Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VGfasLf6TyUXmLEGylFgrL75HQk.roa
File: VGfasLf6TyUXmLEGylFgrL75HQk.roa (raw, json)
Hash identifier: JcGl4lzcmxVaSmBL/bB0kh8sN8Jgi5EO6+2hZXsHsg4=
Subject key identifier: 54:67:DA:B0:B7:FA:4F:25:17:98:B1:06:CA:51:60:AC:BE:F9:1D:09
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A23AAF3B8E96559272E8D24978FD4B500
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VGfasLf6TyUXmLEGylFgrL75HQk.roa
Signing time: Wed 23 Aug 2023 18:32:00 +0000
ROA not before: Wed 23 Aug 2023 18:32:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206290
IP address blocks: 2a0e:97c0:a20::/48 maxlen: 48
2a0e:97c0:a21::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:aa:f3:b8:e9:65:59:27:2e:8d:24:97:8f:d4:b5:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 23 18:32:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5467dab0b7fa4f251798b106ca5160acbef91d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:96:68:b7:a2:53:0d:b2:65:89:2e:c7:e3:4c:
0a:0a:18:6f:5f:65:e4:e1:82:c6:0b:32:bf:64:55:
9e:b2:ad:b2:39:61:e7:49:11:bd:64:7a:5b:7f:9e:
3b:93:23:73:ff:cf:aa:1b:a3:88:4b:a4:7d:40:62:
8e:28:d7:35:bb:6c:ae:d0:9d:55:dc:b3:c4:ea:95:
6c:32:75:15:f2:f7:bf:79:c5:d3:1f:1d:0f:ee:0a:
7f:dc:43:5f:87:a6:95:92:0d:8a:ed:37:ab:10:c3:
59:2f:99:d2:8f:e1:81:86:83:00:fd:43:6e:00:fb:
f4:86:15:b3:54:06:64:fc:a3:a6:c8:90:3f:56:9a:
8b:8a:e8:e7:3e:9f:3d:12:4b:8e:ee:f2:0b:06:9b:
e0:1e:58:9f:bf:91:f8:ad:8e:7d:7d:80:09:d4:51:
41:30:76:cf:5b:e5:2f:9e:04:48:b6:99:47:a0:85:
a3:fa:06:45:e5:6d:44:42:5b:f2:01:4d:83:ce:e1:
0a:a8:13:c4:30:8e:47:a3:3b:b0:c7:aa:ef:c9:57:
94:fb:29:7f:29:1d:59:c3:2f:45:f9:9a:90:25:65:
87:e8:9c:2b:d5:fd:3b:69:08:03:5c:0a:b2:04:a8:
25:54:8f:94:ab:cb:ba:7e:75:bc:6f:c0:7e:b7:d8:
a9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:67:DA:B0:B7:FA:4F:25:17:98:B1:06:CA:51:60:AC:BE:F9:1D:09
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VGfasLf6TyUXmLEGylFgrL75HQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a20::/47
Signature Algorithm: sha256WithRSAEncryption
8a:2c:24:29:d7:52:ba:51:67:56:68:8d:c9:44:db:3c:e0:7e:
2d:91:08:6a:43:8e:79:35:a7:13:d5:89:a5:8f:29:bb:30:d5:
f8:9d:70:1d:7f:d9:1d:f5:64:b9:c3:c1:5f:b1:93:29:f9:1a:
9c:a3:4e:2d:bd:f1:92:0b:02:74:1e:ad:37:13:7e:3f:26:71:
90:4d:d0:52:d9:ff:03:81:07:74:c3:a3:40:1b:fa:cd:53:90:
f5:5f:d5:23:85:f5:9c:af:e0:e3:ea:f7:4d:39:ad:b6:92:46:
97:4e:8d:d0:76:f0:36:33:11:60:09:47:b7:3b:8c:8f:f2:2d:
d1:5e:ec:cf:c7:b3:9b:f2:bc:ea:bf:6c:4f:6b:21:d9:de:28:
52:08:df:11:9b:5b:ed:da:ac:02:fa:1d:89:d7:11:a7:34:54:
eb:62:af:94:71:53:b1:0a:ab:af:2c:6a:95:b1:f8:a5:10:58:
54:0b:05:56:ae:ba:cf:e5:eb:b2:91:46:00:91:55:e1:2d:36:
4e:69:a2:83:94:90:73:86:a7:75:8b:ad:0f:9f:30:7a:7e:f0:
66:6f:d7:01:6e:40:85:5b:37:5a:98:77:1a:c3:8a:c7:46:8d:
cc:ed:62:60:12:9b:39:71:d1:e3:ad:3f:28:f3:2a:52:76:a3:
02:73:c4:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYojqvO46WVZJy6NJJeP1LUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODIzMTgzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDY3ZGFiMGI3ZmE0ZjI1MTc5OGIxMDZjYTUxNjBhY2JlZjkxZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5Zot6JTDbJliS7H40wKChhvX2Xk
4YLGCzK/ZFWesq2yOWHnSRG9ZHpbf547kyNz/8+qG6OIS6R9QGKOKNc1u2yu0J1V
3LPE6pVsMnUV8ve/ecXTHx0P7gp/3ENfh6aVkg2K7TerEMNZL5nSj+GBhoMA/UNu
APv0hhWzVAZk/KOmyJA/VpqLiujnPp89EkuO7vILBpvgHlifv5H4rY59fYAJ1FFB
MHbPW+UvngRItplHoIWj+gZF5W1EQlvyAU2DzuEKqBPEMI5Hozuwx6rvyVeU+yl/
KR1Zwy9F+ZqQJWWH6Jwr1f07aQgDXAqyBKglVI+Uq8u6fnW8b8B+t9ipuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFRn2rC3+k8lF5ixBspRYKy++R0JMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVkdmYXNMZjZUeVVYbUxFR3lsRmdyTDc1SFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6XwAog
MA0GCSqGSIb3DQEBCwUAA4IBAQCKLCQp11K6UWdWaI3JRNs84H4tkQhqQ455NacT
1Ymljym7MNX4nXAdf9kd9WS5w8FfsZMp+Rqco04tvfGSCwJ0Hq03E34/JnGQTdBS
2f8DgQd0w6NAG/rNU5D1X9UjhfWcr+Dj6vdNOa22kkaXTo3QdvA2MxFgCUe3O4yP
8i3RXuzPx7Ob8rzqv2xPayHZ3ihSCN8Rm1vt2qwC+h2J1xGnNFTrYq+UcVOxCquv
LGqVsfilEFhUCwVWrrrP5euykUYAkVXhLTZOaaKDlJBzhqd1i60PnzB6fvBmb9cB
bkCFWzdamHcaw4rHRo3M7WJgEps5cdHjrT8o8ypSdqMCc8QO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:04 2024 by rpki-client on console-ams.rpki-client.org