Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Qd6oHTlTSghndBHCdfmT2IoB4cA.roa
File: Qd6oHTlTSghndBHCdfmT2IoB4cA.roa (raw, json)
Hash identifier: 1zkJtoJjEaIJyvhW34213Rujfpgx34wdSWPcvUyWpCM=
Subject key identifier: 41:DE:A8:1D:39:53:4A:08:67:74:11:C2:75:F9:93:D8:8A:01:E1:C0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B3F39DAFEBC6794DC2DC19930B6343CE2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Qd6oHTlTSghndBHCdfmT2IoB4cA.roa
Signing time: Tue 17 Oct 2023 20:00:38 +0000
ROA not before: Tue 17 Oct 2023 20:00:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207252
IP address blocks: 2a10:cc40:270::/44 maxlen: 48
2a10:cc40:270::/48 maxlen: 48
2a0e:b107:1199::/48 maxlen: 48
2a06:de00:400::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Oct 2023 16:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3f:39:da:fe:bc:67:94:dc:2d:c1:99:30:b6:34:3c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 17 20:00:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41dea81d39534a08677411c275f993d88a01e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:09:59:15:19:90:76:f6:80:51:61:a1:c2:1e:
50:2d:5a:45:bd:f4:85:bd:6b:77:52:83:81:fa:af:
56:74:f1:81:d2:ee:87:c4:ed:8b:06:d8:24:d2:0d:
c5:74:6c:3b:37:74:d6:15:27:31:5b:f3:00:a6:09:
f1:f7:51:2c:13:af:31:f8:32:b2:04:bc:a4:e0:e8:
ed:f6:9e:e0:ff:8c:5b:93:c9:bb:95:86:bd:cf:81:
53:49:0e:54:f4:9e:69:9a:29:4f:dc:be:2d:54:b6:
8b:2d:15:1a:a3:b1:da:54:88:41:d3:af:3b:ab:32:
b3:d2:94:ba:0a:6d:3d:ad:15:e9:f8:91:4c:d0:0c:
d7:03:4c:ff:4d:a8:3b:24:1d:cf:c9:5f:0b:21:40:
62:a2:47:70:5e:05:8a:e1:2b:78:83:4f:4f:1c:01:
a3:45:7a:c7:9a:9d:75:2f:5d:55:c8:9d:08:ee:6d:
1f:4d:43:7e:c4:8f:67:c6:4b:4c:51:73:d8:9e:aa:
e1:e5:6b:6f:85:d1:2f:f6:bb:cf:8c:a4:c0:b0:da:
73:e9:b7:0f:e5:e9:60:08:3a:b9:66:01:98:ff:e6:
cf:c7:06:55:0f:b7:f0:e5:59:f9:6e:a1:34:13:0d:
cb:fc:e9:aa:58:28:a9:10:2a:92:69:00:d9:20:de:
46:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DE:A8:1D:39:53:4A:08:67:74:11:C2:75:F9:93:D8:8A:01:E1:C0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Qd6oHTlTSghndBHCdfmT2IoB4cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:400::/38
2a0e:b107:1199::/48
2a10:cc40:270::/44
Signature Algorithm: sha256WithRSAEncryption
49:56:e9:17:7d:b1:cc:b3:46:e3:b4:bd:27:2f:fd:aa:b8:7a:
b4:cc:ac:66:29:2f:97:cf:73:7d:0f:6c:02:5a:37:03:8c:aa:
05:ae:46:dc:ff:56:3e:2e:c9:1b:94:31:5f:de:09:1b:06:69:
08:4a:84:11:83:fb:4f:1c:7c:b3:90:fc:61:03:52:e0:22:1a:
20:89:fc:dd:4b:ea:ad:30:7e:ea:6b:74:1b:1d:4d:3f:a9:b3:
cd:8e:d6:b3:53:ee:68:03:62:99:84:8c:15:3e:f3:dc:21:f5:
f4:8d:ff:c1:0f:72:bf:57:3f:38:32:7a:09:68:52:24:ac:63:
95:91:e5:2c:5a:f9:b4:06:bd:05:78:df:07:52:8c:fc:7c:60:
05:c8:a1:0c:94:b3:22:34:7e:b6:da:3d:b5:e8:6d:17:57:f6:
94:88:b6:1a:2b:9d:38:2d:1d:82:76:a8:78:07:50:02:fe:b7:
67:e7:f4:ca:79:82:58:c8:12:06:00:eb:93:e0:a1:bb:31:7c:
9d:b6:b9:1a:62:5e:d4:43:ec:99:28:50:4c:c2:8e:f2:f9:8b:
14:63:de:54:93:4d:ce:ae:33:f2:62:54:8d:45:0e:2c:ca:0f:
c9:2d:70:e5:fd:83:b4:88:0a:f3:81:c1:d3:cb:e9:7a:05:66:
2e:3d:15:cf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYs/Odr+vGeU3C3BmTC2NDziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDE3MjAwMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRlYTgxZDM5NTM0YTA4Njc3NDExYzI3NWY5OTNkODhhMDFlMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoglZFRmQdvaAUWGhwh5QLVpFvfSF
vWt3UoOB+q9WdPGB0u6HxO2LBtgk0g3FdGw7N3TWFScxW/MApgnx91EsE68x+DKy
BLyk4Ojt9p7g/4xbk8m7lYa9z4FTSQ5U9J5pmilP3L4tVLaLLRUao7HaVIhB0687
qzKz0pS6Cm09rRXp+JFM0AzXA0z/Tag7JB3PyV8LIUBiokdwXgWK4St4g09PHAGj
RXrHmp11L11VyJ0I7m0fTUN+xI9nxktMUXPYnqrh5WtvhdEv9rvPjKTAsNpz6bcP
5elgCDq5ZgGY/+bPxwZVD7fw5Vn5bqE0Ew3L/OmqWCipECqSaQDZIN5GJQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEHeqB05U0oIZ3QRwnX5k9iKAeHAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUWQ2b0hUbFRTZ2huZEJIQ2RmbVQySW9CNGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYCKgbeAAQD
BwAqDrEHEZkDBwQqEMxAAnAwDQYJKoZIhvcNAQELBQADggEBAElW6Rd9scyzRuO0
vScv/aq4erTMrGYpL5fPc30PbAJaNwOMqgWuRtz/Vj4uyRuUMV/eCRsGaQhKhBGD
+08cfLOQ/GEDUuAiGiCJ/N1L6q0wfuprdBsdTT+ps82O1rNT7mgDYpmEjBU+89wh
9fSN/8EPcr9XPzgyegloUiSsY5WR5Sxa+bQGvQV43wdSjPx8YAXIoQyUsyI0frba
PbXobRdX9pSIthornTgtHYJ2qHgHUAL+t2fn9Mp5gljIEgYA65PgobsxfJ22uRpi
XtRD7JkoUEzCjvL5ixRj3lSTTc6uM/JiVI1FDizKD8ktcOX9g7SICvOBwdPL6XoF
Zi49Fc8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org