Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VTgEx7tBCFBR-7t50RayOvxL4Xo.roa
File: VTgEx7tBCFBR-7t50RayOvxL4Xo.roa (raw, json)
Hash identifier: 1CpBEUpqhOLifxLOg+f0LIS8nSLXfZR5kbTu32yeKuw=
Subject key identifier: 55:38:04:C7:BB:41:08:50:51:FB:BB:79:D1:16:B2:3A:FC:4B:E1:7A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E8065A1580C11EE0DF004BDC93DB58
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VTgEx7tBCFBR-7t50RayOvxL4Xo.roa
Signing time: Mon 02 Jan 2023 05:15:32 +0000
ROA not before: Mon 02 Jan 2023 05:15:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211522
IP address blocks: 2a10:cc44:202::/48 maxlen: 48
2a10:cc44:203::/48 maxlen: 48
2a10:cc46:111::/48 maxlen: 48
2a10:cc44:201::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Mar 2023 21:29:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:06:5a:15:80:c1:1e:e0:df:00:4b:dc:93:db:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=553804c7bb41085051fbbb79d116b23afc4be17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b1:d3:09:c8:18:2d:dd:4b:05:e3:c1:d2:2a:
ef:0f:43:ac:e6:15:e1:26:b2:60:fc:53:f7:b4:d5:
25:14:0a:53:f6:7d:e7:fc:bb:89:59:19:9e:ff:89:
d2:b5:2b:35:c9:89:c3:ba:17:f7:7f:47:3d:2d:61:
69:84:e2:6b:b6:40:32:a2:b0:77:65:d2:86:84:25:
87:da:08:52:52:35:d4:8f:74:bd:f8:dc:28:a6:7f:
78:e0:12:44:9d:b2:21:31:35:93:6e:46:92:93:72:
dd:a1:5e:22:fe:4b:43:b1:7f:ad:cc:c7:d1:08:d8:
a9:a4:75:51:98:4b:ca:af:88:84:f7:24:74:2e:31:
7c:28:ce:52:52:5c:bc:ec:4a:57:fb:f0:b2:af:0f:
3b:98:24:fb:bf:f9:16:f5:26:5c:f1:14:43:f1:b8:
8c:77:27:05:52:09:f0:2a:04:c7:7a:85:41:ea:c9:
b7:3b:51:b8:a1:ea:e4:80:39:b0:f7:d9:e3:d6:0a:
49:51:7c:4c:9a:eb:d9:5d:ca:58:3c:f5:7c:89:88:
de:8c:2b:46:11:b8:be:2a:bc:97:c5:fe:17:3f:07:
5c:d9:29:85:17:92:f9:95:6f:69:9e:bc:3a:b2:88:
44:29:38:ae:f3:a6:ed:fe:05:25:27:04:08:10:f8:
fe:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:38:04:C7:BB:41:08:50:51:FB:BB:79:D1:16:B2:3A:FC:4B:E1:7A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VTgEx7tBCFBR-7t50RayOvxL4Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc44:201::-2a10:cc44:203:ffff:ffff:ffff:ffff:ffff
2a10:cc46:111::/48
Signature Algorithm: sha256WithRSAEncryption
1d:75:48:bc:aa:8a:52:0a:c5:5d:39:8f:07:f9:05:0a:ad:70:
a5:f3:cb:12:94:5c:45:9f:fc:db:30:78:16:a9:c0:8f:97:65:
5f:17:1e:97:bc:f5:ac:6f:2e:30:59:9e:0e:9e:3f:71:a0:f8:
54:f5:5c:85:7e:59:65:e5:07:72:2b:cd:1d:d8:19:2f:b1:16:
4c:d5:4e:b9:47:c3:93:29:89:ac:a3:48:be:47:58:05:ba:d9:
e0:33:e2:eb:95:fe:41:91:c8:ea:43:27:09:01:59:38:1b:94:
53:58:a7:30:1c:0f:92:d8:77:0c:88:f8:04:95:4d:1b:04:3b:
e0:21:fe:29:81:8d:14:16:bc:22:8e:fb:13:e7:25:87:13:08:
3c:1d:87:7e:69:76:89:7b:09:19:51:9a:11:fe:41:ed:35:ab:
4e:13:d2:2a:2a:f8:6e:52:04:48:49:8a:a9:27:20:1e:46:f0:
a6:a1:b8:4c:3d:c2:15:d7:d7:46:3e:61:d4:24:db:f5:32:3e:
f6:74:97:d1:ac:52:96:14:85:08:07:78:29:f8:53:a7:eb:2e:
f1:f6:50:18:51:6d:9b:37:e3:0f:94:6a:29:b2:0e:83:1e:c7:
ba:4b:12:a8:b8:d2:bb:a0:00:17:1d:e9:20:82:0b:95:62:84:
b4:f0:f9:a0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVw6AZaFYDBHuDfAEvck9tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM4MDRjN2JiNDEwODUwNTFmYmJiNzlkMTE2YjIzYWZjNGJlMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLHTCcgYLd1LBePB0irvD0Os5hXh
JrJg/FP3tNUlFApT9n3n/LuJWRme/4nStSs1yYnDuhf3f0c9LWFphOJrtkAyorB3
ZdKGhCWH2ghSUjXUj3S9+Nwopn944BJEnbIhMTWTbkaSk3LdoV4i/ktDsX+tzMfR
CNippHVRmEvKr4iE9yR0LjF8KM5SUly87EpX+/Cyrw87mCT7v/kW9SZc8RRD8biM
dycFUgnwKgTHeoVB6sm3O1G4oerkgDmw99nj1gpJUXxMmuvZXcpYPPV8iYjejCtG
Ebi+KryXxf4XPwdc2SmFF5L5lW9pnrw6sohEKTiu86bt/gUlJwQIEPj+IQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFU4BMe7QQhQUfu7edEWsjr8S+F6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVlRnRXg3dEJDRkJSLTd0NTBSYXlPdnhMNFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEMxE
AgEDBwIqEMxEAgADBwAqEMxGAREwDQYJKoZIhvcNAQELBQADggEBAB11SLyqilIK
xV05jwf5BQqtcKXzyxKUXEWf/NsweBapwI+XZV8XHpe89axvLjBZng6eP3Gg+FT1
XIV+WWXlB3IrzR3YGS+xFkzVTrlHw5MpiayjSL5HWAW62eAz4uuV/kGRyOpDJwkB
WTgblFNYpzAcD5LYdwyI+ASVTRsEO+Ah/imBjRQWvCKO+xPnJYcTCDwdh35pdol7
CRlRmhH+Qe01q04T0ioq+G5SBEhJiqknIB5G8KahuEw9whXX10Y+YdQk2/UyPvZ0
l9GsUpYUhQgHeCn4U6frLvH2UBhRbZs34w+UaimyDoMex7pLEqi40rugABcd6SCC
C5VihLTw+aA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org