Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TNvpcoQvk6zEf3pLC6p_RIpcEa8.roa
File: TNvpcoQvk6zEf3pLC6p_RIpcEa8.roa (raw, json)
Hash identifier: eeiAEssJYLPCMdRFzD+FxNE5Qdc6u3fxtmy6uIdZTfg=
Subject key identifier: 4C:DB:E9:72:84:2F:93:AC:C4:7F:7A:4B:0B:AA:7F:44:8A:5C:11:AF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7EFEBA11E306ACB685D0B7B118230
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TNvpcoQvk6zEf3pLC6p_RIpcEa8.roa
Signing time: Mon 02 Jan 2023 05:15:26 +0000
ROA not before: Mon 02 Jan 2023 05:15:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210659
IP address blocks: 2a0e:97c0:560::/44 maxlen: 48
2a10:cc40:130::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 31 Jan 2023 23:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:ef:eb:a1:1e:30:6a:cb:68:5d:0b:7b:11:82:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cdbe972842f93acc47f7a4b0baa7f448a5c11af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:08:a6:72:6c:c1:b1:5a:39:d0:64:9e:e9:6a:
b9:ff:36:96:1b:c6:fd:9b:dd:b6:24:78:47:60:73:
6f:4e:ca:3e:09:7d:e2:8f:ba:f2:e5:57:81:e3:09:
46:48:6f:35:fe:3e:c6:08:84:87:4b:26:84:13:13:
21:e4:1c:73:f9:be:c6:ed:8c:be:08:05:1f:b8:ef:
1a:ef:b9:3b:d9:0e:c5:2c:e5:a0:d2:7c:8c:1d:2c:
b2:d9:7d:82:01:e7:32:76:59:f9:f0:3b:62:55:35:
3c:a0:32:b0:38:07:c3:0e:9e:60:18:7a:8c:02:f5:
7d:ad:13:62:3c:3a:5c:d3:f6:82:9c:c2:db:84:69:
70:84:ab:19:a7:41:50:a4:a6:f4:bc:d8:6d:64:03:
ea:a0:ee:8f:f2:cf:11:7d:a9:bf:7d:7d:9c:4b:44:
47:4c:09:1e:69:7a:2f:7b:30:3b:15:83:3a:4b:07:
66:73:79:74:44:41:b3:ce:09:92:85:83:e4:9b:2d:
f6:e6:e2:c2:a8:f4:a4:a1:f1:e4:a0:f0:52:d3:5d:
10:0a:55:1f:b7:7f:a1:c1:08:25:be:80:97:f6:0f:
a1:71:64:28:ce:f0:88:13:73:ff:63:a9:b2:8c:3b:
ac:06:97:e9:3d:55:93:c5:35:f1:25:ac:c7:42:2d:
d4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DB:E9:72:84:2F:93:AC:C4:7F:7A:4B:0B:AA:7F:44:8A:5C:11:AF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TNvpcoQvk6zEf3pLC6p_RIpcEa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:560::/44
2a10:cc40:130::/44
Signature Algorithm: sha256WithRSAEncryption
93:e6:d2:81:a2:4c:99:61:b3:b9:4c:b9:c0:a9:33:5b:a7:52:
c2:e2:95:b9:4e:13:4a:a5:e0:f2:80:07:46:15:47:65:97:01:
68:87:90:cd:f9:95:f1:ac:5f:01:73:f5:ab:90:3a:b6:a4:57:
ed:e4:f1:5c:19:78:6d:a1:fa:20:bf:30:07:18:ad:a0:ba:4d:
12:1d:66:bd:cf:6a:68:9f:c6:68:fc:72:ce:bd:9c:4f:90:dd:
73:10:d1:f4:5b:9a:e5:03:4b:9b:30:3d:9e:5a:53:08:93:2e:
27:d7:d2:3b:b6:75:8a:de:7b:77:4f:79:c1:f8:c3:5a:53:2a:
97:74:6c:9d:77:35:2e:61:a8:a1:eb:16:3b:0d:10:98:a3:42:
29:7b:76:f0:ab:35:c7:59:1f:84:cb:d8:86:f2:dc:52:4c:9c:
8f:a2:d3:17:e4:11:2e:b6:fd:b7:0b:dc:f7:4d:7c:c0:15:60:
2a:85:4c:d7:9d:d0:be:79:78:05:25:73:0a:ca:e8:9d:6c:5b:
d1:38:00:6f:80:83:09:3d:44:e5:8a:8d:25:29:cd:60:8e:42:
7f:29:04:89:4e:02:2e:3f:9b:94:92:b1:0a:08:53:ba:1a:d2:
dc:4e:87:83:35:ab:cc:de:9b:7f:be:7b:28:a0:b9:f6:c5:41:
d0:3f:c4:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw5+/roR4wastoXQt7EYIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RiZTk3Mjg0MmY5M2FjYzQ3ZjdhNGIwYmFhN2Y0NDhhNWMxMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogimcmzBsVo50GSe6Wq5/zaWG8b9
m922JHhHYHNvTso+CX3ij7ry5VeB4wlGSG81/j7GCISHSyaEExMh5Bxz+b7G7Yy+
CAUfuO8a77k72Q7FLOWg0nyMHSyy2X2CAecydln58DtiVTU8oDKwOAfDDp5gGHqM
AvV9rRNiPDpc0/aCnMLbhGlwhKsZp0FQpKb0vNhtZAPqoO6P8s8Rfam/fX2cS0RH
TAkeaXovezA7FYM6Swdmc3l0REGzzgmShYPkmy325uLCqPSkofHkoPBS010QClUf
t3+hwQglvoCX9g+hcWQozvCIE3P/Y6myjDusBpfpPVWTxTXxJazHQi3UzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEzb6XKEL5OsxH96Swuqf0SKXBGvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVE52cGNvUXZrNnpFZjNwTEM2cF9SSXBjRWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAVg
AwcEKhDMQAEwMA0GCSqGSIb3DQEBCwUAA4IBAQCT5tKBokyZYbO5TLnAqTNbp1LC
4pW5ThNKpeDygAdGFUdllwFoh5DN+ZXxrF8Bc/WrkDq2pFft5PFcGXhtofogvzAH
GK2guk0SHWa9z2pon8Zo/HLOvZxPkN1zENH0W5rlA0ubMD2eWlMIky4n19I7tnWK
3nt3T3nB+MNaUyqXdGyddzUuYaih6xY7DRCYo0Ipe3bwqzXHWR+Ey9iG8txSTJyP
otMX5BEutv23C9z3TXzAFWAqhUzXndC+eXgFJXMKyuidbFvROABvgIMJPUTlio0l
Kc1gjkJ/KQSJTgIuP5uUkrEKCFO6GtLcToeDNavM3pt/vnsooLn2xUHQP8RU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org