Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Uq8JB1lH9WTV8HsegMJpvZcy_8o.roa
File: Uq8JB1lH9WTV8HsegMJpvZcy_8o.roa (raw, json)
Hash identifier: M896rkWyQmYaexzmuy1uNs6ssWdzT5on2eKuXkGnF0A=
Subject key identifier: 52:AF:09:07:59:47:F5:64:D5:F0:7B:1E:80:C2:69:BD:97:32:FF:CA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C265DF9104794FC8E7F723FA3F77A68E7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Uq8JB1lH9WTV8HsegMJpvZcy_8o.roa
Signing time: Fri 01 Dec 2023 17:12:21 +0000
ROA not before: Fri 01 Dec 2023 17:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47157
IP address blocks: 2a0e:b107:19f0::/48 maxlen: 48
2a0e:b107:19fd::/48 maxlen: 48
2a0e:b107:19fa::/48 maxlen: 48
2a0e:b107:19f2::/48 maxlen: 48
2a0e:b107:19ff::/48 maxlen: 48
2a0e:b107:19fc::/48 maxlen: 48
2a0e:b107:19f1::/48 maxlen: 48
2a0e:b107:19fe::/48 maxlen: 48
2a0e:b107:19fb::/48 maxlen: 48
2a0e:b107:19f3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:5d:f9:10:47:94:fc:8e:7f:72:3f:a3:f7:7a:68:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 17:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52af09075947f564d5f07b1e80c269bd9732ffca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:71:1f:9b:4a:e0:97:12:16:a5:46:e3:63:63:
4d:50:43:c4:40:e5:9c:29:da:e3:4f:48:d8:f1:47:
62:97:50:cb:77:0a:5c:6d:b3:f4:9e:88:b8:c2:fb:
ee:7b:25:fe:ba:03:2e:9a:38:12:40:61:ee:19:2b:
69:fe:31:eb:d2:d1:cc:90:a5:06:55:bb:03:a2:7b:
f8:3b:6d:9d:5b:b9:4c:b9:f9:11:b8:2c:06:27:9d:
22:71:39:5c:cc:50:37:69:97:03:df:a9:be:8a:8b:
7f:68:78:dc:b1:33:21:5a:1a:86:1a:cd:e4:cc:86:
95:ea:72:cd:20:a7:79:43:8d:c7:8c:cc:67:78:d0:
50:86:46:ff:aa:29:9c:5b:0c:93:bb:07:29:ed:98:
e7:57:4d:09:92:5a:05:63:96:06:44:c4:92:7f:b5:
0b:ae:4e:b2:25:6a:27:77:ac:6e:30:aa:88:2f:9d:
0e:35:32:cb:be:bf:f2:83:88:ce:cc:9e:93:71:70:
27:f1:d0:80:08:1c:4f:72:60:42:75:15:2d:eb:63:
33:29:96:fd:93:e6:ba:20:2f:25:68:fc:36:c4:c4:
37:6f:ec:0d:11:1c:b9:2d:c0:96:e1:7f:e7:18:52:
f8:da:61:97:bb:1c:59:01:c6:c0:1a:e4:13:bb:c3:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AF:09:07:59:47:F5:64:D5:F0:7B:1E:80:C2:69:BD:97:32:FF:CA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Uq8JB1lH9WTV8HsegMJpvZcy_8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19f0::/46
2a0e:b107:19fa::-2a0e:b107:19ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bc:e8:31:f6:ac:c0:88:c4:52:87:6d:d2:e3:b3:a1:31:09:72:
17:68:da:48:25:51:c1:76:6e:a2:1a:0d:d2:ac:59:87:ef:59:
c0:e3:4e:38:95:86:75:3c:79:17:0e:e8:30:85:d3:50:81:c6:
ac:29:50:88:65:28:ad:3c:1f:b7:03:17:3b:e8:8f:fb:80:ca:
02:b9:d2:8d:81:4a:52:74:f6:81:ae:c7:25:fd:c0:8a:fb:c1:
92:0f:a9:12:95:8c:23:b5:d1:f0:ed:ee:c1:cb:0d:4a:47:9b:
79:f8:3b:0f:4a:b8:fb:1c:a7:29:a3:14:e6:17:22:c1:83:5b:
cd:05:50:ec:f0:03:51:0c:d3:08:9d:bd:60:5f:46:32:52:9e:
44:32:5d:8e:45:5f:ad:ef:1c:77:01:86:6e:33:43:1b:67:c9:
85:7e:e4:64:4f:f0:ef:61:ca:db:2a:18:0b:45:f9:b5:43:61:
87:7e:fb:4d:18:ce:d7:f0:91:bb:34:c3:48:32:e8:5a:e5:88:
11:96:f8:7e:c9:92:43:f1:e4:7c:83:be:26:cd:51:9a:17:13:
5e:73:23:56:de:c5:68:f7:24:fc:1b:4e:0c:e6:39:d0:d0:51:
1b:45:17:55:3d:e4:8f:56:a8:35:30:9e:ba:e8:ab:bc:7d:e8:
86:42:c0:ad
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYwmXfkQR5T8jn9yP6P3emjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjAxMTcxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFmMDkwNzU5NDdmNTY0ZDVmMDdiMWU4MGMyNjliZDk3MzJmZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXEfm0rglxIWpUbjY2NNUEPEQOWc
KdrjT0jY8Udil1DLdwpcbbP0noi4wvvueyX+ugMumjgSQGHuGStp/jHr0tHMkKUG
VbsDonv4O22dW7lMufkRuCwGJ50icTlczFA3aZcD36m+iot/aHjcsTMhWhqGGs3k
zIaV6nLNIKd5Q43HjMxneNBQhkb/qimcWwyTuwcp7ZjnV00JkloFY5YGRMSSf7UL
rk6yJWond6xuMKqIL50ONTLLvr/yg4jOzJ6TcXAn8dCACBxPcmBCdRUt62MzKZb9
k+a6IC8laPw2xMQ3b+wNERy5LcCW4X/nGFL42mGXuxxZAcbAGuQTu8N2MwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFKvCQdZR/Vk1fB7HoDCab2XMv/KMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVXE4SkIxbEg5V1RWOEhzZWdNSnB2WmN5XzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwcCKg6xBxnw
MBEDBwEqDrEHGfoDBgEqDrEHGDANBgkqhkiG9w0BAQsFAAOCAQEAvOgx9qzAiMRS
h23S47OhMQlyF2jaSCVRwXZuohoN0qxZh+9ZwONOOJWGdTx5Fw7oMIXTUIHGrClQ
iGUorTwftwMXO+iP+4DKArnSjYFKUnT2ga7HJf3AivvBkg+pEpWMI7XR8O3uwcsN
Skebefg7D0q4+xynKaMU5hciwYNbzQVQ7PADUQzTCJ29YF9GMlKeRDJdjkVfre8c
dwGGbjNDG2fJhX7kZE/w72HK2yoYC0X5tUNhh377TRjO1/CRuzTDSDLoWuWIEZb4
fsmSQ/HkfIO+Js1RmhcTXnMjVt7FaPck/BtODOY50NBRG0UXVT3kj1aoNTCeuuir
vH3ohkLArQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org