Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SNIbUShw0gVA3rEwctMocoutNoI.roa
File: SNIbUShw0gVA3rEwctMocoutNoI.roa (raw, json)
Hash identifier: mYATYRmMRW8cH1AqN+0qP7fD+B87DzqAiZPyQ3nE40c=
Subject key identifier: 48:D2:1B:51:28:70:D2:05:40:DE:B1:30:72:D3:28:72:8B:AD:36:82
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D4F7E179D9F85659CA7814725717B1A83
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SNIbUShw0gVA3rEwctMocoutNoI.roa
Signing time: Sun 28 Jan 2024 09:54:40 +0000
ROA not before: Sun 28 Jan 2024 09:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199129
IP address blocks: 2a06:de06:385::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Mar 2024 03:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:7e:17:9d:9f:85:65:9c:a7:81:47:25:71:7b:1a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 09:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48d21b512870d20540deb13072d328728bad3682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:eb:c2:27:00:54:36:13:85:8b:b2:d1:6e:53:
8b:df:4f:a2:62:29:d0:dc:54:3e:56:b7:80:a9:2c:
8a:40:39:ae:33:3a:74:92:1e:19:3b:f7:5a:55:54:
b1:98:c1:4f:7b:5a:06:bc:f5:b3:0b:7f:8a:70:da:
08:f3:49:06:38:fc:f4:91:ec:78:22:35:a8:c7:af:
33:7c:97:62:68:cf:92:41:a0:a0:46:ff:7d:49:46:
d7:c0:5a:af:14:b0:f2:53:f9:a9:90:2c:70:0b:11:
19:66:9c:a1:9c:3c:2d:5b:ce:b9:d8:51:d3:04:4c:
65:1d:69:bb:3b:e7:4b:d6:d2:5d:e5:5e:03:09:e4:
85:75:77:4c:0f:89:ac:7f:3b:1a:3d:14:39:f0:53:
8c:a2:d5:0f:3b:18:24:ed:e0:22:2e:b5:b9:7c:d5:
e1:ba:59:d6:ba:b2:e7:0d:18:ac:b8:91:8e:6e:20:
1b:e0:81:e4:76:2f:aa:47:f4:b9:9c:71:56:ce:41:
78:91:99:e3:f7:67:ec:30:eb:37:f6:3a:0c:67:f2:
7c:3e:29:62:3d:fe:63:0e:63:47:fc:80:ef:e8:07:
40:2b:c4:ed:98:3b:11:90:78:55:85:9e:c8:bf:4f:
92:ab:d5:e6:e3:c4:61:ec:eb:36:45:8c:dc:64:a0:
07:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D2:1B:51:28:70:D2:05:40:DE:B1:30:72:D3:28:72:8B:AD:36:82
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SNIbUShw0gVA3rEwctMocoutNoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de06:385::/48
Signature Algorithm: sha256WithRSAEncryption
09:f2:b5:40:d1:45:34:28:3c:1c:3b:da:42:81:17:cd:c1:35:
b8:46:09:da:c2:9c:ae:a6:df:ef:ad:76:3d:21:ed:29:64:62:
a2:a5:69:72:ed:1a:43:e6:8f:5b:58:a8:12:22:be:6a:80:6a:
30:5b:7b:39:c0:0a:22:78:9b:40:9a:d8:26:84:df:43:4f:c9:
92:8e:28:2a:f6:5b:22:2b:e2:08:8f:cc:7b:6f:6b:d0:a0:4e:
8b:7a:62:d4:7e:2b:40:b0:88:79:a1:1b:9e:59:18:5e:46:dc:
7e:17:14:b8:8f:41:36:87:45:74:0f:c8:3c:2a:ef:e0:fd:fa:
51:d1:13:ff:63:a3:38:78:3c:16:1d:09:01:e9:92:97:fb:41:
fd:3f:08:87:13:89:11:a6:2a:b9:99:86:d1:1b:c9:8d:60:23:
c3:66:2c:43:8e:fc:58:14:bb:e5:c2:9b:43:45:81:7e:7c:5e:
29:a6:b1:b9:75:19:ed:6d:0c:85:f7:72:5b:db:dc:62:4c:da:
a8:5c:9f:4e:5a:db:f4:5e:6f:fa:76:05:eb:c7:04:ba:66:aa:
ec:5c:02:86:d0:ae:b9:5f:07:c3:e1:c1:eb:9a:3d:7e:f4:90:
f2:5c:ec:eb:f3:55:70:77:27:b9:a5:c7:b0:7e:f1:71:b2:35:
3f:cf:db:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1Pfhedn4VlnKeBRyVxexqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI4MDk1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQyMWI1MTI4NzBkMjA1NDBkZWIxMzA3MmQzMjg3MjhiYWQzNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOvCJwBUNhOFi7LRblOL30+iYinQ
3FQ+VreAqSyKQDmuMzp0kh4ZO/daVVSxmMFPe1oGvPWzC3+KcNoI80kGOPz0kex4
IjWox68zfJdiaM+SQaCgRv99SUbXwFqvFLDyU/mpkCxwCxEZZpyhnDwtW8652FHT
BExlHWm7O+dL1tJd5V4DCeSFdXdMD4msfzsaPRQ58FOMotUPOxgk7eAiLrW5fNXh
ulnWurLnDRisuJGObiAb4IHkdi+qR/S5nHFWzkF4kZnj92fsMOs39joMZ/J8Pili
Pf5jDmNH/IDv6AdAK8TtmDsRkHhVhZ7Iv0+Sq9Xm48Rh7Os2RYzcZKAHFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEjSG1EocNIFQN6xMHLTKHKLrTaCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU05JYlVTaHcwZ1ZBM3JFd2N0TW9jb3V0Tm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbeBgOF
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ8rVA0UU0KDwcO9pCgRfNwTW4Rgnawpyupt/v
rXY9Ie0pZGKipWly7RpD5o9bWKgSIr5qgGowW3s5wAoieJtAmtgmhN9DT8mSjigq
9lsiK+IIj8x7b2vQoE6LemLUfitAsIh5oRueWRheRtx+FxS4j0E2h0V0D8g8Ku/g
/fpR0RP/Y6M4eDwWHQkB6ZKX+0H9PwiHE4kRpiq5mYbRG8mNYCPDZixDjvxYFLvl
wptDRYF+fF4pprG5dRntbQyF93Jb29xiTNqoXJ9OWtv0Xm/6dgXrxwS6ZqrsXAKG
0K65XwfD4cHrmj1+9JDyXOzr81Vwdye5pcewfvFxsjU/z9uO
-----END CERTIFICATE-----
Generated at Sun Mar 10 06:41:25 2024 by rpki-client on console-fra.rpki-client.org