Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VM5yiWUM8boueO-RK7mB3Rj10cU.roa
File: VM5yiWUM8boueO-RK7mB3Rj10cU.roa (raw, json)
Hash identifier: X0p0HyeMmBEcaAQGYniG+zGgvKiyTMqMZLQKsjw6Q4I=
Subject key identifier: 54:CE:72:89:65:0C:F1:BA:2E:78:EF:91:2B:B9:81:DD:18:F5:D1:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD38CC814741FBEFE8A2B7CBA4EE4F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VM5yiWUM8boueO-RK7mB3Rj10cU.roa
Signing time: Tue 02 Jan 2024 10:34:30 +0000
ROA not before: Tue 02 Jan 2024 10:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211640
IP address blocks: 2a10:2f00:168::/48 maxlen: 48
2a0e:b107:ea8::/46 maxlen: 48
Validation: Failed, certificate revoked on Fri 15 Mar 2024 22:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:38:cc:81:47:41:fb:ef:e8:a2:b7:cb:a4:ee:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54ce7289650cf1ba2e78ef912bb981dd18f5d1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:ed:46:85:f7:62:be:92:34:52:c6:6b:fe:
7d:0f:14:b6:a4:db:4e:70:ec:70:e3:6f:22:04:6f:
b0:a8:2f:49:04:a9:55:14:6f:39:dc:be:4d:46:52:
ff:9f:20:3b:c6:72:13:89:6b:50:eb:b2:9d:ba:43:
b1:72:69:c9:3b:61:94:3b:80:75:d4:59:7e:5a:fd:
8b:99:49:66:53:0c:2f:7f:f2:eb:2e:40:ec:9b:7c:
65:cc:c5:76:aa:81:27:81:82:4d:82:48:8c:47:43:
9d:e8:9f:c6:22:e3:d5:b0:21:df:b0:fa:80:ff:36:
2f:4c:8a:90:cd:ba:10:95:0b:02:84:a7:c1:f5:14:
4e:1f:89:f8:8c:d0:9f:b1:dd:b7:1d:78:59:0c:4d:
bf:cf:cc:b6:a5:59:4e:d4:b5:d7:97:60:6b:5a:46:
a1:e3:00:e3:68:53:eb:92:b2:29:a9:89:85:91:76:
85:7b:69:ff:c7:c2:39:fa:5a:3b:c4:1c:57:aa:1f:
a2:5a:50:d4:db:c7:08:84:bf:87:36:ee:4e:bc:79:
6c:84:88:ca:26:21:17:78:f8:6a:1c:2b:be:cb:ed:
43:d0:12:c2:84:bc:2e:33:ac:bc:77:96:4a:7a:fd:
f2:69:e1:a3:cd:e9:23:ba:64:cb:c3:a5:70:4b:61:
19:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CE:72:89:65:0C:F1:BA:2E:78:EF:91:2B:B9:81:DD:18:F5:D1:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VM5yiWUM8boueO-RK7mB3Rj10cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ea8::/46
2a10:2f00:168::/48
Signature Algorithm: sha256WithRSAEncryption
b6:0a:4a:f5:dc:56:e0:9b:6c:8e:b0:6e:39:50:4a:c6:a5:6d:
28:d0:56:b9:40:21:fb:88:1a:a6:3c:ef:05:14:9c:0d:ea:9a:
3a:0c:58:51:f0:f9:38:09:85:1d:8c:6a:0b:7a:32:16:c3:23:
57:50:2d:9c:fd:be:4f:12:d8:b3:0a:c8:79:ff:04:06:94:b5:
9c:db:c9:3b:c2:a0:4a:86:73:7a:46:22:99:67:e9:a1:60:da:
07:63:f1:f7:44:fa:42:d0:a7:b2:2d:fb:1c:69:7d:d1:bf:ee:
a7:3e:d9:b2:f6:af:41:73:d8:68:9b:9c:d7:c0:9b:31:86:21:
41:5f:76:f9:40:72:10:97:45:cc:19:5c:2a:6b:fc:46:5c:05:
ed:d2:a7:38:8f:f4:36:e7:e6:e2:67:c8:fb:74:88:e9:18:dc:
ff:28:25:a4:a7:96:e9:71:bc:99:45:dc:d9:48:31:ae:00:97:
65:93:f3:d4:39:ed:24:e6:61:1f:21:53:be:81:45:16:de:76:
a7:31:26:cf:bb:4e:00:cf:17:cb:3b:9c:59:d0:34:d4:c8:42:
65:62:bd:b8:bd:24:b1:d4:9a:99:42:42:75:10:c7:1a:5f:22:
f5:62:b7:11:26:3a:15:3f:d7:f3:c8:85:cb:e9:b1:cb:93:75:
d7:3e:d3:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvTjMgUdB++/oorfLpO5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGNlNzI4OTY1MGNmMWJhMmU3OGVmOTEyYmI5ODFkZDE4ZjVkMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhHtRoX3Yr6SNFLGa/59DxS2pNtO
cOxw428iBG+wqC9JBKlVFG853L5NRlL/nyA7xnITiWtQ67KdukOxcmnJO2GUO4B1
1Fl+Wv2LmUlmUwwvf/LrLkDsm3xlzMV2qoEngYJNgkiMR0Od6J/GIuPVsCHfsPqA
/zYvTIqQzboQlQsChKfB9RROH4n4jNCfsd23HXhZDE2/z8y2pVlO1LXXl2BrWkah
4wDjaFPrkrIpqYmFkXaFe2n/x8I5+lo7xBxXqh+iWlDU28cIhL+HNu5OvHlshIjK
JiEXePhqHCu+y+1D0BLChLwuM6y8d5ZKev3yaeGjzekjumTLw6VwS2EZqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFTOcollDPG6LnjvkSu5gd0Y9dHFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVk01eWlXVU04Ym91ZU8tUks3bUIzUmoxMGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKg6xBw6o
AwcAKhAvAAFoMA0GCSqGSIb3DQEBCwUAA4IBAQC2Ckr13Fbgm2yOsG45UErGpW0o
0Fa5QCH7iBqmPO8FFJwN6po6DFhR8Pk4CYUdjGoLejIWwyNXUC2c/b5PEtizCsh5
/wQGlLWc28k7wqBKhnN6RiKZZ+mhYNoHY/H3RPpC0KeyLfscaX3Rv+6nPtmy9q9B
c9hom5zXwJsxhiFBX3b5QHIQl0XMGVwqa/xGXAXt0qc4j/Q25+biZ8j7dIjpGNz/
KCWkp5bpcbyZRdzZSDGuAJdlk/PUOe0k5mEfIVO+gUUW3nanMSbPu04AzxfLO5xZ
0DTUyEJlYr24vSSx1JqZQkJ1EMcaXyL1YrcRJjoVP9fzyIXL6bHLk3XXPtPh
-----END CERTIFICATE-----
Generated at Sat Mar 16 01:34:16 2024 by rpki-client on console-fra.rpki-client.org