Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PX3d_ud5IcmTLx8rprt1heZlMyc.roa
File: PX3d_ud5IcmTLx8rprt1heZlMyc.roa (raw, json)
Hash identifier: dxAlFoMphkWOoXGy+OsdAyU1TK1v+NjV8zBjIaQSszc=
Subject key identifier: 3D:7D:DD:FE:E7:79:21:C9:93:2F:1F:2B:A6:BB:75:85:E6:65:33:27
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D330B8FB505393B3E8BE947BFDE2E3145
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PX3d_ud5IcmTLx8rprt1heZlMyc.roa
Signing time: Mon 22 Jan 2024 21:20:12 +0000
ROA not before: Mon 22 Jan 2024 21:20:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43607
IP address blocks: 2a0e:b107:28a4::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 14:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:33:0b:8f:b5:05:39:3b:3e:8b:e9:47:bf:de:2e:31:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 22 21:20:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d7dddfee77921c9932f1f2ba6bb7585e6653327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2f:c4:72:1c:9e:a2:e5:46:e6:e4:89:97:87:
a8:53:f1:b8:bb:a2:25:0f:5a:b7:40:13:8e:ff:8e:
e9:95:3e:f4:83:cc:c3:96:1e:f1:de:d6:05:c7:eb:
3d:71:e7:94:85:f7:c3:1d:97:bb:67:6f:94:ae:a4:
4c:3f:57:ad:a1:05:7a:d7:ef:01:42:a8:92:b3:3c:
cf:80:b7:30:cc:9a:ec:88:6c:6c:df:07:30:04:0b:
ff:8b:59:cf:46:68:bd:3e:ad:42:0d:30:0c:87:c7:
d1:67:6e:e5:f5:1d:db:52:39:29:6d:74:6a:12:2b:
90:12:69:91:db:85:73:2d:96:cf:c3:de:9d:77:2b:
1f:fd:d6:28:ae:2e:2b:27:44:65:19:f7:67:4c:03:
83:2f:53:f8:7d:36:0a:88:d7:fc:16:32:5b:dc:7b:
d8:f6:55:91:f5:04:36:25:e4:cb:4a:3c:b3:01:97:
e3:52:b0:66:6a:d5:2e:f8:6e:ac:99:f3:cb:da:7b:
69:1e:1b:55:22:a4:b2:a4:7e:12:a6:8f:77:7b:37:
70:6b:45:3b:0b:93:a7:1b:ce:0e:0a:1e:3a:22:4f:
43:4c:9f:7f:74:30:06:a6:0e:ee:52:91:81:f3:69:
b4:f0:e4:13:53:b0:d1:18:b7:e2:f9:ac:9d:9c:1a:
81:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7D:DD:FE:E7:79:21:C9:93:2F:1F:2B:A6:BB:75:85:E6:65:33:27
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PX3d_ud5IcmTLx8rprt1heZlMyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:28a4::/46
Signature Algorithm: sha256WithRSAEncryption
05:21:10:b8:e5:8c:40:e1:91:29:3a:12:3c:9a:db:88:f2:50:
4f:85:b8:c1:09:6c:7e:44:52:66:14:7e:de:2c:b7:e1:0f:f0:
d7:23:74:36:40:87:ff:df:16:2b:cc:04:7b:f7:01:ed:3f:7f:
47:86:f9:18:3e:55:e5:63:56:47:75:08:db:8b:dd:62:ef:a6:
68:94:be:78:ff:cd:7f:76:b5:55:ad:d7:59:e9:f3:ee:c5:7c:
4c:af:1e:98:12:be:d0:1d:b5:c6:6a:b7:c4:ac:5b:c0:4e:3b:
cd:86:d0:50:0e:44:bf:1a:d5:94:09:91:d7:20:ca:9b:0e:5a:
07:13:f6:5b:58:50:74:d1:7f:e9:07:8f:d0:3c:ad:58:08:da:
7c:77:57:5f:04:b3:a1:dc:a7:c2:1b:c0:58:21:bb:95:b3:7c:
01:20:fd:a8:71:1c:1a:f8:c8:be:fe:ac:ea:b3:12:07:13:b5:
a0:28:dd:2e:d8:87:ea:92:d9:38:a0:1f:ba:ce:7d:10:d2:a0:
01:80:68:13:68:03:e6:e6:9a:ba:32:89:5b:65:dd:9b:68:31:
13:5b:5a:93:29:44:cd:bb:07:8c:4a:00:de:de:d1:36:17:27:
3a:4f:5e:fc:9b:1d:b3:8c:ee:cb:18:8e:88:72:38:f1:9c:ca:
b0:53:60:54
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0zC4+1BTk7PovpR7/eLjFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTIyMjEyMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdkZGRmZWU3NzkyMWM5OTMyZjFmMmJhNmJiNzU4NWU2NjUzMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS/EchyeouVG5uSJl4eoU/G4u6Il
D1q3QBOO/47plT70g8zDlh7x3tYFx+s9ceeUhffDHZe7Z2+UrqRMP1etoQV61+8B
QqiSszzPgLcwzJrsiGxs3wcwBAv/i1nPRmi9Pq1CDTAMh8fRZ27l9R3bUjkpbXRq
EiuQEmmR24VzLZbPw96ddysf/dYori4rJ0RlGfdnTAODL1P4fTYKiNf8FjJb3HvY
9lWR9QQ2JeTLSjyzAZfjUrBmatUu+G6smfPL2ntpHhtVIqSypH4Spo93ezdwa0U7
C5OnG84OCh46Ik9DTJ9/dDAGpg7uUpGB82m08OQTU7DRGLfi+aydnBqBKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD193f7neSHJky8fK6a7dYXmZTMnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUFgzZF91ZDVJY21UTHg4cnBydDFoZVpsTXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xByik
MA0GCSqGSIb3DQEBCwUAA4IBAQAFIRC45YxA4ZEpOhI8mtuI8lBPhbjBCWx+RFJm
FH7eLLfhD/DXI3Q2QIf/3xYrzAR79wHtP39HhvkYPlXlY1ZHdQjbi91i76ZolL54
/81/drVVrddZ6fPuxXxMrx6YEr7QHbXGarfErFvATjvNhtBQDkS/GtWUCZHXIMqb
DloHE/ZbWFB00X/pB4/QPK1YCNp8d1dfBLOh3KfCG8BYIbuVs3wBIP2ocRwa+Mi+
/qzqsxIHE7WgKN0u2Ifqktk4oB+6zn0Q0qABgGgTaAPm5pq6MolbZd2baDETW1qT
KUTNuweMSgDe3tE2Fyc6T178mx2zjO7LGI6IcjjxnMqwU2BU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org