Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OyY8o9sLpknJnd9XgNpZTRAlTOI.roa
File: OyY8o9sLpknJnd9XgNpZTRAlTOI.roa (raw, json)
Hash identifier: z+tbgakMKdrpBc03P891qFgzFeLPXw6fN4wctxN4bBQ=
Subject key identifier: 3B:26:3C:A3:DB:0B:A6:49:C9:9D:DF:57:80:DA:59:4D:10:25:4C:E2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E82F2452DC6C8632CDB7422BB3C897
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OyY8o9sLpknJnd9XgNpZTRAlTOI.roa
Signing time: Mon 02 Jan 2023 05:15:42 +0000
ROA not before: Mon 02 Jan 2023 05:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400542
IP address blocks: 2a0e:97c0:a46::/48 maxlen: 48
2a0e:b107:b11::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:2f:24:52:dc:6c:86:32:cd:b7:42:2b:b3:c8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b263ca3db0ba649c99ddf5780da594d10254ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:02:63:05:12:ca:d3:13:1f:cc:29:8d:60:40:
dc:03:94:db:0b:93:90:99:ad:c1:9a:5e:c9:c9:05:
97:17:98:bb:9e:14:44:83:92:98:d5:12:3c:4e:13:
9f:b6:d5:e5:9c:1a:a3:85:80:d7:9d:72:0e:a4:f3:
65:d1:fb:2b:4b:98:bc:ca:94:7b:15:f5:93:b3:3c:
6b:d8:7a:d3:ff:8e:2f:9e:4b:6e:f7:79:d6:68:27:
42:6c:3b:6a:06:db:81:9b:cb:aa:c6:36:49:ba:ee:
6a:c4:36:c9:3b:ae:9d:e3:01:c2:34:3d:38:ff:60:
bb:f7:80:6d:be:c3:1b:89:7d:69:b7:fe:7f:c2:b7:
a3:96:43:45:19:a2:14:cf:53:89:39:17:c3:c0:bc:
68:ac:bc:69:fb:b6:23:d0:a6:ff:3f:d1:79:3d:e4:
e7:82:f3:bf:8d:37:8a:79:db:06:d3:b4:b5:5a:90:
a0:3c:ce:de:41:c8:af:17:d2:12:86:15:65:df:2a:
b2:f4:69:73:c7:60:a4:74:9b:0a:a7:5d:2b:9a:6d:
42:0a:38:4c:b2:d1:51:57:07:c6:3a:c4:65:7d:e0:
e7:dd:5a:fa:17:d9:ce:22:18:11:19:73:c0:64:f7:
ce:ff:d9:46:e7:3d:c8:fb:fc:b1:6f:86:80:dd:f9:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:26:3C:A3:DB:0B:A6:49:C9:9D:DF:57:80:DA:59:4D:10:25:4C:E2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OyY8o9sLpknJnd9XgNpZTRAlTOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a46::/48
2a0e:b107:b11::/48
Signature Algorithm: sha256WithRSAEncryption
8f:5d:ad:09:94:2c:19:a9:5e:71:eb:46:e5:0d:f4:63:39:6f:
07:3b:24:21:4a:fa:11:69:be:5e:3d:18:99:ba:ac:01:81:4f:
ac:2b:a4:46:2a:74:5c:db:64:59:58:6b:3e:d9:fd:8d:52:a9:
5d:b9:b3:f7:d4:97:e8:8e:d6:a8:d2:7b:9f:5f:0e:8e:ec:71:
e9:c0:b3:66:50:22:ff:b8:9b:01:6b:af:68:2c:a9:cb:89:46:
33:35:35:aa:be:99:7f:91:fa:f7:df:0e:72:11:a1:30:de:1b:
72:a4:b7:ba:96:5d:35:fc:79:73:13:34:3b:d3:42:bf:4c:67:
f2:89:43:8b:9b:69:75:37:23:e7:e9:d8:64:34:88:d4:02:ca:
ba:d0:88:5c:c0:a3:fc:13:a0:3e:0e:2e:33:51:56:a1:30:5b:
e5:12:9a:ea:9e:d0:cb:b3:9b:5a:b0:e8:b9:54:03:a8:95:f0:
73:47:92:16:72:d5:83:d8:d2:42:f5:18:4a:0a:0e:2a:76:19:
dc:4a:b2:11:29:ab:b8:34:2c:22:1c:46:1a:e3:d0:27:32:56:
1e:75:8c:35:48:c1:8c:83:03:f8:d8:38:b4:28:74:af:f9:2e:
cb:25:8a:b1:2c:64:d0:45:c4:84:6b:1d:a9:e1:63:4e:c8:41:
8a:11:9d:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw6C8kUtxshjLNt0Irs8iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI2M2NhM2RiMGJhNjQ5Yzk5ZGRmNTc4MGRhNTk0ZDEwMjU0Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAJjBRLK0xMfzCmNYEDcA5TbC5OQ
ma3Bml7JyQWXF5i7nhREg5KY1RI8ThOfttXlnBqjhYDXnXIOpPNl0fsrS5i8ypR7
FfWTszxr2HrT/44vnktu93nWaCdCbDtqBtuBm8uqxjZJuu5qxDbJO66d4wHCND04
/2C794BtvsMbiX1pt/5/wrejlkNFGaIUz1OJORfDwLxorLxp+7Yj0Kb/P9F5PeTn
gvO/jTeKedsG07S1WpCgPM7eQcivF9IShhVl3yqy9Glzx2CkdJsKp10rmm1CCjhM
stFRVwfGOsRlfeDn3Vr6F9nOIhgRGXPAZPfO/9lG5z3I+/yxb4aA3fmlaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDsmPKPbC6ZJyZ3fV4DaWU0QJUziMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT3lZOG85c0xwa25KbmQ5WGdOcFpUUkFsVE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwApG
AwcAKg6xBwsRMA0GCSqGSIb3DQEBCwUAA4IBAQCPXa0JlCwZqV5x60blDfRjOW8H
OyQhSvoRab5ePRiZuqwBgU+sK6RGKnRc22RZWGs+2f2NUqldubP31Jfojtao0nuf
Xw6O7HHpwLNmUCL/uJsBa69oLKnLiUYzNTWqvpl/kfr33w5yEaEw3htypLe6ll01
/HlzEzQ700K/TGfyiUOLm2l1NyPn6dhkNIjUAsq60IhcwKP8E6A+Di4zUVahMFvl
EprqntDLs5tasOi5VAOolfBzR5IWctWD2NJC9RhKCg4qdhncSrIRKau4NCwiHEYa
49AnMlYedYw1SMGMgwP42Di0KHSv+S7LJYqxLGTQRcSEax2p4WNOyEGKEZ1u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org