Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PCm-aBvzh0A45YsKBnqnGOwy9uI.roa
File: PCm-aBvzh0A45YsKBnqnGOwy9uI.roa (raw, json)
Hash identifier: fSxiD/vr7db5x8XBVGsx+Fob2GHjEtBTT6xgU5zmPhw=
Subject key identifier: 3C:29:BE:68:1B:F3:87:40:38:E5:8B:0A:06:7A:A7:18:EC:32:F6:E2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252279AE10B766DAC3AF7B83D832EBA6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PCm-aBvzh0A45YsKBnqnGOwy9uI.roa
Signing time: Thu 02 Jan 2025 03:50:03 +0000
ROA not before: Thu 02 Jan 2025 03:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214299
IP address blocks: 2a0e:97c2::/40 maxlen: 48
Validation: Failed, certificate revoked on Fri 03 Jan 2025 23:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:79:ae:10:b7:66:da:c3:af:7b:83:d8:32:eb:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c29be681bf3874038e58b0a067aa718ec32f6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:f0:6e:c7:de:b4:12:91:bf:13:3f:9b:0a:
8b:8a:c1:20:16:31:bb:70:d7:ef:c9:49:24:40:98:
2a:11:d7:96:e6:d5:c6:1a:8d:b4:cb:29:75:92:70:
23:f2:35:0f:2b:6e:d5:47:73:13:bc:0c:dc:6f:89:
13:67:71:09:24:c2:10:5e:3c:8e:67:b6:72:12:60:
93:90:c0:cc:97:5c:5a:66:30:a9:b3:cf:96:14:20:
31:ef:d4:4f:22:3b:16:9e:fc:fa:e8:89:8b:a0:9a:
24:3e:23:8c:a5:d8:9d:cf:91:c3:94:c9:f5:a9:40:
92:a5:70:85:b6:74:7b:7b:5b:0c:75:cc:2f:49:d2:
0c:61:d9:c2:bb:cd:e9:ec:4f:c3:62:d4:d7:92:12:
9f:f1:17:2f:56:12:6d:5e:ba:c7:5c:d6:15:ef:52:
02:f2:c3:23:01:7d:08:10:7b:71:e4:11:48:a6:c7:
6b:1a:9f:9f:5e:23:26:1c:d3:8a:1f:0c:ad:b2:b2:
83:ee:03:2a:d3:d7:17:f3:64:8b:bd:46:86:9b:e0:
78:82:e6:50:fd:2b:61:31:fe:6b:6d:c4:05:cd:10:
9b:3b:7c:16:a5:72:f5:fb:1a:f1:e4:d5:a7:96:61:
df:c3:a3:29:fe:14:3b:53:b7:67:67:70:40:4b:d2:
f6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:29:BE:68:1B:F3:87:40:38:E5:8B:0A:06:7A:A7:18:EC:32:F6:E2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PCm-aBvzh0A45YsKBnqnGOwy9uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c2::/40
Signature Algorithm: sha256WithRSAEncryption
22:0c:25:a2:e0:fa:69:28:16:df:47:71:74:4f:9f:fc:92:98:
06:41:e3:f9:83:f6:f6:72:c8:5e:c7:bd:46:27:ca:8c:55:be:
db:79:fd:1e:f8:3f:5f:da:71:9e:4d:8a:a6:f9:9a:07:b4:87:
88:10:a6:fd:0d:2b:56:36:5f:d2:f9:f3:0f:21:aa:c8:05:c6:
c1:e7:34:8b:cd:31:e6:e1:25:04:dc:e9:c8:cf:92:0f:03:d3:
5d:b8:be:02:6c:df:53:99:41:0b:2f:57:fe:aa:88:75:ef:99:
d4:64:28:c0:b3:5a:71:b8:41:ad:f5:c8:d0:df:a3:5e:19:80:
47:1c:99:df:94:c7:78:a6:5a:95:d3:7d:eb:c4:c7:32:96:73:
84:2c:38:dd:36:eb:2e:59:ba:29:2a:6e:08:a9:13:e0:fe:8a:
52:2c:63:8e:a5:c0:59:b7:fd:f4:40:b8:53:95:db:40:97:a0:
16:5d:22:e4:0f:ac:4d:dd:98:3e:8e:a9:fd:b4:bb:db:cf:64:
53:06:16:54:fe:98:e2:7c:fe:b0:a3:4d:40:a1:95:11:f2:29:
aa:6c:1e:e7:59:0c:cc:44:99:2c:23:c4:b5:80:29:d9:fe:33:
f9:68:2e:91:5a:2a:f0:3d:b5:66:d7:04:55:d6:3c:ad:da:f3:
ad:f8:ae:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlInmuELdm2sOve4PYMuumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzI5YmU2ODFiZjM4NzQwMzhlNThiMGEwNjdhYTcxOGVjMzJmNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbvwbsfetBKRvxM/mwqLisEgFjG7
cNfvyUkkQJgqEdeW5tXGGo20yyl1knAj8jUPK27VR3MTvAzcb4kTZ3EJJMIQXjyO
Z7ZyEmCTkMDMl1xaZjCps8+WFCAx79RPIjsWnvz66ImLoJokPiOMpdidz5HDlMn1
qUCSpXCFtnR7e1sMdcwvSdIMYdnCu83p7E/DYtTXkhKf8RcvVhJtXrrHXNYV71IC
8sMjAX0IEHtx5BFIpsdrGp+fXiMmHNOKHwytsrKD7gMq09cX82SLvUaGm+B4guZQ
/SthMf5rbcQFzRCbO3wWpXL1+xrx5NWnlmHfw6Mp/hQ7U7dnZ3BAS9L20wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDwpvmgb84dAOOWLCgZ6pxjsMvbiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUENtLWFCdnpoMEE0NVlzS0JucW5HT3d5OXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6XwgAw
DQYJKoZIhvcNAQELBQADggEBACIMJaLg+mkoFt9HcXRPn/ySmAZB4/mD9vZyyF7H
vUYnyoxVvtt5/R74P1/acZ5Niqb5mge0h4gQpv0NK1Y2X9L58w8hqsgFxsHnNIvN
MebhJQTc6cjPkg8D0124vgJs31OZQQsvV/6qiHXvmdRkKMCzWnG4Qa31yNDfo14Z
gEccmd+Ux3imWpXTfevExzKWc4QsON026y5ZuikqbgipE+D+ilIsY46lwFm3/fRA
uFOV20CXoBZdIuQPrE3dmD6Oqf20u9vPZFMGFlT+mOJ8/rCjTUChlRHyKapsHudZ
DMxEmSwjxLWAKdn+M/loLpFaKvA9tWbXBFXWPK3a8634rhg=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:58:33 2025 by rpki-client