Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PBMPzt8P4DADL32Ofk8RgwyYFHM.roa
File: PBMPzt8P4DADL32Ofk8RgwyYFHM.roa (raw, json)
Hash identifier: vysQBgf7uqvFAsJUamxg2RmxgCdIGjq2m3XjqzgnfMk=
Subject key identifier: 3C:13:0F:CE:DF:0F:E0:30:03:2F:7D:8E:7E:4F:11:83:0C:98:14:73
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191176ADE9E6B6A8D4C2F86D4BE492F5E5B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PBMPzt8P4DADL32Ofk8RgwyYFHM.roa
Signing time: Sat 03 Aug 2024 08:46:05 +0000
ROA not before: Sat 03 Aug 2024 08:46:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:b107:1e10::/44 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a13:8380::/32 maxlen: 48
2a13:8381::/32 maxlen: 48
2a13:8382::/32 maxlen: 48
2a13:8383::/32 maxlen: 48
2a13:8384::/32 maxlen: 48
2a13:8385::/32 maxlen: 48
2a13:8386::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Aug 2024 00:39:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:6a:de:9e:6b:6a:8d:4c:2f:86:d4:be:49:2f:5e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 3 08:46:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c130fcedf0fe030032f7d8e7e4f11830c981473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:f9:77:26:dc:96:a1:dd:75:97:b3:67:5b:
bd:4a:da:18:f7:16:d8:97:cc:91:4f:35:f2:20:95:
fe:82:e1:d8:eb:85:5d:9e:e6:21:e7:63:64:5f:cc:
49:65:52:f8:63:87:8a:f3:dd:13:90:56:77:0f:9c:
5a:53:0f:1d:c6:51:db:90:2d:55:d1:f2:fb:a6:5b:
dc:cb:9f:b7:1d:8a:d3:13:4b:d1:a3:9d:5c:1b:9b:
aa:db:88:1e:0d:52:63:07:77:1a:23:4a:08:ff:49:
c5:5d:59:42:82:f6:3d:d1:86:24:f8:4c:1e:48:90:
ff:f2:5e:92:43:52:d9:c4:8c:74:ae:7f:5b:5d:e9:
22:4e:73:be:1d:51:dc:2d:89:b8:44:f2:4c:ff:9e:
53:82:08:6f:58:d8:8b:75:f6:18:45:ef:36:78:ad:
8a:88:63:70:7d:d7:72:e8:33:39:b3:ea:1f:cb:1d:
e5:f3:84:bb:78:9d:1f:1f:2b:ee:ca:6f:f6:79:47:
c0:f7:f7:9f:a9:91:3f:16:cf:a9:79:38:2b:1a:51:
5b:9c:f6:d9:5d:1c:aa:9c:17:50:31:27:5e:1e:8e:
e9:84:5e:87:d3:6a:56:7b:f9:0d:1a:32:bc:ad:f2:
80:8d:c2:e6:13:43:18:d1:91:36:3d:05:94:0a:cc:
61:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:13:0F:CE:DF:0F:E0:30:03:2F:7D:8E:7E:4F:11:83:0C:98:14:73
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PBMPzt8P4DADL32Ofk8RgwyYFHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1e10::/44
2a10:2f00:187::/48
2a13:8380::-2a13:8386:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:1a:3f:76:15:b0:3a:fd:b7:13:28:a1:cf:d3:bd:cb:a0:cc:
df:66:f1:ba:49:ca:55:b2:1a:63:a4:64:3e:5c:47:e1:93:f5:
98:db:5b:b8:7b:57:e6:be:b8:7d:b9:8d:81:59:a9:ba:69:b0:
ca:10:ab:66:a5:3b:48:e0:c9:fa:e4:76:7e:47:98:d8:e6:b9:
93:bd:00:d4:cc:6f:39:ad:5e:74:63:9a:af:8f:0c:62:ca:01:
6a:98:10:85:77:29:b0:6d:b1:08:79:6f:67:d1:21:43:8f:fa:
cc:23:7f:3a:e3:34:f8:8d:96:14:80:8e:11:4f:e9:f4:a2:ac:
b2:19:1f:e2:cb:99:4b:ad:18:4c:2b:6c:37:13:08:89:4b:84:
e3:c6:e5:f1:53:a0:b4:5b:82:65:a6:cf:a7:dd:f3:71:a5:64:
e4:77:77:1f:f0:68:44:0d:03:4f:9d:2c:b9:ee:54:46:df:ba:
3f:df:fc:21:40:cf:86:96:e4:53:74:b7:16:0a:be:3a:76:30:
f7:86:99:cc:23:5b:9d:91:8c:6f:f4:05:ed:a0:bc:9d:bb:76:
49:c2:5e:54:2b:d9:b7:9e:9e:9e:2f:9d:85:46:97:72:a1:fe:
0b:9c:27:a2:ec:ee:4a:31:4e:28:b1:c8:85:d3:00:9a:9c:9f:
8d:44:8a:42
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZEXat6ea2qNTC+G1L5JL15bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODAzMDg0NjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzEzMGZjZWRmMGZlMDMwMDMyZjdkOGU3ZTRmMTE4MzBjOTgxNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6b5dybclqHddZezZ1u9StoY9xbY
l8yRTzXyIJX+guHY64VdnuYh52NkX8xJZVL4Y4eK890TkFZ3D5xaUw8dxlHbkC1V
0fL7plvcy5+3HYrTE0vRo51cG5uq24geDVJjB3caI0oI/0nFXVlCgvY90YYk+Ewe
SJD/8l6SQ1LZxIx0rn9bXekiTnO+HVHcLYm4RPJM/55TgghvWNiLdfYYRe82eK2K
iGNwfddy6DM5s+ofyx3l84S7eJ0fHyvuym/2eUfA9/efqZE/Fs+peTgrGlFbnPbZ
XRyqnBdQMSdeHo7phF6H02pWe/kNGjK8rfKAjcLmE0MY0ZE2PQWUCsxhQQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDwTD87fD+AwAy99jn5PEYMMmBRzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUEJNUHp0OFA0REFETDMyT2ZrOFJnd3lZRkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcEKg6xBx4Q
AwcAKhAvAAGHMA4DBQcqE4OAAwUAKhODhjANBgkqhkiG9w0BAQsFAAOCAQEARxo/
dhWwOv23Eyihz9O9y6DM32bxuknKVbIaY6RkPlxH4ZP1mNtbuHtX5r64fbmNgVmp
ummwyhCrZqU7SODJ+uR2fkeY2Oa5k70A1MxvOa1edGOar48MYsoBapgQhXcpsG2x
CHlvZ9EhQ4/6zCN/OuM0+I2WFICOEU/p9KKsshkf4suZS60YTCtsNxMIiUuE48bl
8VOgtFuCZabPp93zcaVk5Hd3H/BoRA0DT50sue5URt+6P9/8IUDPhpbkU3S3Fgq+
OnYw94aZzCNbnZGMb/QF7aC8nbt2ScJeVCvZt56eni+dhUaXcqH+C5wnouzuSjFO
KLHIhdMAmpyfjUSKQg==
-----END CERTIFICATE-----
Generated at Mon Aug 5 03:05:36 2024 by rpki-client on console-ams.rpki-client.org