Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T9uGLTF4KdR9Ktfr9I_Q4d6sVGQ.roa
File: T9uGLTF4KdR9Ktfr9I_Q4d6sVGQ.roa (raw, json)
Hash identifier: Wp7xeP56fOOEuDtpUMmzqRzOmSAsC5eV9FY2Q/NILLY=
Subject key identifier: 4F:DB:86:2D:31:78:29:D4:7D:2A:D7:EB:F4:8F:D0:E1:DE:AC:54:64
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F97DAB9DF16B3FA6998563F01BF3042A3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T9uGLTF4KdR9Ktfr9I_Q4d6sVGQ.roa
Signing time: Mon 20 May 2024 21:14:05 +0000
ROA not before: Mon 20 May 2024 21:14:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212184
IP address blocks: 2a0e:b107:20b0::/48 maxlen: 48
2a10:2f00:192::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 14:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:97:da:b9:df:16:b3:fa:69:98:56:3f:01:bf:30:42:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 20 21:14:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fdb862d317829d47d2ad7ebf48fd0e1deac5464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4a:d0:e7:df:f0:43:dd:c2:ea:21:cd:ff:97:
8d:38:98:20:3b:c8:90:b7:68:6f:c0:88:4e:02:ca:
a3:8c:39:b5:24:eb:53:63:1d:9b:b0:1a:79:fe:74:
a5:71:ef:04:26:f1:4c:9a:79:37:50:ff:61:a5:8f:
a1:19:0a:14:f7:bf:96:80:55:28:0c:e5:f3:38:31:
fa:e5:c4:86:a4:3f:fa:e5:79:f5:f1:c6:30:94:f5:
14:eb:10:cc:e7:76:fa:82:77:fe:59:0d:65:36:4f:
5a:83:7f:f6:40:94:5e:71:4a:7c:9b:d1:a7:ab:8d:
3f:dc:64:49:d8:07:b4:5a:ab:92:51:70:ea:3f:b9:
e8:f6:84:14:ab:60:85:0d:e7:89:94:a2:ef:19:b1:
45:a2:6c:99:21:a3:4b:25:39:06:0c:32:59:3b:5f:
ed:77:3b:d4:77:a6:7f:ce:51:f0:9e:d7:88:4a:84:
bc:34:1c:17:ad:ee:ad:03:66:4c:8c:9c:9a:47:18:
63:62:9d:fe:96:ad:62:7e:48:04:9a:5e:ab:92:c8:
24:43:e0:e8:92:61:96:94:c0:9f:84:82:36:11:90:
64:c4:a9:57:98:c0:41:9f:da:99:97:75:dd:f6:f7:
13:6a:0c:71:3d:53:30:b7:89:fb:27:92:43:8b:41:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DB:86:2D:31:78:29:D4:7D:2A:D7:EB:F4:8F:D0:E1:DE:AC:54:64
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T9uGLTF4KdR9Ktfr9I_Q4d6sVGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:20b0::/48
2a10:2f00:192::/48
Signature Algorithm: sha256WithRSAEncryption
b1:b8:07:8d:fc:6a:3b:eb:aa:0a:c0:f7:ea:71:2e:c5:b8:de:
4f:9b:6f:43:0d:2b:4b:c2:ec:68:ee:2b:61:05:47:5a:7b:8f:
49:ec:ea:cd:49:ff:9e:33:86:b7:cb:ca:47:dd:ae:24:8a:0c:
eb:ea:23:bc:be:38:eb:7e:27:51:3c:cd:cd:02:69:7c:9a:94:
8b:8c:e4:3e:ac:35:a1:1a:4d:d9:43:8d:8e:ae:d0:f6:f3:24:
80:46:fd:94:55:b7:2e:6a:2b:65:89:77:75:d9:cd:84:0d:78:
21:76:e2:9c:f3:cf:d1:f4:95:ce:2d:96:3c:22:9c:7d:11:bb:
c4:96:c3:6b:39:46:3d:9b:b3:5c:2b:b8:40:1c:5e:1d:e8:d5:
a9:93:9b:9f:19:7c:89:14:18:2d:03:01:f4:0c:f1:30:8b:4d:
b5:d7:b6:49:00:39:d0:9b:7b:cd:33:ee:b1:06:2f:a7:2a:da:
a0:78:b1:06:92:b9:ed:40:36:9b:45:3b:6f:17:f7:88:0c:9d:
0c:e1:ad:20:d9:c5:ef:1c:e3:c3:bf:8a:19:3e:2a:19:00:09:
fd:04:27:b2:96:22:b1:55:04:2d:84:0a:66:c9:6d:0b:5b:c1:
9e:87:ff:3f:3b:11:94:ad:80:d3:89:91:cb:01:3b:2f:4c:09:
00:74:cc:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+X2rnfFrP6aZhWPwG/MEKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIwMjExNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmRiODYyZDMxNzgyOWQ0N2QyYWQ3ZWJmNDhmZDBlMWRlYWM1NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUrQ59/wQ93C6iHN/5eNOJggO8iQ
t2hvwIhOAsqjjDm1JOtTYx2bsBp5/nSlce8EJvFMmnk3UP9hpY+hGQoU97+WgFUo
DOXzODH65cSGpD/65Xn18cYwlPUU6xDM53b6gnf+WQ1lNk9ag3/2QJRecUp8m9Gn
q40/3GRJ2Ae0WquSUXDqP7no9oQUq2CFDeeJlKLvGbFFomyZIaNLJTkGDDJZO1/t
dzvUd6Z/zlHwnteISoS8NBwXre6tA2ZMjJyaRxhjYp3+lq1ifkgEml6rksgkQ+Do
kmGWlMCfhII2EZBkxKlXmMBBn9qZl3Xd9vcTagxxPVMwt4n7J5JDi0HI/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/bhi0xeCnUfSrX6/SP0OHerFRkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVDl1R0xURjRLZFI5S3RmcjlJX1E0ZDZzVkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xByCw
AwcAKhAvAAGSMA0GCSqGSIb3DQEBCwUAA4IBAQCxuAeN/Go766oKwPfqcS7FuN5P
m29DDStLwuxo7ithBUdae49J7OrNSf+eM4a3y8pH3a4kigzr6iO8vjjrfidRPM3N
Aml8mpSLjOQ+rDWhGk3ZQ42OrtD28ySARv2UVbcuaitliXd12c2EDXghduKc88/R
9JXOLZY8Ipx9EbvElsNrOUY9m7NcK7hAHF4d6NWpk5ufGXyJFBgtAwH0DPEwi021
17ZJADnQm3vNM+6xBi+nKtqgeLEGkrntQDabRTtvF/eIDJ0M4a0g2cXvHOPDv4oZ
PioZAAn9BCeyliKxVQQthApmyW0LW8Geh/8/OxGUrYDTiZHLATsvTAkAdMwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org