Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgaGn6E-RMpsfx5lg7xMS3OtPMI.roa
File: TgaGn6E-RMpsfx5lg7xMS3OtPMI.roa (raw, json)
Hash identifier: zYR2xP1JCZ3CcrrdNOJvHF0tNxceAB7G5T3U9pZM1d8=
Subject key identifier: 4E:06:86:9F:A1:3E:44:CA:6C:7F:1E:65:83:BC:4C:4B:73:AD:3C:C2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019171AFF92CE274B7A889172876351F5123
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgaGn6E-RMpsfx5lg7xMS3OtPMI.roa
Signing time: Tue 20 Aug 2024 21:27:23 +0000
ROA not before: Tue 20 Aug 2024 21:27:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:97c0:5d0::/44 maxlen: 48
2a0e:b107:2691::/48 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 31 Aug 2024 22:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:af:f9:2c:e2:74:b7:a8:89:17:28:76:35:1f:51:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 20 21:27:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e06869fa13e44ca6c7f1e6583bc4c4b73ad3cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f9:0d:9d:b7:ca:d2:08:84:6d:e0:6c:c2:a5:
44:48:02:d7:12:c3:04:4d:42:0f:98:54:a2:8f:5f:
83:0c:3b:71:1d:11:09:62:ef:11:bd:39:59:78:c2:
e2:dc:75:8c:f5:73:01:41:21:3a:b3:ec:ee:97:0e:
8d:ca:4e:9f:ac:a7:3a:76:dc:4d:0f:d3:ed:53:59:
c1:b5:4e:52:bf:45:12:eb:ab:b3:2b:5b:5b:98:ba:
ee:fa:e4:9c:c4:8f:c8:2a:7d:d8:40:29:f0:14:13:
1f:d4:ee:b0:f4:5f:5d:7b:19:ba:24:d7:2d:d6:4d:
02:ec:50:61:a5:d7:d2:4c:a7:a0:ef:69:f1:bd:a9:
e1:c7:00:92:4e:9f:cb:1a:a0:7a:de:32:86:b3:c7:
ab:80:99:4a:3a:b5:c3:fa:14:e6:91:4d:7c:87:36:
0c:77:4b:35:81:dc:bd:f1:d1:80:97:af:45:15:fc:
f5:da:b9:28:86:57:88:fa:ab:12:95:7d:bb:b9:a7:
e3:0f:9d:6a:20:83:eb:15:e2:5e:06:4f:eb:d5:c8:
5e:03:82:a2:86:5f:b3:87:e7:a9:c9:7b:25:cd:09:
5b:c9:77:7a:ca:b8:82:c1:03:57:5a:5a:f0:49:36:
0f:84:dc:22:e8:c8:2b:f2:60:e4:41:ab:89:94:ba:
c6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:06:86:9F:A1:3E:44:CA:6C:7F:1E:65:83:BC:4C:4B:73:AD:3C:C2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TgaGn6E-RMpsfx5lg7xMS3OtPMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5d0::/44
2a0e:b107:2691::/48
2a0e:b107:278a::/48
Signature Algorithm: sha256WithRSAEncryption
6e:6a:cd:e2:3c:f7:07:67:22:f6:18:8f:c4:c9:b5:45:45:26:
94:ba:d3:b7:44:fd:9f:31:55:55:ea:d7:b8:bf:d5:1c:3a:02:
23:fb:95:ed:f3:38:51:e1:06:11:f7:40:e7:e6:7b:54:12:10:
6a:d7:de:15:82:d9:e4:e2:d3:e3:8c:c1:71:a9:10:fa:ae:f4:
0e:c0:bf:07:b9:92:86:57:c7:e8:5f:f8:63:cb:4a:f6:44:f5:
3a:45:ae:49:c4:b5:21:35:90:c5:7f:6c:81:52:11:57:e3:ce:
fc:1b:ca:ce:31:8d:ac:f4:b9:ef:f9:a2:93:03:84:75:01:4b:
e3:81:5b:e8:e3:b6:54:30:5e:89:b2:f4:a2:61:59:b5:15:c7:
b6:69:bd:a4:05:8c:eb:66:df:fa:fb:81:67:49:ce:88:fe:c0:
a3:54:10:79:22:c0:e4:40:a0:6b:5b:f7:1f:b2:40:6b:5f:b4:
ee:28:c1:6b:d6:60:4f:71:c0:f4:c6:2e:06:3a:6a:c4:5f:e3:
78:68:12:d8:71:ef:14:58:5b:71:9d:d1:cb:47:4a:6f:e8:3d:
43:49:81:10:9c:b9:15:c2:fd:6d:6f:33:a0:fe:7a:ef:4a:ed:
97:63:00:44:45:5c:89:46:43:8e:69:50:a8:92:78:94:93:7b:
25:9b:1d:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFxr/ks4nS3qIkXKHY1H1EjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODIwMjEyNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTA2ODY5ZmExM2U0NGNhNmM3ZjFlNjU4M2JjNGM0YjczYWQzY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvkNnbfK0giEbeBswqVESALXEsME
TUIPmFSij1+DDDtxHREJYu8RvTlZeMLi3HWM9XMBQSE6s+zulw6Nyk6frKc6dtxN
D9PtU1nBtU5Sv0US66uzK1tbmLru+uScxI/IKn3YQCnwFBMf1O6w9F9dexm6JNct
1k0C7FBhpdfSTKeg72nxvanhxwCSTp/LGqB63jKGs8ergJlKOrXD+hTmkU18hzYM
d0s1gdy98dGAl69FFfz12rkohleI+qsSlX27uafjD51qIIPrFeJeBk/r1cheA4Ki
hl+zh+epyXslzQlbyXd6yriCwQNXWlrwSTYPhNwi6Mgr8mDkQauJlLrG3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE4Ghp+hPkTKbH8eZYO8TEtzrTzCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVGdhR242RS1STXBzZng1bGc3eE1TM090UE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAXQ
AwcAKg6xByaRAwcAKg6xByeKMA0GCSqGSIb3DQEBCwUAA4IBAQBuas3iPPcHZyL2
GI/EybVFRSaUutO3RP2fMVVV6te4v9UcOgIj+5Xt8zhR4QYR90Dn5ntUEhBq194V
gtnk4tPjjMFxqRD6rvQOwL8HuZKGV8foX/hjy0r2RPU6Ra5JxLUhNZDFf2yBUhFX
4878G8rOMY2s9Lnv+aKTA4R1AUvjgVvo47ZUMF6JsvSiYVm1Fce2ab2kBYzrZt/6
+4FnSc6I/sCjVBB5IsDkQKBrW/cfskBrX7TuKMFr1mBPccD0xi4GOmrEX+N4aBLY
ce8UWFtxndHLR0pv6D1DSYEQnLkVwv1tbzOg/nrvSu2XYwBERVyJRkOOaVCokniU
k3slmx1E
-----END CERTIFICATE-----
Generated at Sun Sep 1 01:13:39 2024 by rpki-client on console-ams.rpki-client.org