Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SDH8dzo8cej6HHKY9rM8SWdB1QY.roa
File: SDH8dzo8cej6HHKY9rM8SWdB1QY.roa (raw, json)
Hash identifier: yZ5xEN/OyMMhZXojToFNt4lWeYej7vxiQ/IZHohQf0s=
Subject key identifier: 48:31:FC:77:3A:3C:71:E8:FA:1C:72:98:F6:B3:3C:49:67:41:D5:06
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01930D2E0D849370285FC3E01298BBD7BC28
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SDH8dzo8cej6HHKY9rM8SWdB1QY.roa
Signing time: Fri 08 Nov 2024 19:09:02 +0000
ROA not before: Fri 08 Nov 2024 19:09:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:de00:f0::/44 maxlen: 48
2a06:de01:140::/44 maxlen: 48
2a06:de01:141::/48 maxlen: 48
2a06:de01:142::/48 maxlen: 48
2a06:de01:143::/48 maxlen: 48
2a06:de01:144::/48 maxlen: 48
2a06:de01:145::/48 maxlen: 48
2a06:de01:170::/44 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Nov 2024 04:10:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0d:2e:0d:84:93:70:28:5f:c3:e0:12:98:bb:d7:bc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 8 19:09:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4831fc773a3c71e8fa1c7298f6b33c496741d506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4d:df:c5:ca:c9:03:f4:91:2a:ec:47:f9:ed:
d0:8c:55:89:3d:96:e1:7e:00:ef:4b:15:c5:10:c5:
63:02:f0:90:56:e5:14:4e:f0:4d:97:91:3f:db:28:
92:25:e2:f2:c8:d1:7f:bb:4b:b0:48:fb:be:69:eb:
51:ea:c9:64:6c:d3:3a:33:1d:d8:9e:73:01:fc:28:
1c:b5:6f:81:a5:4f:3b:b4:8f:0c:ac:b3:f4:37:04:
09:28:03:a3:b5:c9:83:ed:41:df:a1:0c:33:87:bd:
2b:19:c9:ca:51:fa:6f:f1:45:5f:5b:3c:14:74:f5:
5b:d0:9b:3f:88:e3:0d:e9:9b:a4:82:4d:38:9f:3e:
e1:85:ca:03:81:7c:59:14:0a:e3:65:b7:51:57:9c:
89:ad:14:48:bd:43:36:6a:9f:8b:9a:72:51:82:b2:
4c:dd:7a:bb:c7:11:76:0c:d2:1e:84:67:57:8a:eb:
b2:b7:98:81:dd:36:68:3c:30:d9:af:ab:ba:45:ad:
c3:8d:f1:94:93:ba:02:75:8e:6a:06:0f:fe:de:01:
a3:99:d0:df:95:4d:d7:7f:06:d7:28:18:97:fc:09:
21:00:b6:d9:a7:70:e2:0f:a0:48:40:55:d5:40:97:
a0:01:ab:e3:61:f2:47:6b:19:ff:7a:74:b0:17:c6:
1e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:31:FC:77:3A:3C:71:E8:FA:1C:72:98:F6:B3:3C:49:67:41:D5:06
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SDH8dzo8cej6HHKY9rM8SWdB1QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:f0::/44
2a06:de01:140::/44
2a06:de01:170::/44
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
12:48:79:76:6f:9c:e0:90:43:ed:31:df:1b:db:24:7a:bd:2f:
71:73:97:8d:ec:b3:b6:c2:db:61:35:7b:e2:4f:55:e0:93:3f:
c7:3b:3e:ed:e9:62:19:fe:9d:c4:1a:5e:3f:f2:a1:f7:3b:aa:
f5:68:67:a0:e5:42:09:50:9b:dc:8e:c9:d7:d1:21:a7:36:b4:
bd:ae:b3:0c:ed:ef:1e:ac:aa:e5:46:56:d9:99:45:ea:7e:cb:
ed:56:12:3c:19:06:9d:33:9c:d2:fb:ea:e7:24:2a:ab:c1:3b:
8a:19:d1:53:09:ba:7d:11:dc:49:0e:a6:b9:4b:38:6f:f0:ec:
ce:e8:39:2d:70:48:54:a4:bc:92:58:92:b4:96:71:4e:a4:72:
96:17:ae:19:29:21:07:07:9b:74:09:4c:d5:42:5b:5e:92:ad:
ad:7f:58:e8:f7:4f:48:17:29:4e:d0:9e:4a:ef:2d:77:46:c1:
26:f2:30:ad:79:df:f1:94:f2:97:3a:da:43:5e:73:01:08:f5:
24:84:29:bb:b6:79:87:3f:d0:ef:82:53:38:35:b7:96:76:44:
e7:ca:5d:c4:dd:fd:86:28:20:ad:27:24:2a:1e:88:40:0f:2b:
49:e2:ea:d4:30:40:89:ed:45:1e:00:4e:dd:dc:ab:71:dc:ad:
e9:a9:5e:09
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZMNLg2Ek3AoX8PgEpi717woMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTA4MTkwOTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODMxZmM3NzNhM2M3MWU4ZmExYzcyOThmNmIzM2M0OTY3NDFkNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3E3fxcrJA/SRKuxH+e3QjFWJPZbh
fgDvSxXFEMVjAvCQVuUUTvBNl5E/2yiSJeLyyNF/u0uwSPu+aetR6slkbNM6Mx3Y
nnMB/CgctW+BpU87tI8MrLP0NwQJKAOjtcmD7UHfoQwzh70rGcnKUfpv8UVfWzwU
dPVb0Js/iOMN6Zukgk04nz7hhcoDgXxZFArjZbdRV5yJrRRIvUM2ap+LmnJRgrJM
3Xq7xxF2DNIehGdXiuuyt5iB3TZoPDDZr6u6Ra3DjfGUk7oCdY5qBg/+3gGjmdDf
lU3XfwbXKBiX/AkhALbZp3DiD6BIQFXVQJegAavjYfJHaxn/enSwF8YeWQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFEgx/Hc6PHHo+hxymPazPElnQdUGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU0RIOGR6bzhjZWo2SEhLWTlyTThTV2RCMVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAIwgYYDBwQq
Bt4AAPADBwQqBt4BAUADBwQqBt4BAXADBgAqDDuH/wMHACoOl8AHUDASAwcAKg6X
wAeRAwcAKg6XwAeSAwYCKg6XxKwDBwAqDrEHCfQDBwAqDrEHCfYDBwAqDrEHDfID
BwAqDrEHGHADBwAqDrEHG54DBwAqDrEHJ4sDBgIqEMzHkDANBgkqhkiG9w0BAQsF
AAOCAQEAEkh5dm+c4JBD7THfG9sker0vcXOXjeyztsLbYTV74k9V4JM/xzs+7eli
Gf6dxBpeP/Kh9zuq9WhnoOVCCVCb3I7J19Ehpza0va6zDO3vHqyq5UZW2ZlF6n7L
7VYSPBkGnTOc0vvq5yQqq8E7ihnRUwm6fRHcSQ6muUs4b/Dszug5LXBIVKS8kliS
tJZxTqRylheuGSkhBwebdAlM1UJbXpKtrX9Y6PdPSBcpTtCeSu8td0bBJvIwrXnf
8ZTylzraQ15zAQj1JIQpu7Z5hz/Q74JTODW3lnZE58pdxN39higgrSckKh6IQA8r
SeLq1DBAie1FHgBO3dyrcdyt6aleCQ==
-----END CERTIFICATE-----
Generated at Sat Nov 9 07:07:39 2024 by rpki-client on console-fra.rpki-client.org