Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/URrVvXBVAPBs_Pvq_ETi1fNdFDY.roa
File: URrVvXBVAPBs_Pvq_ETi1fNdFDY.roa (raw, json)
Hash identifier: uSnsBawomTX+hjDMxnuSGJgFgCCRqZ95A8Q453qoFvM=
Subject key identifier: 51:1A:D5:BD:70:55:00:F0:6C:FC:FB:EA:FC:44:E2:D5:F3:5D:14:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B9CC14F378C2FAA0086C82AD1FB05136C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/URrVvXBVAPBs_Pvq_ETi1fNdFDY.roa
Signing time: Sat 04 Nov 2023 23:53:16 +0000
ROA not before: Sat 04 Nov 2023 23:53:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202000
IP address blocks: 2a0e:b107:1ca0::/44 maxlen: 48
2a0e:b107:1c20::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9c:c1:4f:37:8c:2f:aa:00:86:c8:2a:d1:fb:05:13:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 4 23:53:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=511ad5bd705500f06cfcfbeafc44e2d5f35d1436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:57:b1:3b:ea:3d:ba:49:5f:1f:b4:63:e5:61:
d8:47:6e:23:a9:3d:ef:ff:f1:a9:5c:35:16:48:e7:
1b:63:87:b0:f4:3e:3a:90:0b:02:df:db:5e:47:3c:
9e:8b:68:04:f0:70:56:94:bd:0a:da:83:8d:d8:db:
c1:d1:d3:32:66:99:37:36:d4:a6:b7:12:86:e7:e1:
36:9d:ab:97:b2:fe:a9:1d:8b:c1:1d:b9:ad:d8:69:
43:4d:9f:0f:7e:3e:4b:ba:b2:12:f4:64:5e:2a:ab:
2b:27:4b:3a:25:b1:f0:78:e5:03:13:46:b6:92:47:
86:aa:48:71:46:8e:82:f9:c3:02:b2:6e:0e:0d:92:
9d:4b:71:23:a9:78:05:54:b8:ce:f5:e4:8e:e4:69:
2f:55:5a:62:e9:d0:6c:a6:2e:8e:67:94:c0:65:0a:
a9:0a:8a:d2:1a:0f:37:e8:44:45:a4:ca:79:a6:c6:
c0:af:6c:57:be:b2:db:fd:1c:78:0b:cf:f4:87:b1:
76:9e:c4:58:86:06:d2:18:f9:ea:6f:86:ac:dd:9c:
64:a6:b9:2b:fa:26:82:82:4d:8f:15:12:01:e6:00:
c9:7d:0b:cf:41:fb:55:5f:7e:e4:70:33:1e:4f:60:
67:d6:5f:6f:11:c1:b2:73:49:d2:1f:72:41:a8:cd:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1A:D5:BD:70:55:00:F0:6C:FC:FB:EA:FC:44:E2:D5:F3:5D:14:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/URrVvXBVAPBs_Pvq_ETi1fNdFDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1c20::/44
2a0e:b107:1ca0::/44
Signature Algorithm: sha256WithRSAEncryption
89:e0:0b:07:8c:81:79:44:fb:c0:16:6f:b4:ed:05:64:2e:59:
78:70:5b:75:25:ab:28:de:d6:a6:92:fd:96:37:ef:51:62:55:
aa:2f:bf:40:54:2e:f3:27:26:74:ce:a4:7f:e3:63:d3:75:d7:
02:63:86:3f:b9:02:e9:eb:94:cc:8f:76:51:3a:00:25:c4:0e:
6b:3a:ab:3c:08:e0:f2:ac:73:6e:a5:40:60:d9:34:ef:83:f1:
9d:6c:06:7b:69:c8:42:fb:4b:bd:43:29:e7:1f:db:e2:a9:a9:
2f:32:b3:1f:56:b4:f1:21:ca:5a:a4:40:57:75:58:c1:bc:e1:
df:f2:54:fd:b4:d4:2e:40:66:69:79:c5:ac:f7:29:86:d3:88:
22:82:e8:12:2e:e6:a1:9f:4e:24:4c:23:15:d9:79:62:48:6a:
51:66:08:8d:f7:69:51:cf:99:27:17:e5:3f:85:b0:3f:f9:97:
25:08:b9:88:e4:8a:c0:45:0b:3c:f1:af:ed:6f:1f:11:4d:b4:
40:a9:5f:cd:33:e4:e2:14:8d:79:7e:20:97:80:13:c3:b7:cb:
51:17:69:98:61:cf:a1:92:a7:ef:e6:56:8e:05:d1:c3:b1:13:
03:72:ef:76:df:53:31:4a:a3:ca:30:80:88:ce:63:e4:68:fa:
56:72:54:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYucwU83jC+qAIbIKtH7BRNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTA0MjM1MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFhZDViZDcwNTUwMGYwNmNmY2ZiZWFmYzQ0ZTJkNWYzNWQxNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVexO+o9uklfH7Rj5WHYR24jqT3v
//GpXDUWSOcbY4ew9D46kAsC39teRzyei2gE8HBWlL0K2oON2NvB0dMyZpk3NtSm
txKG5+E2nauXsv6pHYvBHbmt2GlDTZ8Pfj5LurIS9GReKqsrJ0s6JbHweOUDE0a2
kkeGqkhxRo6C+cMCsm4ODZKdS3EjqXgFVLjO9eSO5GkvVVpi6dBspi6OZ5TAZQqp
CorSGg836ERFpMp5psbAr2xXvrLb/Rx4C8/0h7F2nsRYhgbSGPnqb4as3Zxkprkr
+iaCgk2PFRIB5gDJfQvPQftVX37kcDMeT2Bn1l9vEcGyc0nSH3JBqM2y5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFEa1b1wVQDwbPz76vxE4tXzXRQ2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVVJyVnZYQlZBUEJzX1B2cV9FVGkxZk5kRkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBxwg
AwcEKg6xBxygMA0GCSqGSIb3DQEBCwUAA4IBAQCJ4AsHjIF5RPvAFm+07QVkLll4
cFt1Jaso3tamkv2WN+9RYlWqL79AVC7zJyZ0zqR/42PTddcCY4Y/uQLp65TMj3ZR
OgAlxA5rOqs8CODyrHNupUBg2TTvg/GdbAZ7achC+0u9QynnH9viqakvMrMfVrTx
IcpapEBXdVjBvOHf8lT9tNQuQGZpecWs9ymG04gigugSLuahn04kTCMV2XliSGpR
ZgiN92lRz5knF+U/hbA/+ZclCLmI5IrARQs88a/tbx8RTbRAqV/NM+TiFI15fiCX
gBPDt8tRF2mYYc+hkqfv5laOBdHDsRMDcu9231MxSqPKMICIzmPkaPpWclTV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org