Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SdxA-HRZ1QJklqPgPU4-BCQqShg.roa
File: SdxA-HRZ1QJklqPgPU4-BCQqShg.roa (raw, json)
Hash identifier: XMUzlrm4V79YbHK1iikZ1HSTiOJmcS4X+mS31QOnluM=
Subject key identifier: 49:DC:40:F8:74:59:D5:02:64:96:A3:E0:3D:4E:3E:04:24:2A:4A:18
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018AB7F2325E5B69D85750902E4DF39BFEDA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SdxA-HRZ1QJklqPgPU4-BCQqShg.roa
Signing time: Thu 21 Sep 2023 13:33:37 +0000
ROA not before: Thu 21 Sep 2023 13:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:97c0:5d0::/44 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Sep 2023 15:15:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:f2:32:5e:5b:69:d8:57:50:90:2e:4d:f3:9b:fe:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 21 13:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49dc40f87459d5026496a3e03d4e3e04242a4a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:b3:82:9b:ac:54:31:22:bc:4d:d9:27:7d:
66:2e:31:8c:6d:29:7e:93:57:71:52:da:af:a9:cd:
ca:03:d7:a7:87:88:7f:2b:16:75:a0:01:13:be:10:
9e:51:26:79:87:ee:49:22:a3:e2:1b:68:89:11:93:
b0:61:a1:6f:49:75:12:ba:89:a0:89:3e:24:1c:cc:
a4:f9:c1:7e:64:63:48:9d:69:e2:b0:8d:3f:2e:14:
e2:8c:7f:26:15:6e:b8:04:27:af:43:19:ad:9d:bf:
36:e5:2a:2d:3b:8c:aa:57:1a:dd:0a:b9:f9:35:15:
f5:46:fc:b0:99:7d:52:27:93:ea:30:9b:67:56:ef:
21:91:92:41:55:f1:4a:99:7d:44:37:2d:46:22:53:
9f:6a:32:28:5b:95:ad:e7:f1:fc:21:b2:73:c3:9c:
2e:12:85:c8:8b:6d:4f:8f:74:d7:45:de:4b:a0:9f:
f0:3c:aa:9b:03:ae:9f:1e:2c:91:e7:e8:bf:ae:bf:
4c:12:c4:3d:a0:70:15:32:71:74:21:1a:11:50:52:
b7:70:f7:5d:6e:93:66:cb:58:f5:eb:9a:b3:f9:6c:
c7:10:89:6e:fd:e7:81:2b:0a:de:3f:d7:36:5e:a9:
8a:d0:f8:75:b7:13:92:00:a9:5b:7d:85:e8:fb:c7:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DC:40:F8:74:59:D5:02:64:96:A3:E0:3D:4E:3E:04:24:2A:4A:18
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SdxA-HRZ1QJklqPgPU4-BCQqShg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5d0::/44
2a0e:b107:278a::/48
Signature Algorithm: sha256WithRSAEncryption
1b:8c:59:86:e5:e2:ff:7a:15:da:8f:f4:f9:6b:ed:0c:75:72:
f7:7e:3c:c9:74:ee:80:39:ee:7b:8d:25:d9:83:05:55:7a:c3:
22:08:d6:d0:15:94:e6:8b:15:36:c4:96:e6:29:b7:ce:35:83:
50:ed:a7:c3:a1:ee:a8:76:7a:5b:f2:3f:87:6e:0e:e4:8f:76:
28:6c:6f:4e:6f:c1:4e:fd:42:1e:30:3a:89:06:39:2a:d9:27:
fe:36:73:f1:01:e4:65:72:b4:75:5b:0d:0f:b6:8f:a0:62:68:
10:30:87:f3:39:76:c4:58:e5:3f:36:02:61:49:82:78:c4:a7:
e8:13:87:a9:41:9c:55:d9:ab:ba:af:6b:65:14:7f:75:64:60:
b6:64:e8:7e:e1:0b:c8:32:c0:dc:c9:b0:98:18:a7:35:dc:d6:
e6:85:f1:22:8c:9b:ad:5d:49:f8:7e:96:fb:c3:c0:ea:d7:51:
1a:3f:a5:3e:b7:07:75:40:55:f9:7a:dc:9c:d3:1b:7c:fa:f1:
07:62:3f:e4:92:e6:46:06:99:dc:5d:19:8a:3a:0b:36:76:2e:
19:a0:9a:bb:fd:b5:52:92:d7:b8:2a:ab:34:d5:c3:05:03:83:
c3:ed:2f:ee:68:48:62:7e:b8:1f:80:41:46:d0:30:25:ca:79:
1f:5c:8b:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYq38jJeW2nYV1CQLk3zm/7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTIxMTMzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRjNDBmODc0NTlkNTAyNjQ5NmEzZTAzZDRlM2UwNDI0MmE0YTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJqzgpusVDEivE3ZJ31mLjGMbSl+
k1dxUtqvqc3KA9enh4h/KxZ1oAETvhCeUSZ5h+5JIqPiG2iJEZOwYaFvSXUSuomg
iT4kHMyk+cF+ZGNInWnisI0/LhTijH8mFW64BCevQxmtnb825SotO4yqVxrdCrn5
NRX1RvywmX1SJ5PqMJtnVu8hkZJBVfFKmX1ENy1GIlOfajIoW5Wt5/H8IbJzw5wu
EoXIi21Pj3TXRd5LoJ/wPKqbA66fHiyR5+i/rr9MEsQ9oHAVMnF0IRoRUFK3cPdd
bpNmy1j165qz+WzHEIlu/eeBKwreP9c2XqmK0Ph1txOSAKlbfYXo+8eHuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEncQPh0WdUCZJaj4D1OPgQkKkoYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU2R4QS1IUloxUUprbHFQZ1BVNC1CQ1FxU2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAXQ
AwcAKg6xByeKMA0GCSqGSIb3DQEBCwUAA4IBAQAbjFmG5eL/ehXaj/T5a+0MdXL3
fjzJdO6AOe57jSXZgwVVesMiCNbQFZTmixU2xJbmKbfONYNQ7afDoe6odnpb8j+H
bg7kj3YobG9Ob8FO/UIeMDqJBjkq2Sf+NnPxAeRlcrR1Ww0Pto+gYmgQMIfzOXbE
WOU/NgJhSYJ4xKfoE4epQZxV2au6r2tlFH91ZGC2ZOh+4QvIMsDcybCYGKc13Nbm
hfEijJutXUn4fpb7w8Dq11EaP6U+twd1QFX5etyc0xt8+vEHYj/kkuZGBpncXRmK
Ogs2di4ZoJq7/bVSkte4Kqs01cMFA4PD7S/uaEhifrgfgEFG0DAlynkfXIsi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:31 2024 by rpki-client on console-fra.rpki-client.org