Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Pt4DTTXMtRFAo3yxpgmCdEzmo4o.roa
File: Pt4DTTXMtRFAo3yxpgmCdEzmo4o.roa (raw, json)
Hash identifier: 4HTaV2HcgZPVc5HKJOJPx9uOFh5JowUh9KQgfdxqoMw=
Subject key identifier: 3E:DE:03:4D:35:CC:B5:11:40:A3:7C:B1:A6:09:82:74:4C:E6:A3:8A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD34AD36877895DCD89A3EE5CE52FD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Pt4DTTXMtRFAo3yxpgmCdEzmo4o.roa
Signing time: Tue 02 Jan 2024 10:34:29 +0000
ROA not before: Tue 02 Jan 2024 10:34:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d8::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d9::/48 maxlen: 48
2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d6::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Feb 2024 19:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:34:ad:36:87:78:95:dc:d8:9a:3e:e5:ce:52:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ede034d35ccb51140a37cb1a60982744ce6a38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cd:45:1f:27:55:36:9a:59:34:10:45:66:d8:
64:f8:cf:bb:53:a6:e6:3a:ea:52:29:c7:3a:a6:63:
7c:cb:da:74:c2:92:6e:06:37:59:3e:ca:1a:82:cb:
29:6b:e8:ca:46:05:0c:a0:0a:c2:2a:b3:85:d8:09:
be:e7:21:d1:aa:02:90:9b:b9:91:4c:3c:ed:50:db:
b4:9e:64:1c:db:00:3e:c9:20:35:62:95:39:f1:bf:
32:f4:74:c6:ed:b3:21:61:6a:15:45:84:e6:30:75:
6d:11:d2:ef:5a:bc:78:9a:23:0e:20:41:c5:0e:f6:
e3:c7:e5:15:12:8d:5b:89:81:84:0d:8a:d0:27:47:
54:dd:37:10:2a:d4:bb:49:ed:97:d6:14:fa:59:9d:
5b:c6:0f:49:55:2c:b9:45:4d:c1:a5:1c:44:0d:b2:
0e:08:aa:2a:69:8d:26:9f:a9:40:24:09:e6:24:79:
87:81:e0:b3:84:fe:61:d7:c3:d0:38:14:8e:b6:9b:
72:4d:94:77:74:ea:6e:af:4e:dc:60:1a:fa:2c:0b:
da:1c:12:7d:0a:32:9c:67:35:62:6b:2b:9b:d1:5d:
74:c7:3b:2a:40:9f:19:6d:90:50:7c:ad:69:f3:ee:
91:a0:73:7a:77:ec:de:61:bd:e1:41:b8:89:5a:dd:
fb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:DE:03:4D:35:CC:B5:11:40:A3:7C:B1:A6:09:82:74:4C:E6:A3:8A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Pt4DTTXMtRFAo3yxpgmCdEzmo4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::-2a0e:b107:12d9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b7:47:3a:5a:eb:9a:b8:0e:e2:d1:2f:09:ff:77:c7:7e:51:08:
99:85:b9:f7:87:77:a5:fc:3c:c7:6f:92:49:ba:76:1a:5d:4e:
9a:7e:e3:52:c2:0b:3d:37:4d:a6:0b:84:b5:79:9c:e0:a0:8a:
7e:eb:94:c2:6e:a5:29:14:05:23:cf:b3:10:7c:9e:85:60:39:
6a:db:20:88:0a:e6:c8:f3:c6:94:d7:e1:30:d0:d2:51:21:e5:
be:8a:29:a3:a6:db:dd:98:77:31:00:2c:b8:41:8d:e3:e9:c9:
8b:41:ec:16:6c:82:d7:52:4c:86:45:75:9f:94:f2:59:07:f4:
f8:ae:b4:9d:e1:d1:7a:d0:5f:67:65:a9:2d:0b:9e:ac:a6:21:
94:da:a1:d1:dd:3b:0e:2e:8b:3a:06:dd:f0:e5:78:3c:bb:56:
d3:b4:64:33:cc:b5:23:29:a8:42:7e:03:e2:74:86:4b:1f:60:
64:2d:d6:92:c9:ef:83:33:35:e5:6b:30:33:a5:99:04:10:57:
a2:96:65:77:20:19:9a:d2:2b:77:d9:c3:5e:5c:46:5e:c5:a0:
74:33:fb:b7:ac:6b:d3:5a:24:77:22:72:49:c1:9f:2f:a3:e2:
c9:28:74:6b:5b:fd:9c:e5:68:f9:dd:ae:71:d4:a5:3d:1f:8f:
e9:d3:ee:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvTStNod4ldzYmj7lzlL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWRlMDM0ZDM1Y2NiNTExNDBhMzdjYjFhNjA5ODI3NDRjZTZhMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs1FHydVNppZNBBFZthk+M+7U6bm
OupSKcc6pmN8y9p0wpJuBjdZPsoagsspa+jKRgUMoArCKrOF2Am+5yHRqgKQm7mR
TDztUNu0nmQc2wA+ySA1YpU58b8y9HTG7bMhYWoVRYTmMHVtEdLvWrx4miMOIEHF
Dvbjx+UVEo1biYGEDYrQJ0dU3TcQKtS7Se2X1hT6WZ1bxg9JVSy5RU3BpRxEDbIO
CKoqaY0mn6lAJAnmJHmHgeCzhP5h18PQOBSOtptyTZR3dOpur07cYBr6LAvaHBJ9
CjKcZzViayub0V10xzsqQJ8ZbZBQfK1p8+6RoHN6d+zeYb3hQbiJWt37sQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD7eA001zLURQKN8saYJgnRM5qOKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUHQ0RFRUWE10UkZBbzN5eHBnbUNkRXptbzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
EtEDBwEqDrEHEtgwDQYJKoZIhvcNAQELBQADggEBALdHOlrrmrgO4tEvCf93x35R
CJmFufeHd6X8PMdvkkm6dhpdTpp+41LCCz03TaYLhLV5nOCgin7rlMJupSkUBSPP
sxB8noVgOWrbIIgK5sjzxpTX4TDQ0lEh5b6KKaOm292YdzEALLhBjePpyYtB7BZs
gtdSTIZFdZ+U8lkH9PiutJ3h0XrQX2dlqS0LnqymIZTaodHdOw4uizoG3fDleDy7
VtO0ZDPMtSMpqEJ+A+J0hksfYGQt1pLJ74MzNeVrMDOlmQQQV6KWZXcgGZrSK3fZ
w15cRl7FoHQz+7esa9NaJHcicknBny+j4skodGtb/ZzlaPndrnHUpT0fj+nT7pg=
-----END CERTIFICATE-----
Generated at Tue Feb 20 23:17:49 2024 by rpki-client on console-fra.rpki-client.org