Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO10cmMQRds7bLEX1GArGuAfzJE.roa
File: SO10cmMQRds7bLEX1GArGuAfzJE.roa (raw, json)
Hash identifier: HSO/v5XuO0f+C/iOcwodiQkD1vyl8X/FOgaeNka60a0=
Subject key identifier: 48:ED:74:72:63:10:45:DB:3B:6C:B1:17:D4:60:2B:1A:E0:1F:CC:91
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD3707809527227BAAD18ACB4F6BAA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO10cmMQRds7bLEX1GArGuAfzJE.roa
Signing time: Tue 02 Jan 2024 10:34:29 +0000
ROA not before: Tue 02 Jan 2024 10:34:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211509
IP address blocks: 2a0e:b107:1180::/48 maxlen: 48
2a0e:b107:1184::/48 maxlen: 48
2a0e:b107:1181::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 11:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:37:07:80:95:27:22:7b:aa:d1:8a:cb:4f:6b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48ed7472631045db3b6cb117d4602b1ae01fcc91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:39:17:e5:ef:fc:d1:c8:32:be:99:7a:b0:10:
d7:35:19:9a:fe:20:89:59:1c:d7:a9:a8:d2:25:10:
37:7a:3d:d0:30:f2:a2:dd:6c:44:ae:1e:ef:92:c2:
a9:c5:21:ab:7b:fe:4b:b2:56:ab:e3:fe:18:c1:32:
bd:95:f8:34:d9:4a:5d:4d:23:d2:48:67:aa:77:b9:
48:a2:bb:35:ff:24:63:52:a1:fe:39:4d:d8:a7:1d:
04:93:f4:a5:fd:6d:8c:02:5f:3c:a1:f9:71:cb:cf:
da:8c:29:59:6a:af:61:4a:99:12:e7:77:bf:90:86:
94:ef:dc:91:8d:a5:8a:62:7d:48:8d:0b:73:98:13:
44:6a:21:4a:1e:cf:8e:fd:fb:45:87:c5:60:d1:64:
e0:00:80:2c:c5:78:c6:d8:3c:10:78:87:8d:43:4b:
ac:70:32:3a:7b:47:84:ff:bd:1d:3b:93:25:bc:fa:
73:76:a2:8f:75:09:36:dc:f9:7d:70:4e:12:41:8b:
2b:a7:e8:e6:1d:3b:d1:38:76:9b:c9:eb:cd:fc:cc:
3c:46:70:e8:17:80:85:75:cf:d2:4a:9e:71:9b:19:
1f:23:25:7a:f7:05:11:40:76:c0:25:15:7c:a6:eb:
86:1e:91:a3:72:ad:68:67:87:e4:9c:1a:fb:45:5f:
d9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:74:72:63:10:45:DB:3B:6C:B1:17:D4:60:2B:1A:E0:1F:CC:91
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SO10cmMQRds7bLEX1GArGuAfzJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1180::/47
2a0e:b107:1184::/48
Signature Algorithm: sha256WithRSAEncryption
7f:b2:d6:15:32:dd:ed:5e:41:45:4b:8f:e5:8c:1e:66:ef:7c:
a4:24:3e:d0:19:1a:81:92:94:64:89:67:82:67:9f:d8:df:c9:
a0:2a:ea:13:47:ba:1f:07:11:c9:a3:22:db:49:c3:85:9d:4c:
51:62:33:2e:ae:f5:4c:b5:e6:7a:b4:ea:89:33:02:7d:56:9d:
cf:41:46:44:63:39:5c:74:94:a4:93:1f:fd:2d:3d:ba:ce:d4:
42:91:6e:ac:ce:82:ab:58:ea:76:2f:a9:52:c6:4b:6f:dd:f2:
51:f5:ab:c7:03:fa:d2:c9:14:56:f2:3b:ce:00:f3:f3:cd:31:
e3:7e:e6:58:73:c1:dc:18:9c:21:60:30:ab:09:d8:fc:ec:9a:
41:5d:c2:e9:c2:fc:b2:7e:e9:16:a7:8b:b0:e1:13:2e:31:0a:
0f:26:37:a8:05:1e:58:2b:30:aa:27:9b:6a:13:1a:33:bb:ef:
09:16:80:62:40:0d:34:24:d4:15:e7:a7:6f:8b:7f:09:5b:82:
10:1a:0d:b9:a0:7a:d8:2f:e4:ab:8b:73:76:0a:bf:6e:14:06:
8c:68:5e:b0:ff:92:03:f5:7f:08:3b:49:ac:1a:e8:7e:52:65:
bc:5f:b5:c8:49:e2:64:63:63:bc:83:e6:da:42:6e:e2:13:6f:
ad:e0:c4:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvTcHgJUnInuq0YrLT2uqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVkNzQ3MjYzMTA0NWRiM2I2Y2IxMTdkNDYwMmIxYWUwMWZjYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjkX5e/80cgyvpl6sBDXNRma/iCJ
WRzXqajSJRA3ej3QMPKi3WxErh7vksKpxSGre/5Lslar4/4YwTK9lfg02UpdTSPS
SGeqd7lIors1/yRjUqH+OU3Ypx0Ek/Sl/W2MAl88oflxy8/ajClZaq9hSpkS53e/
kIaU79yRjaWKYn1IjQtzmBNEaiFKHs+O/ftFh8Vg0WTgAIAsxXjG2DwQeIeNQ0us
cDI6e0eE/70dO5MlvPpzdqKPdQk23Pl9cE4SQYsrp+jmHTvROHabyevN/Mw8RnDo
F4CFdc/SSp5xmxkfIyV69wURQHbAJRV8puuGHpGjcq1oZ4fknBr7RV/ZYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEjtdHJjEEXbO2yxF9RgKxrgH8yRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU08xMGNtTVFSZHM3YkxFWDFHQXJHdUFmekpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6xBxGA
AwcAKg6xBxGEMA0GCSqGSIb3DQEBCwUAA4IBAQB/stYVMt3tXkFFS4/ljB5m73yk
JD7QGRqBkpRkiWeCZ5/Y38mgKuoTR7ofBxHJoyLbScOFnUxRYjMurvVMteZ6tOqJ
MwJ9Vp3PQUZEYzlcdJSkkx/9LT26ztRCkW6szoKrWOp2L6lSxktv3fJR9avHA/rS
yRRW8jvOAPPzzTHjfuZYc8HcGJwhYDCrCdj87JpBXcLpwvyyfukWp4uw4RMuMQoP
JjeoBR5YKzCqJ5tqExozu+8JFoBiQA00JNQV56dvi38JW4IQGg25oHrYL+Sri3N2
Cr9uFAaMaF6w/5ID9X8IO0msGuh+UmW8X7XISeJkY2O8g+baQm7iE2+t4MQO
-----END CERTIFICATE-----
Generated at Fri Feb 23 16:26:43 2024 by rpki-client on console-ams.rpki-client.org