Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XBOmua1lBZXYwrKwgR7CPY76lt0.roa
File: XBOmua1lBZXYwrKwgR7CPY76lt0.roa (raw, json)
Hash identifier: UoZCbwqGd+YajKASqAB+NYWQvKZzeH5ZB3LiIr+dbwg=
Subject key identifier: 5C:13:A6:B9:AD:65:05:95:D8:C2:B2:B0:81:1E:C2:3D:8E:FA:96:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191B830AE84BE2B6C668910EC0B8874DAF8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XBOmua1lBZXYwrKwgR7CPY76lt0.roa
Signing time: Tue 03 Sep 2024 14:01:23 +0000
ROA not before: Tue 03 Sep 2024 14:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 2a06:de06:380::/45 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 06:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:30:ae:84:be:2b:6c:66:89:10:ec:0b:88:74:da:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 3 14:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c13a6b9ad650595d8c2b2b0811ec23d8efa96dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5f:fc:fa:84:b9:96:28:7d:b1:7c:60:e9:f4:
bf:65:8c:bc:5b:84:89:f2:ac:da:d4:8e:0a:d0:ce:
8a:1c:0b:5d:76:13:b1:50:74:1c:70:89:14:39:86:
a6:7f:3e:f5:b6:f9:61:0d:e8:bc:cf:70:20:62:dc:
8e:8d:64:a2:95:e2:f5:5b:fd:41:b1:24:78:97:38:
2d:0a:b4:1d:43:02:7a:ad:a0:d2:1a:e0:1f:81:8d:
3a:13:59:97:9a:95:52:4f:be:51:c3:7e:17:57:39:
71:ef:f0:42:3a:44:a5:07:5f:e6:39:57:7c:36:67:
a9:ab:d4:7b:bd:c7:96:9d:85:1c:42:49:76:22:24:
55:2b:4f:52:98:32:4a:da:3d:1f:94:98:44:f6:3c:
1b:a4:82:91:3e:eb:1c:98:94:e3:3f:d0:c9:a3:c7:
44:c2:d3:1e:86:30:93:d2:1d:e6:ff:97:a1:b6:fd:
95:1b:8c:5e:82:67:2d:51:79:21:54:ce:8d:74:db:
29:eb:6b:4b:09:a0:98:12:78:41:3c:85:2b:ce:33:
9e:71:6e:10:75:89:e3:db:98:4e:62:99:6a:a2:59:
84:1d:a8:6d:16:5f:f3:b4:13:36:7f:59:35:73:b8:
f1:66:d0:f1:2f:61:9a:a2:61:22:bc:02:eb:c5:7e:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:13:A6:B9:AD:65:05:95:D8:C2:B2:B0:81:1E:C2:3D:8E:FA:96:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XBOmua1lBZXYwrKwgR7CPY76lt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de06:380::/45
Signature Algorithm: sha256WithRSAEncryption
83:35:1e:0b:05:95:a9:b5:e2:5b:5a:e2:b3:f5:47:2a:04:d2:
33:d1:fc:01:14:3d:b9:49:4d:5d:5d:85:26:41:3f:f9:07:d5:
54:ad:5d:d5:b1:f0:fd:5f:6e:87:20:26:20:7a:08:b1:e2:96:
dc:05:d6:50:34:1b:ca:2b:a7:24:57:b0:8c:fc:2b:52:b3:f5:
3d:36:a1:2f:2b:9a:b1:fd:ce:47:50:23:3a:d0:42:4b:ee:5e:
79:d1:d5:70:28:8b:6c:eb:0e:8c:fd:2b:27:12:20:f4:49:d7:
19:e9:46:aa:d1:7f:d7:b4:da:b5:28:14:e3:47:37:f3:19:14:
cb:bd:79:57:bf:b4:be:62:ee:c7:80:89:64:0f:ea:62:16:53:
8f:81:23:f5:32:81:19:57:26:77:cc:4f:9a:b8:48:dd:17:b5:
a4:8d:d1:e8:ca:98:14:18:89:27:14:da:15:4a:4a:c2:b1:3b:
16:c7:3f:6c:6a:06:5e:7b:80:30:e3:87:ec:13:9c:61:37:af:
57:3b:a4:f1:91:d1:87:b7:39:e9:56:e8:0d:df:28:9d:74:df:
64:74:54:5f:1f:66:6a:e3:42:fb:03:ab:10:85:fc:18:8b:e6:
fb:f0:fa:86:cd:75:96:75:19:f0:d2:70:14:47:8b:20:c6:dc:
ab:a6:87:f5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZG4MK6EvitsZokQ7AuIdNr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTAzMTQwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEzYTZiOWFkNjUwNTk1ZDhjMmIyYjA4MTFlYzIzZDhlZmE5NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV/8+oS5lih9sXxg6fS/ZYy8W4SJ
8qza1I4K0M6KHAtddhOxUHQccIkUOYamfz71tvlhDei8z3AgYtyOjWSileL1W/1B
sSR4lzgtCrQdQwJ6raDSGuAfgY06E1mXmpVST75Rw34XVzlx7/BCOkSlB1/mOVd8
Nmepq9R7vceWnYUcQkl2IiRVK09SmDJK2j0flJhE9jwbpIKRPuscmJTjP9DJo8dE
wtMehjCT0h3m/5ehtv2VG4xegmctUXkhVM6NdNsp62tLCaCYEnhBPIUrzjOecW4Q
dYnj25hOYplqolmEHahtFl/ztBM2f1k1c7jxZtDxL2GaomEivALrxX4KGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFwTprmtZQWV2MKysIEewj2O+pbdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWEJPbXVhMWxCWlhZd3JLd2dSN0NQWTc2bHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKgbeBgOA
MA0GCSqGSIb3DQEBCwUAA4IBAQCDNR4LBZWpteJbWuKz9UcqBNIz0fwBFD25SU1d
XYUmQT/5B9VUrV3VsfD9X26HICYgegix4pbcBdZQNBvKK6ckV7CM/CtSs/U9NqEv
K5qx/c5HUCM60EJL7l550dVwKIts6w6M/SsnEiD0SdcZ6Uaq0X/XtNq1KBTjRzfz
GRTLvXlXv7S+Yu7HgIlkD+piFlOPgSP1MoEZVyZ3zE+auEjdF7WkjdHoypgUGIkn
FNoVSkrCsTsWxz9sagZee4Aw44fsE5xhN69XO6TxkdGHtznpVugN3yiddN9kdFRf
H2Zq40L7A6sQhfwYi+b78PqGzXWWdRnw0nAUR4sgxtyrpof1
-----END CERTIFICATE-----
Generated at Wed Sep 11 08:26:55 2024 by rpki-client on console-fra.rpki-client.org