Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TcS2bPqYfC6Z2R-_qfuOs4u5byQ.roa
File: TcS2bPqYfC6Z2R-_qfuOs4u5byQ.roa (raw, json)
Hash identifier: Smz6SbYOIvQxc4rgmJARUidaljydL2cciZkywAAxY6o=
Subject key identifier: 4D:C4:B6:6C:FA:98:7C:2E:99:D9:1F:BF:A9:FB:8E:B3:8B:B9:6F:24
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425228302B501115D4A95F19CE08DC4B4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TcS2bPqYfC6Z2R-_qfuOs4u5byQ.roa
Signing time: Thu 02 Jan 2025 03:50:06 +0000
ROA not before: Thu 02 Jan 2025 03:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215131
IP address blocks: 2a10:ccc5:2a10::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 19:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:83:02:b5:01:11:5d:4a:95:f1:9c:e0:8d:c4:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc4b66cfa987c2e99d91fbfa9fb8eb38bb96f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3e:d4:12:1c:e6:9e:8a:9c:ca:62:21:82:a4:
ee:93:91:12:7e:33:60:a0:8c:c4:87:b7:41:21:5e:
15:2d:f4:86:6b:bf:57:31:b9:eb:bc:87:69:14:83:
9a:f0:3c:d4:5f:ce:19:7c:c4:a7:bd:1c:ff:50:54:
69:45:4c:4b:aa:63:6f:65:18:4b:e7:21:4b:f9:18:
34:e3:51:12:d3:aa:14:d6:13:f8:cc:ee:42:26:7b:
3b:90:e4:88:63:43:93:38:3d:e5:b2:77:44:93:0d:
57:1e:a0:47:60:e2:b4:9a:82:04:a0:70:22:90:23:
87:f8:a5:a3:ea:2d:63:f7:81:ec:16:68:46:ef:39:
bd:32:91:b3:39:14:31:ec:0c:4f:01:cc:2c:55:c2:
13:87:7c:c0:28:48:22:19:2f:a5:29:d8:5f:eb:49:
46:71:12:ae:05:33:5b:ef:7a:94:52:23:59:f3:9f:
ba:06:d6:0c:6d:50:75:1e:0a:96:e6:be:c6:3b:34:
1d:2c:e4:8a:db:ff:3e:74:25:b4:c8:2e:77:d5:50:
73:1e:62:92:80:39:d5:1c:b1:ea:52:23:96:05:bc:
94:86:9b:70:3d:59:75:90:ea:d3:df:c4:bd:3f:1c:
b9:eb:90:91:76:de:42:fb:ad:f7:53:03:18:83:e7:
ec:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C4:B6:6C:FA:98:7C:2E:99:D9:1F:BF:A9:FB:8E:B3:8B:B9:6F:24
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TcS2bPqYfC6Z2R-_qfuOs4u5byQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc5:2a10::/48
Signature Algorithm: sha256WithRSAEncryption
64:af:54:f9:07:7a:41:53:d5:cc:59:c0:b1:8d:48:72:ff:70:
6d:74:a2:f3:68:0f:51:86:dd:71:fe:f9:19:e9:15:c1:06:f9:
12:25:c2:88:e3:2a:45:b4:d4:02:20:06:4e:00:71:19:40:19:
1d:11:67:52:44:2f:64:d8:58:c7:5c:30:9b:e4:62:b9:cf:28:
17:1d:9d:c1:97:b8:08:5e:8e:9c:22:0b:9e:e6:34:e1:66:ba:
be:7b:1c:3f:1a:45:54:42:be:9c:4b:88:68:ac:1d:0f:9a:96:
46:11:f2:2a:92:75:df:f0:25:68:1c:9f:08:46:19:af:cc:d2:
82:32:d6:b4:50:5e:2d:29:c2:39:4b:8e:bf:14:e3:22:ee:13:
eb:98:63:85:16:5a:bc:cd:0e:44:3e:89:42:24:98:0f:ac:12:
b7:39:d7:ea:dd:78:f0:fe:00:cc:70:68:ad:db:73:a0:d3:22:
fd:6c:30:52:a9:2b:d7:2d:0a:9b:73:a4:c5:2e:14:a2:fa:53:
73:40:da:ee:81:e5:45:76:94:55:57:d9:4f:2a:72:8c:1e:4d:
42:a8:c3:c5:6a:41:54:8f:67:84:29:a6:31:02:5f:dd:d4:05:
b1:c8:2b:e6:93:50:08:0a:c2:fd:93:6a:7f:51:fd:7a:1f:57:
17:58:a2:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIoMCtQERXUqV8ZzgjcS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM0YjY2Y2ZhOTg3YzJlOTlkOTFmYmZhOWZiOGViMzhiYjk2ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj7UEhzmnoqcymIhgqTuk5ESfjNg
oIzEh7dBIV4VLfSGa79XMbnrvIdpFIOa8DzUX84ZfMSnvRz/UFRpRUxLqmNvZRhL
5yFL+Rg041ES06oU1hP4zO5CJns7kOSIY0OTOD3lsndEkw1XHqBHYOK0moIEoHAi
kCOH+KWj6i1j94HsFmhG7zm9MpGzORQx7AxPAcwsVcITh3zAKEgiGS+lKdhf60lG
cRKuBTNb73qUUiNZ85+6BtYMbVB1HgqW5r7GOzQdLOSK2/8+dCW0yC531VBzHmKS
gDnVHLHqUiOWBbyUhptwPVl1kOrT38S9Pxy565CRdt5C+633UwMYg+fshwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE3Etmz6mHwumdkfv6n7jrOLuW8kMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVGNTMmJQcVlmQzZaMlItX3FmdU9zNHU1YnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMxSoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBkr1T5B3pBU9XMWcCxjUhy/3BtdKLzaA9Rht1x
/vkZ6RXBBvkSJcKI4ypFtNQCIAZOAHEZQBkdEWdSRC9k2FjHXDCb5GK5zygXHZ3B
l7gIXo6cIgue5jThZrq+exw/GkVUQr6cS4horB0PmpZGEfIqknXf8CVoHJ8IRhmv
zNKCMta0UF4tKcI5S46/FOMi7hPrmGOFFlq8zQ5EPolCJJgPrBK3Odfq3Xjw/gDM
cGit23Og0yL9bDBSqSvXLQqbc6TFLhSi+lNzQNrugeVFdpRVV9lPKnKMHk1CqMPF
akFUj2eEKaYxAl/d1AWxyCvmk1AICsL9k2p/Uf16H1cXWKKU
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:46:29 2025 by rpki-client