Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/X71aN2ljVbB68rIG_QWLOnICwc4.roa
File: X71aN2ljVbB68rIG_QWLOnICwc4.roa (raw, json)
Hash identifier: 5PYuVpcE2FNe+i+2qhs8zZlGt+SiWI5COg8c+mfK42w=
Subject key identifier: 5F:BD:5A:37:69:63:55:B0:7A:F2:B2:06:FD:05:8B:3A:72:02:C1:CE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425228F292F827EE1731EF153F3E10FDC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/X71aN2ljVbB68rIG_QWLOnICwc4.roa
Signing time: Thu 02 Jan 2025 03:50:09 +0000
ROA not before: Thu 02 Jan 2025 03:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215751
IP address blocks: 2a10:cc40:cc40::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 Jan 2025 23:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:8f:29:2f:82:7e:e1:73:1e:f1:53:f3:e1:0f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fbd5a37696355b07af2b206fd058b3a7202c1ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:c0:11:2e:c8:59:98:06:85:30:e3:e9:1a:
38:5e:57:44:7e:05:4f:72:d5:20:a9:d6:3a:90:29:
92:50:db:8f:73:28:cd:7e:d6:24:42:c4:0c:3f:ca:
a0:89:67:75:17:25:25:99:50:49:88:95:e7:c0:2e:
d0:62:68:d5:6a:b0:a9:e9:21:20:d3:62:99:52:e5:
15:65:a4:96:87:4b:d6:83:6f:c8:c2:44:0f:3d:16:
45:9e:36:a8:2c:c1:37:b1:ff:4b:e8:64:5c:13:85:
c1:40:3e:7e:2f:07:86:71:f4:b3:36:6b:3e:65:f2:
d7:1c:b3:34:23:21:5b:d3:f8:70:0c:1d:eb:b4:2f:
26:ff:13:10:9f:bf:d9:38:9d:94:ab:c8:30:0b:6f:
e9:7c:32:66:99:23:13:5a:5b:7b:35:89:d8:6f:9a:
c8:e3:60:a8:85:30:5b:87:96:d1:59:dd:58:85:ef:
90:9c:bc:52:55:1c:e5:a0:44:1e:40:53:ec:da:86:
ce:6c:85:fb:48:de:34:5c:e4:a0:d2:e6:16:d1:b0:
de:d5:b8:39:ad:55:27:80:98:42:0d:7c:62:d9:eb:
00:78:a0:b8:c9:ac:7b:16:4f:5a:b3:97:18:ff:55:
2e:a5:cd:54:1b:cc:ca:88:b5:7d:8d:4f:e6:b0:ba:
8e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BD:5A:37:69:63:55:B0:7A:F2:B2:06:FD:05:8B:3A:72:02:C1:CE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/X71aN2ljVbB68rIG_QWLOnICwc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:cc40::/44
Signature Algorithm: sha256WithRSAEncryption
3b:d3:6c:b5:4c:a8:2a:18:a3:78:d5:70:d1:d4:b5:ae:4b:ce:
d4:18:83:34:a2:3e:bc:2a:ca:21:6d:7e:2a:72:81:9b:ae:73:
34:bb:ba:47:45:8c:53:fd:06:20:9e:07:c8:b0:d0:44:d8:ee:
92:5f:4f:bf:cd:aa:b2:d7:7b:63:f9:3c:18:46:0a:6c:71:b9:
c6:a3:17:ab:1f:44:3f:ce:49:0e:dc:7e:2e:da:e1:c6:9b:c1:
35:b3:92:99:df:5f:5a:66:af:b9:77:50:3b:72:41:a0:73:32:
59:c2:62:3f:91:ab:0a:6c:00:86:7c:ae:8c:d2:6b:8c:b5:79:
79:33:56:dd:10:ef:19:3d:99:58:c3:3f:0b:b1:d2:b6:73:9b:
19:72:fa:03:cb:92:46:6c:75:c0:a9:a3:27:42:85:90:a7:ed:
c0:3f:cf:af:ea:2a:ed:9f:1c:f9:0e:57:55:66:0e:fe:7e:3f:
c3:89:8f:1f:ac:76:b1:4b:4c:15:1f:75:5e:50:3f:ca:31:1a:
07:4c:68:e0:f2:3b:c5:a8:8a:08:ae:9a:bc:14:42:34:ff:27:
19:9b:00:5c:14:26:1c:2d:07:cc:25:69:f9:c4:78:7e:4a:32:
13:b0:5d:9f:33:ba:1f:a3:30:a8:bc:ba:03:71:e9:62:57:31:
58:c7:16:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIo8pL4J+4XMe8VPz4Q/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJkNWEzNzY5NjM1NWIwN2FmMmIyMDZmZDA1OGIzYTcyMDJjMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkjAES7IWZgGhTDj6Ro4XldEfgVP
ctUgqdY6kCmSUNuPcyjNftYkQsQMP8qgiWd1FyUlmVBJiJXnwC7QYmjVarCp6SEg
02KZUuUVZaSWh0vWg2/IwkQPPRZFnjaoLME3sf9L6GRcE4XBQD5+LweGcfSzNms+
ZfLXHLM0IyFb0/hwDB3rtC8m/xMQn7/ZOJ2Uq8gwC2/pfDJmmSMTWlt7NYnYb5rI
42CohTBbh5bRWd1Yhe+QnLxSVRzloEQeQFPs2obObIX7SN40XOSg0uYW0bDe1bg5
rVUngJhCDXxi2esAeKC4yax7Fk9as5cY/1Uupc1UG8zKiLV9jU/msLqOfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF+9WjdpY1WwevKyBv0FizpyAsHOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWDcxYU4ybGpWYkI2OHJJR19RV0xPbklDd2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMQMxA
MA0GCSqGSIb3DQEBCwUAA4IBAQA702y1TKgqGKN41XDR1LWuS87UGIM0oj68Ksoh
bX4qcoGbrnM0u7pHRYxT/QYgngfIsNBE2O6SX0+/zaqy13tj+TwYRgpscbnGoxer
H0Q/zkkO3H4u2uHGm8E1s5KZ319aZq+5d1A7ckGgczJZwmI/kasKbACGfK6M0muM
tXl5M1bdEO8ZPZlYwz8LsdK2c5sZcvoDy5JGbHXAqaMnQoWQp+3AP8+v6irtnxz5
DldVZg7+fj/DiY8frHaxS0wVH3VeUD/KMRoHTGjg8jvFqIoIrpq8FEI0/ycZmwBc
FCYcLQfMJWn5xHh+SjITsF2fM7ofozCovLoDceliVzFYxxYu
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:43:27 2025 by rpki-client