Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XC4JqetHo8kt1JIRKDQt-T4pWOQ.roa
File: XC4JqetHo8kt1JIRKDQt-T4pWOQ.roa (raw, json)
Hash identifier: wK2p+j17TZr0+s65IK64EWW2QSx3CU2iCAbkucjtXJI=
Subject key identifier: 5C:2E:09:A9:EB:47:A3:C9:2D:D4:92:11:28:34:2D:F9:3E:29:58:E4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E3960BED9F312FF38927E2CDCC6372D59
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XC4JqetHo8kt1JIRKDQt-T4pWOQ.roa
Signing time: Wed 13 Mar 2024 19:53:45 +0000
ROA not before: Wed 13 Mar 2024 19:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211688
IP address blocks: 2a0e:97c0:240::/44 maxlen: 48
2a0e:97c1:110::/44 maxlen: 48
2a10:ccc0:120::/44 maxlen: 48
2a10:ccc0:130::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Mar 2024 20:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:60:be:d9:f3:12:ff:38:92:7e:2c:dc:c6:37:2d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 13 19:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c2e09a9eb47a3c92dd4921128342df93e2958e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2f:7b:88:46:99:6e:c1:d4:ba:70:77:38:8c:
c2:e9:07:c5:4f:7f:9d:b4:cd:10:d3:7b:1b:5f:e1:
e0:0f:69:5b:e4:0e:1f:e6:00:da:36:82:a2:94:c1:
b1:5d:21:44:f3:0f:15:75:e0:67:b3:3f:c0:36:33:
88:ab:a5:69:df:39:36:fe:ef:c4:30:cc:5c:a1:dd:
ff:2c:c7:38:b5:b0:e4:14:60:01:ef:72:90:2d:2d:
df:ce:07:ea:46:37:07:10:c8:42:85:ee:a0:8d:0f:
0c:c6:a0:b9:15:1c:4f:7c:ac:6e:ca:0b:31:4b:ff:
5d:3f:62:c9:f2:0e:35:d3:0a:7f:69:c2:7d:20:50:
2c:ea:01:45:b3:9e:b9:8b:cd:34:54:1d:a3:dd:b5:
36:81:a0:63:58:53:5a:8d:ce:4a:66:9e:f6:7f:09:
5e:1a:84:4a:05:df:8e:d5:2a:79:96:8e:4a:46:54:
90:12:aa:b6:d9:7a:5b:2e:02:15:71:87:20:e0:4a:
81:27:19:16:fd:de:c0:18:aa:9c:3b:ed:a2:08:a1:
68:42:85:79:79:03:38:1a:62:a4:c4:bc:f8:35:f8:
29:1b:4f:e7:8d:05:46:93:d1:c2:95:7d:32:e7:30:
9f:12:a8:5f:f9:80:03:a4:61:ed:81:ef:be:7c:3b:
29:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2E:09:A9:EB:47:A3:C9:2D:D4:92:11:28:34:2D:F9:3E:29:58:E4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XC4JqetHo8kt1JIRKDQt-T4pWOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:240::/44
2a0e:97c1:110::/44
2a10:ccc0:120::/43
Signature Algorithm: sha256WithRSAEncryption
4b:98:51:eb:6d:3d:84:e6:51:f5:3a:a1:ec:84:0c:28:3f:1f:
df:ce:48:fd:0d:3a:51:99:be:e3:c3:7b:0c:f8:cc:ff:e2:66:
24:00:15:72:91:a0:6b:90:b3:87:d5:c0:34:21:38:bc:66:2d:
41:07:70:a4:bf:a3:e3:2f:08:0d:dd:14:d7:9a:d8:7a:db:ea:
1b:31:bb:ee:30:eb:93:f2:34:72:55:7b:ef:4a:e7:87:a0:f9:
95:82:65:34:b5:29:d0:9f:a8:17:4e:20:58:dc:03:79:69:79:
ec:ea:c6:12:3b:c5:84:2b:7e:99:d2:cc:c2:b9:90:e9:87:c6:
3e:0b:ae:48:1b:1f:ec:5d:1c:31:00:eb:f8:fe:dd:76:09:1c:
d4:7b:e7:c0:55:ae:a8:67:32:03:f8:85:b2:86:c5:01:31:3e:
a5:cd:14:11:07:92:41:f7:35:92:e7:f0:73:ee:1f:63:a2:8f:
0b:bc:e0:21:b4:3d:e5:56:a2:3c:b7:17:78:7c:ca:43:a8:c9:
19:17:84:53:9c:3c:35:59:3c:1e:4b:06:bf:78:e5:b3:50:f8:
9b:72:51:4d:1e:df:53:aa:cd:69:0b:5a:9c:9a:62:32:13:16:
35:5c:2e:e6:7d:a7:16:19:09:45:0f:1c:ac:a7:2c:e0:c2:93:
ba:98:48:c9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY45YL7Z8xL/OJJ+LNzGNy1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzEzMTk1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJlMDlhOWViNDdhM2M5MmRkNDkyMTEyODM0MmRmOTNlMjk1OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki97iEaZbsHUunB3OIzC6QfFT3+d
tM0Q03sbX+HgD2lb5A4f5gDaNoKilMGxXSFE8w8VdeBnsz/ANjOIq6Vp3zk2/u/E
MMxcod3/LMc4tbDkFGAB73KQLS3fzgfqRjcHEMhChe6gjQ8MxqC5FRxPfKxuygsx
S/9dP2LJ8g410wp/acJ9IFAs6gFFs565i800VB2j3bU2gaBjWFNajc5KZp72fwle
GoRKBd+O1Sp5lo5KRlSQEqq22XpbLgIVcYcg4EqBJxkW/d7AGKqcO+2iCKFoQoV5
eQM4GmKkxLz4NfgpG0/njQVGk9HClX0y5zCfEqhf+YADpGHtge++fDspIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFwuCanrR6PJLdSSESg0Lfk+KVjkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWEM0SnFldEhvOGt0MUpJUktEUXQtVDRwV09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAJA
AwcEKg6XwQEQAwcFKhDMwAEgMA0GCSqGSIb3DQEBCwUAA4IBAQBLmFHrbT2E5lH1
OqHshAwoPx/fzkj9DTpRmb7jw3sM+Mz/4mYkABVykaBrkLOH1cA0ITi8Zi1BB3Ck
v6PjLwgN3RTXmth62+obMbvuMOuT8jRyVXvvSueHoPmVgmU0tSnQn6gXTiBY3AN5
aXns6sYSO8WEK36Z0szCuZDph8Y+C65IGx/sXRwxAOv4/t12CRzUe+fAVa6oZzID
+IWyhsUBMT6lzRQRB5JB9zWS5/Bz7h9joo8LvOAhtD3lVqI8txd4fMpDqMkZF4RT
nDw1WTweSwa/eOWzUPibclFNHt9Tqs1pC1qcmmIyExY1XC7mfacWGQlFDxyspyzg
wpO6mEjJ
-----END CERTIFICATE-----
Generated at Thu Mar 14 23:34:41 2024 by rpki-client on console-fra.rpki-client.org