Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SkMhwW7hqR0bscvZ7-Nyf9Fm-Io.roa
File: SkMhwW7hqR0bscvZ7-Nyf9Fm-Io.roa (raw, json)
Hash identifier: hrrfA6SwhD7L710x7IT/uosD/sT58XresEuWCiuEV9g=
Subject key identifier: 4A:43:21:C1:6E:E1:A9:1D:1B:B1:CB:D9:EF:E3:72:7F:D1:66:F8:8A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01941D7514101DEC150367505297BA19381D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SkMhwW7hqR0bscvZ7-Nyf9Fm-Io.roa
Signing time: Tue 31 Dec 2024 16:03:19 +0000
ROA not before: Tue 31 Dec 2024 16:03:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:b107:2691::/48 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
2a10:ccc1:1337::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 10:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1d:75:14:10:1d:ec:15:03:67:50:52:97:ba:19:38:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 31 16:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a4321c16ee1a91d1bb1cbd9efe3727fd166f88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:12:53:17:67:77:24:4e:d2:9e:af:4f:4d:
c7:fc:ca:b1:cf:4f:52:ae:a1:f3:3e:d7:fd:18:1b:
b9:e9:05:2d:0f:25:60:88:86:ad:e9:1c:dd:8f:ed:
71:22:fe:f2:c9:0b:23:83:88:74:33:a4:d9:f0:bd:
a6:3d:d6:87:2d:42:e7:2b:4b:ad:de:40:af:91:88:
34:5b:0b:cb:4d:19:4b:58:a0:b2:7b:bd:fb:5f:e7:
84:57:bb:42:78:17:62:0b:92:bd:a3:5b:8d:e1:0a:
bd:84:ad:0b:27:0b:06:15:a0:6e:07:32:ec:ab:d1:
2a:6c:5a:2d:2a:64:2a:12:1d:52:5d:04:73:c9:f1:
b5:f6:2d:ab:62:97:96:18:fb:1a:c0:9a:17:60:ec:
f0:a8:22:7a:63:92:ea:6e:29:3c:e3:76:ef:70:84:
fe:76:db:81:54:fc:c6:1c:00:a0:b7:65:b3:dd:05:
8b:31:94:6d:db:73:06:44:38:db:78:2f:2c:89:ff:
c6:54:2a:68:bf:a4:4a:55:47:88:72:62:14:0b:9b:
c0:c7:b4:8f:8c:af:be:a4:71:c2:6e:05:83:ca:12:
20:98:ef:2d:5a:c5:1e:21:bd:1b:69:e7:ca:22:57:
73:c9:2a:0b:eb:df:97:ad:3a:0d:43:cc:cf:67:52:
bf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:43:21:C1:6E:E1:A9:1D:1B:B1:CB:D9:EF:E3:72:7F:D1:66:F8:8A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SkMhwW7hqR0bscvZ7-Nyf9Fm-Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2691::/48
2a0e:b107:278a::/48
2a10:ccc1:1337::/48
Signature Algorithm: sha256WithRSAEncryption
43:58:26:04:9c:fa:dd:b5:11:0f:4b:bc:24:1d:bc:3d:12:b7:
c0:09:12:f0:3f:10:54:2c:bb:91:89:18:ad:28:cf:8b:8d:dc:
99:fd:c4:77:da:a1:2d:8a:ab:0c:94:ea:33:c0:f6:f8:93:44:
c0:bb:d7:82:3f:70:88:a0:43:ae:48:f1:4d:61:93:68:6b:5a:
57:18:d6:e7:3b:a2:da:48:b6:53:fe:68:3e:41:25:4c:5b:7a:
2f:c9:c4:c0:0b:78:13:16:10:06:72:02:c3:02:c4:85:c6:b5:
59:2d:85:11:e2:93:23:25:b1:a2:9e:fc:3a:da:c3:55:d5:08:
ee:05:a7:8f:79:fa:52:34:4d:4d:12:8a:e1:89:5f:b6:12:34:
d8:a4:68:a2:40:e5:a4:5b:35:f7:fd:ea:71:86:01:32:5a:60:
c5:4e:35:7d:22:8d:aa:2a:c9:a2:c6:37:81:a7:25:a8:55:eb:
f8:08:ad:75:ed:63:68:76:f1:ac:e4:01:ef:27:bc:33:50:33:
57:62:5a:31:4a:09:f8:8b:53:9b:d0:37:6f:83:23:2e:1e:fe:
4f:64:8d:ed:21:a5:08:80:aa:17:6b:25:e8:ff:5e:9c:91:9b:
50:a6:c3:21:ec:26:ff:1d:42:52:ff:2c:2f:28:3a:72:d3:3e:
aa:8f:b4:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQddRQQHewVA2dQUpe6GTgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMjMxMTYwMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQzMjFjMTZlZTFhOTFkMWJiMWNiZDllZmUzNzI3ZmQxNjZmODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/8SUxdndyRO0p6vT03H/Mqxz09S
rqHzPtf9GBu56QUtDyVgiIat6Rzdj+1xIv7yyQsjg4h0M6TZ8L2mPdaHLULnK0ut
3kCvkYg0WwvLTRlLWKCye737X+eEV7tCeBdiC5K9o1uN4Qq9hK0LJwsGFaBuBzLs
q9EqbFotKmQqEh1SXQRzyfG19i2rYpeWGPsawJoXYOzwqCJ6Y5Lqbik843bvcIT+
dtuBVPzGHACgt2Wz3QWLMZRt23MGRDjbeC8sif/GVCpov6RKVUeIcmIUC5vAx7SP
jK++pHHCbgWDyhIgmO8tWsUeIb0baefKIldzySoL69+XrToNQ8zPZ1K/qwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEpDIcFu4akdG7HL2e/jcn/RZviKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU2tNaHdXN2hxUjBic2N2WjctTnlmOUZtLUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xByaR
AwcAKg6xByeKAwcAKhDMwRM3MA0GCSqGSIb3DQEBCwUAA4IBAQBDWCYEnPrdtREP
S7wkHbw9ErfACRLwPxBULLuRiRitKM+LjdyZ/cR32qEtiqsMlOozwPb4k0TAu9eC
P3CIoEOuSPFNYZNoa1pXGNbnO6LaSLZT/mg+QSVMW3ovycTAC3gTFhAGcgLDAsSF
xrVZLYUR4pMjJbGinvw62sNV1QjuBaePefpSNE1NEorhiV+2EjTYpGiiQOWkWzX3
/epxhgEyWmDFTjV9Io2qKsmixjeBpyWoVev4CK117WNodvGs5AHvJ7wzUDNXYlox
Sgn4i1Ob0DdvgyMuHv5PZI3tIaUIgKoXayXo/16ckZtQpsMh7Cb/HUJS/ywvKDpy
0z6qj7Qk
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:46:44 2025 by rpki-client