Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StzbtQKjbO2pgc2Ts_N0oVVYVgM.roa
File: StzbtQKjbO2pgc2Ts_N0oVVYVgM.roa (raw, json)
Hash identifier: lh6WfcJGNqRU4eylqlnsbgIwqH3u7xzJWfqLglsHkp4=
Subject key identifier: 4A:DC:DB:B5:02:A3:6C:ED:A9:81:CD:93:B3:F3:74:A1:55:58:56:03
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018ABCF4DA4B939679783C0695764732F195
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StzbtQKjbO2pgc2Ts_N0oVVYVgM.roa
Signing time: Fri 22 Sep 2023 12:54:37 +0000
ROA not before: Fri 22 Sep 2023 12:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:b107:27c7::/48 maxlen: 48
2a0e:97c6:6800::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
2a0e:97c6:6801::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Nov 2023 23:51:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:f4:da:4b:93:96:79:78:3c:06:95:76:47:32:f1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 22 12:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4adcdbb502a36ceda981cd93b3f374a155585603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:76:3e:10:1c:10:10:54:9d:29:47:aa:14:
9e:fb:70:79:61:b6:bc:60:e8:96:43:c0:16:02:af:
fe:b5:78:22:a9:68:d6:a7:cb:70:b1:d3:ae:52:b9:
34:a1:a2:78:83:da:de:80:47:63:1e:8e:0b:74:b9:
2f:e1:11:1f:10:82:8a:53:71:28:9d:f8:7e:53:5e:
16:a1:5e:90:87:47:f5:13:10:6d:de:99:98:7a:f6:
60:c8:82:b8:13:b0:f5:01:f6:a4:b2:92:01:74:2a:
b5:d6:3e:78:17:f8:06:48:47:b3:0e:8a:25:71:71:
97:19:f5:e6:2d:ac:70:8f:89:ba:28:08:13:2d:27:
70:dc:cc:59:7f:0d:7a:ee:2a:55:fa:fc:6d:f0:7a:
88:27:27:5b:71:fe:85:93:69:d6:c6:31:61:ab:3e:
95:07:02:55:e3:3e:71:ed:70:a0:5c:05:ce:e4:4a:
19:dc:b9:cc:57:18:a9:63:a6:a7:db:ed:6c:ec:1a:
7e:11:82:15:a0:89:5f:6e:d6:0b:b9:30:9b:2b:df:
de:6e:b9:1b:50:3d:6a:02:f5:65:0b:d4:da:27:d4:
4f:50:c9:e8:e1:21:1d:57:fe:fd:a8:23:ca:c8:7f:
45:7e:4c:12:63:06:18:b9:2c:24:25:5c:b5:ab:ac:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DC:DB:B5:02:A3:6C:ED:A9:81:CD:93:B3:F3:74:A1:55:58:56:03
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StzbtQKjbO2pgc2Ts_N0oVVYVgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c6:6800::/47
2a0e:b107:27ac::/48
2a0e:b107:27c7::/48
Signature Algorithm: sha256WithRSAEncryption
4a:51:12:6f:f0:43:db:f1:f5:c3:54:96:4f:e9:be:65:94:66:
9d:f6:70:29:c3:43:c2:4c:27:ae:d7:a1:b1:49:37:4e:a8:df:
d5:10:ee:49:dd:07:b2:b7:2e:4b:3e:8b:31:5b:86:99:1d:54:
95:f3:84:a5:d1:f4:14:22:75:eb:bf:d6:f6:29:8f:52:c1:78:
dc:3c:f1:be:f2:47:1a:88:79:9e:a8:76:df:94:2d:35:b3:a5:
89:28:2f:fe:39:d9:6d:fc:5d:5e:d6:12:ed:c6:fe:8b:20:80:
1e:e0:7e:15:6c:47:bb:f5:f2:cd:79:d3:77:ab:c9:ad:9d:93:
b5:df:36:7c:ce:4a:5b:1e:47:5e:05:8d:04:03:c9:1c:eb:70:
6a:3f:e2:21:46:5e:6b:d1:0b:50:dc:3f:0d:48:86:9d:2c:fd:
cb:58:e9:45:01:3b:ef:49:fe:3e:af:b3:22:da:6e:39:83:d3:
ac:9a:55:ac:5b:64:af:41:35:44:60:4b:2f:ab:db:a9:04:a0:
36:2f:0d:e3:37:e9:e3:87:cd:10:68:33:7c:6a:21:99:fe:ed:
c2:1d:1a:26:da:e4:e2:af:42:b1:3c:85:1a:6f:98:7b:b7:86:
ff:6c:dc:71:55:8b:40:69:68:5d:1d:e5:c9:46:90:4f:91:75:
b8:45:87:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYq89NpLk5Z5eDwGlXZHMvGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTIyMTI1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRjZGJiNTAyYTM2Y2VkYTk4MWNkOTNiM2YzNzRhMTU1NTg1NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9Z2PhAcEBBUnSlHqhSe+3B5Yba8
YOiWQ8AWAq/+tXgiqWjWp8twsdOuUrk0oaJ4g9regEdjHo4LdLkv4REfEIKKU3Eo
nfh+U14WoV6Qh0f1ExBt3pmYevZgyIK4E7D1AfakspIBdCq11j54F/gGSEezDool
cXGXGfXmLaxwj4m6KAgTLSdw3MxZfw167ipV+vxt8HqIJydbcf6Fk2nWxjFhqz6V
BwJV4z5x7XCgXAXO5EoZ3LnMVxipY6an2+1s7Bp+EYIVoIlfbtYLuTCbK9/ebrkb
UD1qAvVlC9TaJ9RPUMno4SEdV/79qCPKyH9FfkwSYwYYuSwkJVy1q6yKSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFErc27UCo2ztqYHNk7PzdKFVWFYDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU3R6YnRRS2piTzJwZ2MyVHNfTjBvVlZZVmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XxmgA
AwcAKg6xByesAwcAKg6xByfHMA0GCSqGSIb3DQEBCwUAA4IBAQBKURJv8EPb8fXD
VJZP6b5llGad9nApw0PCTCeu16GxSTdOqN/VEO5J3Qeyty5LPosxW4aZHVSV84Sl
0fQUInXrv9b2KY9SwXjcPPG+8kcaiHmeqHbflC01s6WJKC/+Odlt/F1e1hLtxv6L
IIAe4H4VbEe79fLNedN3q8mtnZO13zZ8zkpbHkdeBY0EA8kc63BqP+IhRl5r0QtQ
3D8NSIadLP3LWOlFATvvSf4+r7Mi2m45g9OsmlWsW2SvQTVEYEsvq9upBKA2Lw3j
N+njh80QaDN8aiGZ/u3CHRom2uTir0KxPIUab5h7t4b/bNxxVYtAaWhdHeXJRpBP
kXW4RYdB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org