Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TDzCcLYYHQOqfDPBt-xetCUXdxA.roa
File: TDzCcLYYHQOqfDPBt-xetCUXdxA.roa (raw, json)
Hash identifier: 1yk/nGyjjvQzz+7D02W1C19lktmWkitmeSyXyqO2hwA=
Subject key identifier: 4C:3C:C2:70:B6:18:1D:03:AA:7C:33:C1:B7:EC:5E:B4:25:17:77:10
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A6679BB420EF8CA90A470C9B1639387ED
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TDzCcLYYHQOqfDPBt-xetCUXdxA.roa
Signing time: Tue 05 Sep 2023 17:52:48 +0000
ROA not before: Tue 05 Sep 2023 17:52:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199918
IP address blocks: 2a0e:97c0:880::/48 maxlen: 48
2a0e:97c0:884::/48 maxlen: 48
2a0e:97c0:88a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:79:bb:42:0e:f8:ca:90:a4:70:c9:b1:63:93:87:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 5 17:52:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c3cc270b6181d03aa7c33c1b7ec5eb425177710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cc:26:7a:45:e8:64:89:4a:7d:b3:6a:aa:8a:
be:4d:11:79:f2:76:d8:a9:f2:c2:7c:a2:69:fd:63:
d8:8b:91:9d:3f:bf:87:f1:16:b7:09:06:7b:a5:1b:
29:db:6d:42:89:d3:9a:30:46:53:62:55:aa:21:19:
86:c8:6c:2d:c8:b7:2f:40:e4:93:9a:74:e8:c3:5a:
86:2f:14:d1:7e:c6:46:ea:5d:d3:57:83:75:a0:c1:
86:66:fe:14:f5:d2:8f:95:60:6b:14:d8:24:e3:7c:
cd:88:6f:eb:ed:d6:cb:20:bb:0f:49:44:41:1b:84:
79:47:d8:66:cb:b2:d3:cf:e6:71:1d:ea:53:a2:20:
7d:54:02:53:30:db:c0:5e:e2:dc:66:90:7e:d4:cd:
e3:8d:80:fe:77:8a:f6:e3:2e:78:76:1e:4b:02:0d:
65:76:93:39:20:4d:de:64:fb:f1:03:af:aa:3e:8d:
2a:6a:9e:dc:98:14:bb:4d:2e:6c:56:09:af:ee:bc:
25:68:1e:c5:11:b2:29:fc:ae:1d:c7:47:0f:04:43:
aa:92:3c:f8:4f:e9:69:32:a5:73:67:5c:9c:e9:ad:
96:34:f4:2f:47:80:17:a5:c0:24:39:fd:55:35:ad:
06:90:d5:70:e5:b8:33:64:51:8e:8a:79:33:6b:0f:
e4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3C:C2:70:B6:18:1D:03:AA:7C:33:C1:B7:EC:5E:B4:25:17:77:10
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TDzCcLYYHQOqfDPBt-xetCUXdxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:880::/48
2a0e:97c0:884::/48
2a0e:97c0:88a::/48
Signature Algorithm: sha256WithRSAEncryption
4a:f8:9d:e9:7b:20:84:a8:23:7d:82:4a:5d:0e:c8:69:81:f1:
f2:ef:ca:e8:a1:48:87:3c:29:63:68:1f:a9:53:cf:de:b3:88:
48:2c:09:0a:fe:7c:f6:8a:27:50:b5:64:b2:53:96:d9:0c:47:
38:e7:5a:55:8c:f2:4a:88:bf:5d:14:ef:41:62:cf:ef:5c:86:
a5:12:53:10:87:3e:59:9e:db:5a:8c:16:6b:9f:46:93:15:d6:
30:cf:46:c9:f2:e0:09:cc:a5:d0:cf:ce:5b:9b:ae:a8:5f:55:
d5:90:f3:9e:ce:e4:ef:72:0c:9c:a9:00:9d:d5:d5:c8:36:34:
8b:94:c3:27:05:c2:7f:39:93:a5:53:ca:13:b2:e1:a6:8b:29:
83:0a:45:9c:6d:1b:52:f1:2b:07:0c:7f:65:27:17:fa:7c:d4:
b8:ce:7f:e6:76:a6:e2:c0:c5:78:54:01:31:3c:32:24:0e:93:
46:95:de:1f:93:69:0d:85:2a:9e:47:f4:da:37:f3:f7:4f:4b:
d6:6c:a7:53:40:38:98:e2:1a:a8:8d:40:60:a4:01:7f:a7:eb:
36:eb:09:1a:4b:cf:ec:76:e5:2b:82:b0:99:ec:32:c6:34:33:
43:c3:af:a6:d5:74:54:46:91:84:36:6e:61:0f:89:5c:26:a8:
90:5c:64:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpmebtCDvjKkKRwybFjk4ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTA1MTc1MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNjYzI3MGI2MTgxZDAzYWE3YzMzYzFiN2VjNWViNDI1MTc3NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcwmekXoZIlKfbNqqoq+TRF58nbY
qfLCfKJp/WPYi5GdP7+H8Ra3CQZ7pRsp221CidOaMEZTYlWqIRmGyGwtyLcvQOST
mnTow1qGLxTRfsZG6l3TV4N1oMGGZv4U9dKPlWBrFNgk43zNiG/r7dbLILsPSURB
G4R5R9hmy7LTz+ZxHepToiB9VAJTMNvAXuLcZpB+1M3jjYD+d4r24y54dh5LAg1l
dpM5IE3eZPvxA6+qPo0qap7cmBS7TS5sVgmv7rwlaB7FEbIp/K4dx0cPBEOqkjz4
T+lpMqVzZ1yc6a2WNPQvR4AXpcAkOf1VNa0GkNVw5bgzZFGOinkzaw/kZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEw8wnC2GB0DqnwzwbfsXrQlF3cQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVER6Q2NMWVlIUU9xZkRQQnQteGV0Q1VYZHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAiA
AwcAKg6XwAiEAwcAKg6XwAiKMA0GCSqGSIb3DQEBCwUAA4IBAQBK+J3peyCEqCN9
gkpdDshpgfHy78rooUiHPCljaB+pU8/es4hILAkK/nz2iidQtWSyU5bZDEc451pV
jPJKiL9dFO9BYs/vXIalElMQhz5ZnttajBZrn0aTFdYwz0bJ8uAJzKXQz85bm66o
X1XVkPOezuTvcgycqQCd1dXINjSLlMMnBcJ/OZOlU8oTsuGmiymDCkWcbRtS8SsH
DH9lJxf6fNS4zn/mdqbiwMV4VAExPDIkDpNGld4fk2kNhSqeR/TaN/P3T0vWbKdT
QDiY4hqojUBgpAF/p+s26wkaS8/sduUrgrCZ7DLGNDNDw6+m1XRURpGENm5hD4lc
JqiQXGRk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org