Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgNErY7gzkzv7wgjcdemyUPP3Tk.roa
File: TgNErY7gzkzv7wgjcdemyUPP3Tk.roa (raw, json)
Hash identifier: OEMa089YWIwOo63A+dafdfRXGz2c4N3QUybLFDpHra4=
Subject key identifier: 4E:03:44:AD:8E:E0:CE:4C:EF:EF:08:23:71:D7:A6:C9:43:CF:DD:39
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FF44A53D57C6763ADF47A306FC048985B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgNErY7gzkzv7wgjcdemyUPP3Tk.roa
Signing time: Fri 07 Jun 2024 20:01:02 +0000
ROA not before: Fri 07 Jun 2024 20:01:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:5c0::/48 maxlen: 48
2a0e:97c0:5c1::/48 maxlen: 48
2a0e:97c0:5c2::/48 maxlen: 48
2a0e:97c0:5c3::/48 maxlen: 48
2a0e:97c0:5c4::/48 maxlen: 48
2a0e:97c0:5c5::/48 maxlen: 48
2a0e:97c0:5c6::/48 maxlen: 48
2a0e:97c0:5c8::/48 maxlen: 48
2a0e:97c0:5ca::/48 maxlen: 48
2a0e:97c0:5cc::/48 maxlen: 48
2a0e:97c0:5ce::/48 maxlen: 48
2a0e:97c0:5cf::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Aug 2024 18:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f4:4a:53:d5:7c:67:63:ad:f4:7a:30:6f:c0:48:98:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 7 20:01:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e0344ad8ee0ce4cefef082371d7a6c943cfdd39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0e:2b:c1:c1:e5:ee:9f:ca:30:e1:78:59:2b:
f1:43:5a:c7:2a:9c:93:53:cf:bd:18:a9:1e:1f:2b:
94:2e:e8:5c:9a:a8:54:35:af:7d:99:3f:ef:d9:8a:
c4:6a:07:2d:af:a9:6e:ce:fc:c2:4c:c7:d6:e1:f2:
e9:cc:34:9e:af:59:92:79:41:54:f6:60:a4:60:33:
65:7a:3f:63:c6:52:a1:f8:20:55:bf:e5:7b:e4:8d:
c1:63:fc:c6:af:5a:df:97:cc:4e:bb:5e:7e:d8:f9:
21:b6:06:ac:58:5d:da:4a:74:ed:50:58:49:0c:cd:
d3:f9:7a:35:b1:73:f3:9e:6f:2c:68:28:7a:1c:84:
28:c4:91:03:3a:ed:a5:c5:ad:e9:ff:2e:de:42:f4:
bb:25:bc:00:5a:6c:1f:54:b5:6d:ef:72:2a:ef:d7:
ec:6f:de:91:0c:54:f7:1a:32:0e:82:65:eb:b2:86:
6d:11:93:d0:0e:a6:2c:c6:4d:93:3d:cd:3a:15:10:
bc:c3:7f:52:a5:62:ea:a3:91:40:88:a6:b1:67:b6:
80:9b:63:9e:cb:76:a0:26:90:f3:91:a7:eb:86:78:
f6:7a:17:c6:9f:c2:47:46:95:f1:88:70:41:e6:e3:
48:1b:84:10:06:3e:4f:28:75:44:fd:be:83:5f:8f:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:03:44:AD:8E:E0:CE:4C:EF:EF:08:23:71:D7:A6:C9:43:CF:DD:39
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgNErY7gzkzv7wgjcdemyUPP3Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
86:52:03:41:01:25:0f:c9:18:dc:62:09:40:c3:cf:b2:91:86:
e7:61:8e:a0:2e:83:cd:d1:30:d9:db:5d:d1:7a:a0:d7:c5:ff:
00:92:d8:60:28:01:3d:80:cf:3e:30:7c:84:81:af:c5:5b:e3:
4b:ca:00:4f:81:70:a9:4a:d2:4f:6a:ca:9e:1c:4f:c9:fd:a0:
a2:42:19:a2:8a:1b:b6:01:b6:89:55:cc:7a:d2:8f:50:b6:c0:
1c:98:8b:fa:70:69:01:d3:65:28:d8:07:4f:63:38:00:e4:1c:
21:93:62:49:09:ff:a7:61:0c:f9:0d:a4:35:01:61:fa:a4:0e:
d7:55:a8:61:4c:4d:7b:7f:85:86:6a:65:a5:82:26:65:28:fb:
b4:7e:4a:93:8f:6c:51:7d:6d:0e:16:a2:20:c8:c2:be:aa:f3:
56:00:fd:39:64:74:db:85:36:4e:2d:46:27:6c:90:e3:1f:87:
1e:1c:61:30:53:a1:92:46:8c:39:09:60:b4:8f:c5:11:6b:dd:
77:e7:05:54:32:5f:57:8b:ed:6f:d5:97:c1:92:f3:8b:ff:29:
91:cd:a5:04:9a:d5:6d:9b:9d:14:db:e3:29:56:ac:4a:6c:af:
b4:0d:b7:a2:c2:06:67:0d:18:18:75:7b:8d:cb:24:80:60:cf:
91:4d:be:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY/0SlPVfGdjrfR6MG/ASJhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjA3MjAwMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTAzNDRhZDhlZTBjZTRjZWZlZjA4MjM3MWQ3YTZjOTQzY2ZkZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ4rwcHl7p/KMOF4WSvxQ1rHKpyT
U8+9GKkeHyuULuhcmqhUNa99mT/v2YrEagctr6luzvzCTMfW4fLpzDSer1mSeUFU
9mCkYDNlej9jxlKh+CBVv+V75I3BY/zGr1rfl8xOu15+2PkhtgasWF3aSnTtUFhJ
DM3T+Xo1sXPznm8saCh6HIQoxJEDOu2lxa3p/y7eQvS7JbwAWmwfVLVt73Iq79fs
b96RDFT3GjIOgmXrsoZtEZPQDqYsxk2TPc06FRC8w39SpWLqo5FAiKaxZ7aAm2Oe
y3agJpDzkafrhnj2ehfGn8JHRpXxiHBB5uNIG4QQBj5PKHVE/b6DX4+arQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE4DRK2O4M5M7+8II3HXpslDz905MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVGdORXJZN2d6a3p2N3dnamNkZW15VVBQM1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCGUgNBASUPyRjcYglAw8+ykYbnYY6gLoPN0TDZ
213ReqDXxf8AkthgKAE9gM8+MHyEga/FW+NLygBPgXCpStJPasqeHE/J/aCiQhmi
ihu2AbaJVcx60o9QtsAcmIv6cGkB02Uo2AdPYzgA5Bwhk2JJCf+nYQz5DaQ1AWH6
pA7XVahhTE17f4WGamWlgiZlKPu0fkqTj2xRfW0OFqIgyMK+qvNWAP05ZHTbhTZO
LUYnbJDjH4ceHGEwU6GSRow5CWC0j8URa9135wVUMl9Xi+1v1ZfBkvOL/ymRzaUE
mtVtm50U2+MpVqxKbK+0DbeiwgZnDRgYdXuNyySAYM+RTb7D
-----END CERTIFICATE-----
Generated at Mon Aug 12 20:10:48 2024 by rpki-client on console-fra.rpki-client.org