Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQViifhWHYoax1rDRa7kPhfBZ78.roa
File: XQViifhWHYoax1rDRa7kPhfBZ78.roa (raw, json)
Hash identifier: VwVO8uGux23sYbZLOP9mfYmRpMXzOAldhjxFhV56dz8=
Subject key identifier: 5D:05:62:89:F8:56:1D:8A:1A:C7:5A:C3:45:AE:E4:3E:17:C1:67:BF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F9BB5A9E175CD1C73093F26716FDDE230
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQViifhWHYoax1rDRa7kPhfBZ78.roa
Signing time: Tue 21 May 2024 15:12:05 +0000
ROA not before: Tue 21 May 2024 15:12:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212184
IP address blocks: 2a0e:b107:20b0::/48 maxlen: 48
2a0e:b107:20b1::/48 maxlen: 48
2a10:2f00:192::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 15:10:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:b5:a9:e1:75:cd:1c:73:09:3f:26:71:6f:dd:e2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 21 15:12:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d056289f8561d8a1ac75ac345aee43e17c167bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:d5:ae:bf:83:36:f2:3c:3d:a1:08:d5:50:83:
49:b1:0d:34:37:35:07:ca:07:25:fd:d0:b1:03:80:
2f:98:a6:c6:49:82:03:c5:c0:2e:b6:2d:6e:18:8b:
b2:4d:87:c1:cd:bc:8d:5d:52:7c:21:51:1f:d0:f1:
ef:99:9f:af:38:ce:6a:92:b6:95:25:76:06:49:ba:
06:ff:1f:e5:8a:b7:d0:27:5c:d7:78:fe:da:d0:9c:
c0:36:2c:f1:4b:54:0f:ce:76:d1:cd:ab:4a:d2:b0:
fe:34:11:9a:da:02:c7:f0:2b:ab:85:90:d2:a5:bb:
41:4c:e9:85:01:0b:24:eb:54:08:27:17:74:ea:dd:
26:c8:88:cb:ab:eb:4d:90:f3:f6:21:cd:c7:c0:6b:
5b:73:95:cf:6a:3f:87:cf:9d:34:a4:fd:52:41:0b:
2c:7a:cb:1e:59:63:4f:a6:d2:4e:12:36:57:cc:fa:
cb:9f:c3:c8:b0:6b:ff:34:c8:57:6f:2d:17:58:3e:
d8:2e:c3:ad:c7:30:1a:a5:9d:57:da:8f:43:49:ad:
94:e4:49:08:0c:4a:f1:5a:92:aa:35:37:29:b1:76:
87:46:02:55:58:c6:73:59:5c:23:20:ef:01:bd:9a:
22:f4:24:c1:fb:8d:f8:63:6b:f8:e1:ac:d8:62:47:
1b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:05:62:89:F8:56:1D:8A:1A:C7:5A:C3:45:AE:E4:3E:17:C1:67:BF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XQViifhWHYoax1rDRa7kPhfBZ78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:20b0::/47
2a10:2f00:192::/48
Signature Algorithm: sha256WithRSAEncryption
a3:e0:d2:78:3b:f0:50:f2:a3:ab:a5:8f:09:57:2a:16:44:ed:
d8:92:78:21:03:ec:8a:5a:a0:48:64:b1:f2:71:ca:51:d5:82:
2e:0d:67:9d:9e:06:31:da:2a:19:b7:04:2b:a5:57:c3:90:1e:
d3:80:e7:f8:4f:e8:d7:bd:ab:37:6d:61:d6:40:2f:de:03:82:
c9:65:99:65:7b:35:3b:fc:14:d7:d3:93:b6:ab:1d:bb:9c:df:
f4:8b:6d:dc:56:8e:1d:6a:8a:49:9c:c7:4e:3c:ba:3c:d5:53:
68:7a:7c:ff:08:3f:5a:bb:f9:fc:47:95:c5:97:d9:08:90:30:
22:c6:e5:92:f2:7f:49:06:5d:53:dc:57:1e:d1:53:48:3d:31:
18:79:0b:f7:2c:50:3e:6d:38:a2:25:fd:33:08:5b:32:ad:c2:
70:49:49:46:75:7c:0a:f5:11:1d:47:ce:be:6d:e3:14:ca:aa:
4b:d4:de:59:f4:09:ae:1d:14:de:4d:a6:73:8c:b3:c5:fb:b1:
61:c0:d4:c6:c0:f1:e6:e7:3a:7b:5a:92:ad:b4:a4:c3:86:62:
34:3e:db:39:e7:ef:e6:59:53:30:09:62:3a:36:0c:0d:92:68:
47:c4:1d:a4:e8:26:07:a3:77:bb:cf:50:f7:d1:fb:d8:91:bc:
8b:0d:bc:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+btanhdc0ccwk/JnFv3eIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIxMTUxMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA1NjI4OWY4NTYxZDhhMWFjNzVhYzM0NWFlZTQzZTE3YzE2N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+tWuv4M28jw9oQjVUINJsQ00NzUH
ygcl/dCxA4AvmKbGSYIDxcAuti1uGIuyTYfBzbyNXVJ8IVEf0PHvmZ+vOM5qkraV
JXYGSboG/x/lirfQJ1zXeP7a0JzANizxS1QPznbRzatK0rD+NBGa2gLH8CurhZDS
pbtBTOmFAQsk61QIJxd06t0myIjLq+tNkPP2Ic3HwGtbc5XPaj+Hz500pP1SQQss
esseWWNPptJOEjZXzPrLn8PIsGv/NMhXby0XWD7YLsOtxzAapZ1X2o9DSa2U5EkI
DErxWpKqNTcpsXaHRgJVWMZzWVwjIO8BvZoi9CTB+434Y2v44azYYkcb5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF0FYon4Vh2KGsdaw0Wu5D4XwWe/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWFFWaWlmaFdIWW9heDFyRFJhN2tQaGZCWjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6xByCw
AwcAKhAvAAGSMA0GCSqGSIb3DQEBCwUAA4IBAQCj4NJ4O/BQ8qOrpY8JVyoWRO3Y
knghA+yKWqBIZLHyccpR1YIuDWedngYx2ioZtwQrpVfDkB7TgOf4T+jXvas3bWHW
QC/eA4LJZZllezU7/BTX05O2qx27nN/0i23cVo4daopJnMdOPLo81VNoenz/CD9a
u/n8R5XFl9kIkDAixuWS8n9JBl1T3Fce0VNIPTEYeQv3LFA+bTiiJf0zCFsyrcJw
SUlGdXwK9REdR86+beMUyqpL1N5Z9AmuHRTeTaZzjLPF+7FhwNTGwPHm5zp7WpKt
tKTDhmI0Pts55+/mWVMwCWI6NgwNkmhHxB2k6CYHo3e7z1D30fvYkbyLDbw+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:33 2024 by rpki-client on console-fra.rpki-client.org