ed:ea:91:c3:91:5f:46:57:e5:
88:94:d2:7b:7b:ab:d5:f6:59:d2:e0:6d:70:f7:a7:
6b:97:19:54:97:5d:66:51:2d:01:49:33:29:ea:72:
75:b6:22:05:fc:6e:89:0a:e2:6b:c9:df:e9:e8:8e:
15:f4:4a:0b:4b:48:ad:33:12:f3:64:85:38:f4:9a:
8a:a0:6a:1a:dd:6e:17:fc:9a:ed:2a:12:c1:4d:38:
12:1a:61:4b:13:d1:88:54:e6:40:61:2a:19:92:34:
e0:7d:2a:ea:de:b9:d7:80:21:2d:e2:12:fa:a7:ee:
35:e0:28:59:83:ba:d2:76:e4:d0:d7:22:5a:2b:83:
27:52:40:62:9e:0d:a6:6d:d6:4d:23:21:cb:d1:9d:
46:b3:b8:d3:d3:f1:84:14:64:ac:87:21:ca:bf:4b:
ae:bc:fe:c8:f3:e2:3f:0d:5f:c5:48:62:5c:74:a7:
c8:d5:52:17:10:eb:75:a7:2b:12:3a:98:47:d8:85:
28:42:f8:ac:f5:3e:c2:b5:7c:8c:59:04:2f:5f:fb:
df:db:8c:a4:22:c5:55:4e:9b:8d:73:9f:4a:d0:5f:
ab:02:7f:0a:cf:51:9b:78:87:f6:29:ae:71:08:bb:
d0:7e:d2:e5:fe:5b:4c:51:f2:aa:f0:d4:5b:21:a4:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:19:04:C8:F8:47:BF:A9:E1:3B:97:BF:68:88:55:FF:A3:8B:1A:79
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OxkEyPhHv6nhO5e_aIhV_6OLGnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:16c0::/48
Signature Algorithm: sha256WithRSAEncryption
3e:e4:31:56:6b:a2:60:22:50:9a:d4:48:65:b5:e9:19:3e:26:
06:91:d3:47:99:49:76:82:0c:da:78:d3:3e:63:e6:a2:4b:1a:
00:bd:18:43:57:11:79:7f:84:e4:6e:25:7a:51:54:6d:81:9f:
7b:83:ab:d5:56:1d:33:01:ec:f3:15:8a:fd:1b:ad:da:dd:2e:
83:e5:45:43:28:34:85:c3:7c:d0:78:be:af:43:c5:5e:15:86:
5e:95:dd:81:38:87:80:8d:35:b2:8d:06:0d:2f:c7:bf:cd:52:
f7:76:5d:e4:ef:61:bd:96:f6:99:2f:b8:f9:42:a6:63:e2:f4:
5c:3a:31:56:58:63:fb:59:62:79:0d:58:ca:1b:a8:ee:b3:75:
ba:3c:28:d8:ea:66:33:ab:4f:1c:cc:aa:d3:fa:7d:6e:db:40:
40:14:3a:cb:34:86:a3:a2:47:c5:10:d3:51:d2:1d:0a:3f:e5:
37:15:64:37:9a:a2:4b:aa:af:b6:82:33:f3:b1:12:e9:ec:6f:
a3:a4:7c:25:af:8a:b0:99:86:85:8e:45:fd:f7:13:00:45:4c:
e2:d4:f7:09:80:8e:c8:c6:1e:b2:51:04:2d:af:f5:10:54:2e:
77:78:33:44:99:7c:82:65:d3:b0:71:97:55:b6:c4:55:72:51:
89:ac:4f:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2xsF9rvU8mU2H3oQWHTvM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjE2MTEzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE5MDRjOGY4NDdiZmE5ZTEzYjk3YmY2ODg4NTVmZmEzOGIxYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9mAl3vt6pHDkV9GV+WIlNJ7e6vV
9lnS4G1w96drlxlUl11mUS0BSTMp6nJ1tiIF/G6JCuJryd/p6I4V9EoLS0itMxLz
ZIU49JqKoGoa3W4X/JrtKhLBTTgSGmFLE9GIVOZAYSoZkjTgfSrq3rnXgCEt4hL6
p+414ChZg7rSduTQ1yJaK4MnUkBing2mbdZNIyHL0Z1Gs7jT0/GEFGSshyHKv0uu
vP7I8+I/DV/FSGJcdKfI1VIXEOt1pysSOphH2IUoQvis9T7CtXyMWQQvX/vf24yk
IsVVTpuNc59K0F+rAn8Kz1GbeIf2Ka5xCLvQftLl/ltMUfKq8NRbIaR5ewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDsZBMj4R7+p4TuXv2iIVf+jixp5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3hrRXlQaEh2Nm5oTzVlX2FJaFZfNk9MR25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxbA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+5DFWa6JgIlCa1EhltekZPiYGkdNHmUl2ggza
eNM+Y+aiSxoAvRhDVxF5f4TkbiV6UVRtgZ97g6vVVh0zAezzFYr9G63a3S6D5UVD
KDSFw3zQeL6vQ8VeFYZeld2BOIeAjTWyjQYNL8e/zVL3dl3k72G9lvaZL7j5QqZj
4vRcOjFWWGP7WWJ5DVjKG6jus3W6PCjY6mYzq08czKrT+n1u20BAFDrLNIajokfF
ENNR0h0KP+U3FWQ3mqJLqq+2gjPzsRLp7G+jpHwlr4qwmYaFjkX99xMARUzi1PcJ
gI7Ixh6yUQQtr/UQVC53eDNEmXyCZdOwcZdVtsRVclGJrE8J
-----END CERTIFICATE-----
Generated at Sat Feb 17 02:01:34 2024 by rpki-client on console-fra.rpki-client.org