Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBKKaxvRXlHkO8-zE4yp9sIGJvk.roa
File: TBKKaxvRXlHkO8-zE4yp9sIGJvk.roa (raw, json)
Hash identifier: XWv8c0J4K5zzpg3SAQKVwOiUc/Q+kOJg5TqSiMGF0eA=
Subject key identifier: 4C:12:8A:6B:1B:D1:5E:51:E4:3B:CF:B3:13:8C:A9:F6:C2:06:26:F9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DDBBACB91D908B0F725512BCDEE20C7CE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBKKaxvRXlHkO8-zE4yp9sIGJvk.roa
Signing time: Sat 24 Feb 2024 15:27:48 +0000
ROA not before: Sat 24 Feb 2024 15:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149476
IP address blocks: 2a10:ccc3:ccc0::/46 maxlen: 48
2a10:ccc3:ccc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Mar 2024 06:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:ba:cb:91:d9:08:b0:f7:25:51:2b:cd:ee:20:c7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 24 15:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c128a6b1bd15e51e43bcfb3138ca9f6c20626f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:27:d1:a4:5c:a0:ad:e6:2c:0e:ce:31:bf:ef:
8c:64:63:46:2c:f6:ff:f5:75:96:56:c9:18:fe:9f:
64:db:6e:5a:b1:0c:bd:c3:e3:91:fe:b9:f1:29:38:
e7:2a:1d:3b:48:cf:3d:8b:72:a6:d1:63:65:b3:c0:
ee:ed:d4:0a:0b:27:a3:aa:7c:27:c2:b7:77:ce:62:
af:cb:00:e9:4f:fc:ee:c5:bd:61:75:60:60:5b:8c:
97:f4:6e:ea:36:83:eb:65:8a:bb:0a:de:bc:88:37:
9b:ea:a5:b0:f4:e7:83:f7:82:5f:29:1c:b2:4c:31:
f0:3f:83:ca:19:6f:21:ed:44:60:1f:63:ab:3e:f9:
26:c2:a6:47:4d:3c:7b:63:85:67:d3:38:52:44:6e:
3f:d7:c6:ca:f3:ca:04:3c:c7:22:e8:04:05:bd:7c:
42:bc:97:8c:6f:8c:73:96:13:a4:fc:d9:3b:86:a7:
07:8e:4b:c6:88:b8:0c:1a:57:9c:0a:f0:41:25:fa:
38:da:e7:e1:89:8c:27:47:c6:c9:c4:19:8f:6a:36:
68:c3:f2:fd:42:6d:ef:24:84:6b:0f:de:51:57:fc:
92:ed:2b:38:3a:c7:4f:ae:9c:85:18:7b:85:66:94:
f6:dd:1b:db:c5:97:51:cb:b1:d9:bb:73:d5:7c:2c:
56:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:12:8A:6B:1B:D1:5E:51:E4:3B:CF:B3:13:8C:A9:F6:C2:06:26:F9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TBKKaxvRXlHkO8-zE4yp9sIGJvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc0::/46
2a10:ccc3:ccc6::/48
Signature Algorithm: sha256WithRSAEncryption
9f:75:83:0d:e8:9f:05:58:0e:e5:a3:fc:52:a6:ec:6d:e2:d4:
9b:89:2b:80:d4:04:6a:e2:9d:1d:e9:8f:81:dd:cb:37:62:c7:
d5:40:2d:a5:ee:b8:bb:05:48:26:c1:83:3e:2a:74:af:bf:25:
c5:99:53:ff:95:ba:d4:49:91:d2:17:10:10:ac:69:d9:ac:fa:
72:6f:3b:2e:b0:2f:4a:cb:81:4f:46:49:a7:1d:61:23:bc:fd:
3b:c1:d2:a9:fc:31:a4:e9:8e:c1:6c:ec:d6:f2:8d:58:93:a0:
c1:a8:95:1c:5e:38:0e:c5:7d:fd:94:73:60:a4:14:4d:e8:27:
7f:89:21:44:59:22:cd:6f:f5:6a:ef:92:ea:09:2f:f1:de:6a:
8b:90:1e:8e:f4:c3:72:69:c5:8d:d0:41:f9:87:7d:b7:d1:c8:
de:75:3a:d7:e5:ea:85:8c:12:28:89:3f:ba:a2:30:c9:cf:b4:
b3:58:e4:40:72:da:a9:f6:ad:e6:63:d7:15:cc:e3:a0:82:bc:
dd:f6:38:00:f6:68:d1:72:a0:50:74:b7:c2:87:f2:c0:d6:38:
5d:66:c2:7e:d1:82:09:8b:cc:64:e2:fa:4f:f3:83:82:a8:7e:
c1:df:00:c6:74:45:e3:7e:8f:f2:35:12:86:82:bb:e6:50:cd:
6a:6f:13:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3busuR2Qiw9yVRK83uIMfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjI0MTUyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzEyOGE2YjFiZDE1ZTUxZTQzYmNmYjMxMzhjYTlmNmMyMDYyNmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ifRpFygreYsDs4xv++MZGNGLPb/
9XWWVskY/p9k225asQy9w+OR/rnxKTjnKh07SM89i3Km0WNls8Du7dQKCyejqnwn
wrd3zmKvywDpT/zuxb1hdWBgW4yX9G7qNoPrZYq7Ct68iDeb6qWw9OeD94JfKRyy
TDHwP4PKGW8h7URgH2OrPvkmwqZHTTx7Y4Vn0zhSRG4/18bK88oEPMci6AQFvXxC
vJeMb4xzlhOk/Nk7hqcHjkvGiLgMGlecCvBBJfo42ufhiYwnR8bJxBmPajZow/L9
Qm3vJIRrD95RV/yS7Ss4OsdPrpyFGHuFZpT23RvbxZdRy7HZu3PVfCxWZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEwSimsb0V5R5DvPsxOMqfbCBib5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVEJLS2F4dlJYbEhrTzgtekU0eXA5c0lHSnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhDMw8zA
AwcAKhDMw8zGMA0GCSqGSIb3DQEBCwUAA4IBAQCfdYMN6J8FWA7lo/xSpuxt4tSb
iSuA1ARq4p0d6Y+B3cs3YsfVQC2l7ri7BUgmwYM+KnSvvyXFmVP/lbrUSZHSFxAQ
rGnZrPpybzsusC9Ky4FPRkmnHWEjvP07wdKp/DGk6Y7BbOzW8o1Yk6DBqJUcXjgO
xX39lHNgpBRN6Cd/iSFEWSLNb/Vq75LqCS/x3mqLkB6O9MNyacWN0EH5h3230cje
dTrX5eqFjBIoiT+6ojDJz7SzWORActqp9q3mY9cVzOOggrzd9jgA9mjRcqBQdLfC
h/LA1jhdZsJ+0YIJi8xk4vpP84OCqH7B3wDGdEXjfo/yNRKGgrvmUM1qbxMB
-----END CERTIFICATE-----
Generated at Wed Mar 6 11:26:29 2024 by rpki-client on console-ams.rpki-client.org