Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RvZGKdhMZLZ6jNFXrYZw9rIhZcI.roa
File: RvZGKdhMZLZ6jNFXrYZw9rIhZcI.roa (raw, json)
Hash identifier: 2xNhI39bxRyEw1W32ixGNN87UhMYhJOB2y55Jgxdq4E=
Subject key identifier: 46:F6:46:29:D8:4C:64:B6:7A:8C:D1:57:AD:86:70:F6:B2:21:65:C2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CF05E845879C4F780F96BFA93B9066E4E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RvZGKdhMZLZ6jNFXrYZw9rIhZcI.roa
Signing time: Tue 09 Jan 2024 22:36:15 +0000
ROA not before: Tue 09 Jan 2024 22:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212184
IP address blocks: 2a0e:b107:20b0::/48 maxlen: 48
2a10:2f00:192::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 21:11:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f0:5e:84:58:79:c4:f7:80:f9:6b:fa:93:b9:06:6e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 9 22:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46f64629d84c64b67a8cd157ad8670f6b22165c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8a:03:3d:2c:9c:28:54:84:ec:70:fb:ef:f0:
ec:90:15:3f:02:db:9a:38:4d:02:7a:e8:71:81:cd:
6c:57:1c:d4:2e:71:a8:b2:35:fd:73:59:9c:1e:83:
ad:d1:8d:1d:17:a8:32:6d:d1:d6:f7:79:20:11:bd:
92:13:64:bf:e2:dd:ff:63:3e:b7:00:ba:03:f2:d5:
f5:2f:95:47:68:03:b4:8f:e3:36:99:c7:7e:83:33:
91:18:4f:d1:1e:81:3d:aa:c6:35:23:a2:ed:59:49:
08:ad:b9:58:e2:a4:ec:22:31:44:be:a0:13:37:ee:
c4:29:26:d6:61:a5:69:cb:8c:14:be:de:7b:a3:d8:
d6:3b:12:1d:a8:d3:5b:4e:ab:db:59:05:b7:40:8a:
60:7f:fd:5e:02:53:c5:6c:33:39:69:71:14:a6:27:
93:02:ca:b5:c5:65:72:cf:ca:20:5f:c3:ed:a6:39:
55:0f:b2:68:d3:75:8f:b2:34:20:40:86:16:84:f8:
7f:5c:ab:65:d0:3c:05:95:a3:a1:f7:e2:a2:bd:3e:
2e:97:28:90:48:06:01:af:9d:da:3a:87:d6:7d:5c:
f1:8d:d3:94:3e:86:26:aa:91:b3:6f:a8:de:2d:f5:
e3:47:25:59:ba:fa:c0:07:b9:c9:f4:37:ff:82:2f:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F6:46:29:D8:4C:64:B6:7A:8C:D1:57:AD:86:70:F6:B2:21:65:C2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RvZGKdhMZLZ6jNFXrYZw9rIhZcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:20b0::/48
2a10:2f00:192::/48
Signature Algorithm: sha256WithRSAEncryption
4f:ab:af:3b:fe:75:3f:80:67:a2:5d:a2:bd:e9:5f:ea:73:78:
ea:d1:b2:e1:99:d9:bd:86:d1:a4:c1:18:30:0f:8f:87:52:3f:
9c:67:78:a8:30:e0:f2:cf:03:f8:ff:82:8c:b1:8a:3c:ae:a2:
54:8f:77:a5:f9:24:53:a9:43:9c:fe:51:b0:d2:ee:af:93:de:
2b:ca:ca:85:36:1b:ad:38:5b:89:0b:c7:86:ed:f4:1b:03:d7:
ce:70:ec:c9:29:e1:de:b5:b7:21:79:99:90:8a:fb:ff:b9:21:
d4:a1:6e:52:ae:4a:8b:83:29:d1:66:e4:a1:e3:ef:76:b2:c4:
51:a2:31:38:bf:e0:57:60:ed:16:d7:ca:54:0f:e7:e9:06:e2:
c9:bf:9f:66:4a:37:52:91:3d:a5:15:af:3c:db:c5:bd:98:e4:
46:37:fb:ed:7b:b7:db:2f:64:0d:92:fa:a5:4a:a7:05:93:86:
82:c1:d3:88:c5:48:a8:75:2b:54:5c:32:2d:f3:22:69:17:c0:
ad:86:5f:b5:a0:8b:55:28:00:b4:26:a1:1a:0c:8b:2c:b2:49:
28:98:43:17:5f:e1:6b:0c:64:5e:c1:c8:be:59:b0:74:b8:e9:
12:a8:0d:8a:85:0f:ef:bd:82:2a:39:e7:eb:49:27:d8:9b:ec:
1b:52:96:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzwXoRYecT3gPlr+pO5Bm5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTA5MjIzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmY2NDYyOWQ4NGM2NGI2N2E4Y2QxNTdhZDg2NzBmNmIyMjE2NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIoDPSycKFSE7HD77/DskBU/Atua
OE0Ceuhxgc1sVxzULnGosjX9c1mcHoOt0Y0dF6gybdHW93kgEb2SE2S/4t3/Yz63
ALoD8tX1L5VHaAO0j+M2mcd+gzORGE/RHoE9qsY1I6LtWUkIrblY4qTsIjFEvqAT
N+7EKSbWYaVpy4wUvt57o9jWOxIdqNNbTqvbWQW3QIpgf/1eAlPFbDM5aXEUpieT
Asq1xWVyz8ogX8PtpjlVD7Jo03WPsjQgQIYWhPh/XKtl0DwFlaOh9+KivT4ulyiQ
SAYBr53aOofWfVzxjdOUPoYmqpGzb6jeLfXjRyVZuvrAB7nJ9Df/gi/73QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEb2RinYTGS2eozRV62GcPayIWXCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUnZaR0tkaE1aTFo2ak5GWHJZWnc5ckloWmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xByCw
AwcAKhAvAAGSMA0GCSqGSIb3DQEBCwUAA4IBAQBPq687/nU/gGeiXaK96V/qc3jq
0bLhmdm9htGkwRgwD4+HUj+cZ3ioMODyzwP4/4KMsYo8rqJUj3el+SRTqUOc/lGw
0u6vk94rysqFNhutOFuJC8eG7fQbA9fOcOzJKeHetbcheZmQivv/uSHUoW5SrkqL
gynRZuSh4+92ssRRojE4v+BXYO0W18pUD+fpBuLJv59mSjdSkT2lFa8828W9mORG
N/vte7fbL2QNkvqlSqcFk4aCwdOIxUiodStUXDIt8yJpF8Cthl+1oItVKAC0JqEa
DIssskkomEMXX+FrDGRewci+WbB0uOkSqA2KhQ/vvYIqOefrSSfYm+wbUpaC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org