Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VwmXBYKeY7f4al1xbGPb70KSGP8.roa
File: VwmXBYKeY7f4al1xbGPb70KSGP8.roa (raw, json)
Hash identifier: lswET2moYpdNYwe0LWvpBDsj7ju90NRILKzaqf8P3/8=
Subject key identifier: 57:09:97:05:82:9E:63:B7:F8:6A:5D:71:6C:63:DB:EF:42:92:18:FF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AFE6A99B6BBD1B4A250F9472481F5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VwmXBYKeY7f4al1xbGPb70KSGP8.roa
Signing time: Tue 24 Jan 2023 16:09:52 +0000
ROA not before: Tue 24 Jan 2023 16:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212121
IP address blocks: 2a0e:b107:1130::/48 maxlen: 48
2a0e:b107:1130::/44 maxlen: 48
2a0e:b107:1132::/48 maxlen: 48
2a0e:b107:1131::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 Mar 2023 23:44:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:fe:6a:99:b6:bb:d1:b4:a2:50:f9:47:24:81:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57099705829e63b7f86a5d716c63dbef429218ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:74:95:56:47:e4:17:4c:7e:11:b9:4c:a9:17:
8c:f1:bf:fd:e5:33:d2:9e:12:67:b5:ae:a6:61:f7:
a4:04:50:84:ab:bf:b3:1d:9d:f9:bb:06:d9:54:5d:
8b:9f:e4:ef:88:6b:bf:70:26:5c:ad:a8:18:f5:63:
89:9d:62:7a:77:f1:b1:b5:d5:bd:4c:99:5c:fe:c3:
2e:ce:4a:6f:f9:46:b0:45:43:ef:eb:50:af:47:4f:
b4:5a:50:2f:74:2b:c5:75:9a:b5:2b:1c:5d:df:90:
2e:48:80:4a:09:50:ba:a8:d1:4d:5a:2a:b0:9d:cd:
e3:0a:c5:2e:47:ec:45:58:74:28:bf:12:23:50:38:
88:1c:8c:3f:4b:69:84:be:f8:4c:d6:57:4e:54:99:
27:48:48:17:6d:48:ce:05:fb:fa:35:1b:fd:66:d5:
13:98:c7:42:cd:e3:32:5e:40:46:51:29:39:06:ca:
4e:33:68:3d:09:78:69:e1:0a:b0:56:ef:2b:39:3d:
a6:45:21:af:ab:98:dc:43:fd:96:d2:d6:5f:c9:f4:
9b:24:98:c9:ef:8b:97:be:d6:bb:a7:12:84:b5:8a:
b0:21:a1:87:77:43:4b:72:a7:c0:5b:bc:3c:19:65:
e5:bb:f1:b4:32:64:f0:84:09:ce:73:36:fa:a2:45:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:09:97:05:82:9E:63:B7:F8:6A:5D:71:6C:63:DB:EF:42:92:18:FF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VwmXBYKeY7f4al1xbGPb70KSGP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1130::/44
Signature Algorithm: sha256WithRSAEncryption
07:9e:71:ca:41:89:e5:ce:c8:a7:da:af:09:c7:75:f1:28:82:
e5:f2:74:4a:f0:73:a1:49:60:fb:14:92:df:9d:85:0a:1c:b9:
29:39:00:03:30:1a:98:0b:ff:a3:38:7b:27:66:b9:6d:91:2a:
6f:c7:c3:83:b1:a2:c6:c5:5a:9e:f7:5f:24:d6:8d:ea:e6:90:
fe:34:5a:b7:34:1a:a2:e9:39:56:3d:59:c9:16:b5:b4:59:ea:
b3:55:68:d0:3d:91:7c:da:7d:b5:2b:2d:4f:6a:71:d2:93:dd:
7b:7c:bc:dd:fc:41:8a:91:8a:b0:f2:34:a0:3a:cf:e7:50:d9:
a0:7e:3a:4f:04:12:32:85:1b:4e:7c:76:8f:6b:38:ab:8b:88:
74:10:d5:38:21:03:ab:e6:63:dd:78:4f:d6:0b:ef:b7:59:a3:
17:b4:c2:e0:44:fc:aa:aa:92:36:07:10:87:9d:01:21:df:0f:
d3:87:cb:9b:f9:24:ad:1b:95:31:d0:e2:87:e8:a3:c7:22:f0:
6d:01:26:6e:e9:7a:d5:68:d0:3a:0a:41:fa:06:69:ae:60:cb:
8d:df:aa:e3:6c:9e:dc:69:e4:bc:4f:fe:6d:d1:5a:2b:0e:c1:
d5:d1:12:90:ab:91:3f:c5:6b:c3:0c:b4:8c:52:5c:d8:f8:d2:
75:c2:4f:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiv5qmba70bSiUPlHJIH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA5OTcwNTgyOWU2M2I3Zjg2YTVkNzE2YzYzZGJlZjQyOTIxOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3SVVkfkF0x+EblMqReM8b/95TPS
nhJnta6mYfekBFCEq7+zHZ35uwbZVF2Ln+TviGu/cCZcragY9WOJnWJ6d/GxtdW9
TJlc/sMuzkpv+UawRUPv61CvR0+0WlAvdCvFdZq1Kxxd35AuSIBKCVC6qNFNWiqw
nc3jCsUuR+xFWHQovxIjUDiIHIw/S2mEvvhM1ldOVJknSEgXbUjOBfv6NRv9ZtUT
mMdCzeMyXkBGUSk5BspOM2g9CXhp4QqwVu8rOT2mRSGvq5jcQ/2W0tZfyfSbJJjJ
74uXvta7pxKEtYqwIaGHd0NLcqfAW7w8GWXlu/G0MmTwhAnOczb6okWy5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFcJlwWCnmO3+GpdcWxj2+9Ckhj/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVndtWEJZS2VZN2Y0YWwxeGJHUGI3MEtTR1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxEw
MA0GCSqGSIb3DQEBCwUAA4IBAQAHnnHKQYnlzsin2q8Jx3XxKILl8nRK8HOhSWD7
FJLfnYUKHLkpOQADMBqYC/+jOHsnZrltkSpvx8ODsaLGxVqe918k1o3q5pD+NFq3
NBqi6TlWPVnJFrW0WeqzVWjQPZF82n21Ky1PanHSk917fLzd/EGKkYqw8jSgOs/n
UNmgfjpPBBIyhRtOfHaPaziri4h0ENU4IQOr5mPdeE/WC++3WaMXtMLgRPyqqpI2
BxCHnQEh3w/Th8ub+SStG5Ux0OKH6KPHIvBtASZu6XrVaNA6CkH6BmmuYMuN36rj
bJ7caeS8T/5t0VorDsHV0RKQq5E/xWvDDLSMUlzY+NJ1wk+p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:32 2024 by rpki-client on console-fra.rpki-client.org