Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PM7lFmQOBu4d14RQlSroscSocA8.roa
File: PM7lFmQOBu4d14RQlSroscSocA8.roa (raw, json)
Hash identifier: XUKEwYT+KggnoKGIoLgPenEtIJ013Bdmi8nwHInSAuA=
Subject key identifier: 3C:CE:E5:16:64:0E:06:EE:1D:D7:84:50:95:2A:E8:B1:C4:A8:70:0F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0BFB974EACAE02D856820195C7B7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PM7lFmQOBu4d14RQlSroscSocA8.roa
Signing time: Tue 02 Jan 2024 10:34:18 +0000
ROA not before: Tue 02 Jan 2024 10:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b10::/44 maxlen: 48
2a0e:97c7::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Sep 2024 06:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:0b:fb:97:4e:ac:ae:02:d8:56:82:01:95:c7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ccee516640e06ee1dd78450952ae8b1c4a8700f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:73:7c:8b:2d:75:e2:02:86:2d:37:78:96:0c:
14:61:64:69:2d:db:d5:88:2f:92:82:3c:9e:69:e8:
f6:d6:6c:23:1c:97:44:16:f1:ed:7c:a3:44:47:0d:
a3:26:86:ec:86:4a:e4:57:3a:bc:9a:7d:62:86:0a:
59:47:e5:f3:74:fb:98:17:83:07:d3:0a:e3:40:af:
b7:ed:31:0e:49:da:40:08:e0:74:97:08:8c:f1:c1:
99:05:70:5e:40:f2:8b:90:7c:48:72:d0:c2:38:33:
91:e6:0e:f0:cd:1f:53:2e:e3:53:50:72:df:95:d2:
5c:86:ef:35:5a:ba:f1:68:7c:b0:9a:12:01:ec:4b:
2e:53:11:47:6a:b8:51:4c:36:db:81:63:a0:1b:17:
c6:39:c9:76:b2:05:88:4f:6f:66:17:f5:b5:e3:c4:
72:ff:57:51:e5:72:61:4f:46:bc:34:aa:a5:20:42:
83:3b:1b:93:56:e0:13:47:6a:a4:35:38:d0:1e:41:
04:c6:9e:f4:3d:cb:c9:46:35:ed:8a:a5:50:1b:26:
7e:af:34:dd:6d:eb:d4:62:0a:65:fd:9e:87:bd:21:
1b:be:d8:01:37:ee:13:88:25:c7:a9:c0:d1:6d:65:
e6:d8:ea:aa:13:2b:6b:2b:60:fd:97:49:c4:32:89:
50:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CE:E5:16:64:0E:06:EE:1D:D7:84:50:95:2A:E8:B1:C4:A8:70:0F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PM7lFmQOBu4d14RQlSroscSocA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::/44
2a0e:97c7::/40
Signature Algorithm: sha256WithRSAEncryption
98:36:35:4c:d8:18:c4:34:f4:87:b1:fa:62:eb:f1:4a:fc:d2:
e5:e5:ae:4f:7c:cc:12:c0:4e:14:ff:c2:6f:f9:e0:7a:8f:6a:
fd:e0:e2:8a:26:6c:fc:d2:bc:0e:93:c2:c7:2f:83:92:c4:f4:
5e:84:17:7d:c3:fc:95:bb:ce:06:5c:09:43:15:51:77:58:a3:
ac:76:40:53:c1:33:a9:1d:37:d8:0b:e4:9c:c3:68:51:b3:cb:
23:02:e1:0b:97:4c:7b:aa:c8:97:5a:05:83:d4:14:69:86:32:
9d:d7:e4:b4:ae:98:08:a6:f7:86:4d:38:d2:a6:10:88:79:5c:
06:ea:87:03:fd:e8:5e:1d:87:e5:2e:f0:42:1b:08:fd:69:b0:
68:0f:ff:57:79:ff:db:3e:61:02:b3:77:f2:b5:cb:ff:82:22:
ef:ea:ec:7a:6e:39:49:e5:06:45:5d:85:e8:f5:0f:f7:63:7c:
62:31:12:dc:cd:14:40:4f:21:0d:9b:6b:ac:0b:13:ab:0d:c0:
4c:07:69:39:48:0b:4f:80:1f:cd:9a:fe:f2:20:6a:b0:fb:74:
42:5f:c3:3d:89:d1:8f:b0:3f:44:d3:0e:22:e7:35:30:36:fa:
55:29:b3:7e:37:4d:28:ef:44:af:07:86:e1:63:81:a9:fe:d1:
1a:d9:ab:9c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzJvQv7l06srgLYVoIBlce3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NlZTUxNjY0MGUwNmVlMWRkNzg0NTA5NTJhZThiMWM0YTg3MDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnN8iy114gKGLTd4lgwUYWRpLdvV
iC+Sgjyeaej21mwjHJdEFvHtfKNERw2jJobshkrkVzq8mn1ihgpZR+XzdPuYF4MH
0wrjQK+37TEOSdpACOB0lwiM8cGZBXBeQPKLkHxIctDCODOR5g7wzR9TLuNTUHLf
ldJchu81WrrxaHywmhIB7EsuUxFHarhRTDbbgWOgGxfGOcl2sgWIT29mF/W148Ry
/1dR5XJhT0a8NKqlIEKDOxuTVuATR2qkNTjQHkEExp70PcvJRjXtiqVQGyZ+rzTd
bevUYgpl/Z6HvSEbvtgBN+4TiCXHqcDRbWXm2OqqEytrK2D9l0nEMolQ2QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDzO5RZkDgbuHdeEUJUq6LHEqHAPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUE03bEZtUU9CdTRkMTRSUWxTcm9zY1NvY0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKg6XwAsQ
AwYAKg6XxwAwDQYJKoZIhvcNAQELBQADggEBAJg2NUzYGMQ09Iex+mLr8Ur80uXl
rk98zBLAThT/wm/54HqPav3g4oombPzSvA6Twscvg5LE9F6EF33D/JW7zgZcCUMV
UXdYo6x2QFPBM6kdN9gL5JzDaFGzyyMC4QuXTHuqyJdaBYPUFGmGMp3X5LSumAim
94ZNONKmEIh5XAbqhwP96F4dh+Uu8EIbCP1psGgP/1d5/9s+YQKzd/K1y/+CIu/q
7HpuOUnlBkVdhej1D/djfGIxEtzNFEBPIQ2ba6wLE6sNwEwHaTlIC0+AH82a/vIg
arD7dEJfwz2J0Y+wP0TTDiLnNTA2+lUps343TSjvRK8HhuFjgan+0RrZq5w=
-----END CERTIFICATE-----
Generated at Mon Sep 30 08:54:03 2024 by rpki-client on console-ams.rpki-client.org