Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Xk_9M4VEXe7nBuIBgooWsOK05Fs.roa
File: Xk_9M4VEXe7nBuIBgooWsOK05Fs.roa (raw, json)
Hash identifier: tcU8YZ0W9/sTmvuXKfAzMZf/NdDm77aHBquP8jwayqw=
Subject key identifier: 5E:4F:FD:33:85:44:5D:EE:E7:06:E2:01:82:8A:16:B0:E2:B4:E4:5B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0190B845B6F7B1FD18C6F88873B67FC8DAFC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Xk_9M4VEXe7nBuIBgooWsOK05Fs.roa
Signing time: Mon 15 Jul 2024 21:21:34 +0000
ROA not before: Mon 15 Jul 2024 21:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200993
IP address blocks: 2a0e:97c0:5d0::/44 maxlen: 48
2a0e:97c1::/40 maxlen: 48
2a0e:b107:2691::/48 maxlen: 48
2a0e:b107:278a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 21:27:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b8:45:b6:f7:b1:fd:18:c6:f8:88:73:b6:7f:c8:da:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 15 21:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e4ffd3385445deee706e201828a16b0e2b4e45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b4:fe:59:73:c5:58:e1:6d:b2:6d:b3:6b:2b:
cb:3e:61:12:a5:73:a9:4c:2f:f9:a4:4b:27:a4:99:
48:1f:8f:ed:e9:0a:f8:b1:69:35:06:a3:10:f2:b6:
94:07:6b:d9:d7:b7:8c:cf:eb:03:45:a4:82:82:eb:
3f:f3:ef:1c:fc:87:4b:2b:90:d8:28:e3:0d:30:c6:
63:a0:84:9f:7d:fd:4d:bf:c6:a8:ce:82:83:4c:98:
04:5a:f1:e5:bb:84:79:32:a0:cd:88:de:6e:01:9e:
b1:54:5b:2b:a9:50:7f:4a:04:8e:41:aa:cc:cf:14:
5d:3b:97:9d:4d:04:c0:cc:3d:be:b8:59:48:e6:8a:
7d:e9:7b:88:84:8e:38:ad:df:a6:34:6c:61:30:ae:
0f:45:d2:12:17:18:ac:eb:53:32:66:d3:7b:04:fc:
a1:e2:c0:20:8a:05:33:b5:c0:18:02:23:f4:2d:a2:
64:66:da:6a:25:fe:c2:41:8c:b0:a7:a9:8a:57:be:
0f:c5:0d:74:4f:38:ed:ce:86:db:1d:32:93:93:4b:
ef:9d:4e:fa:64:63:ff:f8:7a:10:b7:d2:b4:29:e2:
d5:b7:9c:36:71:a6:c2:9f:71:0b:e6:ac:ee:02:ea:
1a:f2:12:24:57:71:2f:e0:56:0a:15:c9:91:b3:9c:
04:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4F:FD:33:85:44:5D:EE:E7:06:E2:01:82:8A:16:B0:E2:B4:E4:5B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Xk_9M4VEXe7nBuIBgooWsOK05Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5d0::/44
2a0e:97c1::/40
2a0e:b107:2691::/48
2a0e:b107:278a::/48
Signature Algorithm: sha256WithRSAEncryption
98:8f:f2:0d:0d:f4:5c:00:26:a4:d1:97:24:fd:c2:ad:8f:8f:
65:e1:ea:f7:9b:8e:32:53:80:89:92:af:c7:aa:c6:47:31:cf:
06:8c:22:8d:d9:4e:cf:22:b8:42:99:17:6f:0c:84:f5:94:bc:
98:2c:e5:f5:67:b1:3c:18:07:07:8c:ea:f0:68:2d:29:f0:01:
29:a6:f7:7e:cf:c6:12:dc:75:42:54:e5:92:91:9d:57:3b:50:
aa:50:5c:87:d8:e3:6f:a3:b0:ec:09:9e:04:f5:8c:eb:fd:0e:
3f:bb:1b:02:bf:bb:35:66:0a:99:a7:84:4b:45:b3:88:c1:0e:
54:a8:6c:e5:c9:44:32:74:90:95:17:c9:bd:58:e4:20:4e:40:
2c:6e:3b:4c:69:fb:ec:7d:93:02:b9:4d:52:6a:24:2f:df:8d:
e4:94:1c:4c:14:60:78:12:bd:92:8e:65:e0:1d:a5:ac:b6:2b:
e1:e1:8c:2b:9e:ad:75:0d:59:a4:db:26:9e:49:68:f3:9c:ae:
c9:b8:6a:d5:f7:d8:b2:39:85:c0:db:64:b9:18:40:b1:c5:32:
e9:10:5b:2d:62:96:7f:4a:98:6f:62:98:04:0c:e1:47:00:90:
16:97:40:bf:e5:7b:fa:e6:d7:3e:d5:9c:70:08:a6:c9:8d:47:
d3:c8:d4:14
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZC4Rbb3sf0YxviIc7Z/yNr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzE1MjEyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRmZmQzMzg1NDQ1ZGVlZTcwNmUyMDE4MjhhMTZiMGUyYjRlNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobT+WXPFWOFtsm2zayvLPmESpXOp
TC/5pEsnpJlIH4/t6Qr4sWk1BqMQ8raUB2vZ17eMz+sDRaSCgus/8+8c/IdLK5DY
KOMNMMZjoISfff1Nv8aozoKDTJgEWvHlu4R5MqDNiN5uAZ6xVFsrqVB/SgSOQarM
zxRdO5edTQTAzD2+uFlI5op96XuIhI44rd+mNGxhMK4PRdISFxis61MyZtN7BPyh
4sAgigUztcAYAiP0LaJkZtpqJf7CQYywp6mKV74PxQ10TzjtzobbHTKTk0vvnU76
ZGP/+HoQt9K0KeLVt5w2cabCn3EL5qzuAuoa8hIkV3Ev4FYKFcmRs5wEfQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF5P/TOFRF3u5wbiAYKKFrDitORbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWGtfOU00VkVYZTduQnVJQmdvb1dzT0swNUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcEKg6XwAXQ
AwYAKg6XwQADBwAqDrEHJpEDBwAqDrEHJ4owDQYJKoZIhvcNAQELBQADggEBAJiP
8g0N9FwAJqTRlyT9wq2Pj2Xh6vebjjJTgImSr8eqxkcxzwaMIo3ZTs8iuEKZF28M
hPWUvJgs5fVnsTwYBweM6vBoLSnwASmm937PxhLcdUJU5ZKRnVc7UKpQXIfY42+j
sOwJngT1jOv9Dj+7GwK/uzVmCpmnhEtFs4jBDlSobOXJRDJ0kJUXyb1Y5CBOQCxu
O0xp++x9kwK5TVJqJC/fjeSUHEwUYHgSvZKOZeAdpay2K+HhjCuerXUNWaTbJp5J
aPOcrsm4atX32LI5hcDbZLkYQLHFMukQWy1iln9KmG9imAQM4UcAkBaXQL/le/rm
1z7VnHAIpsmNR9PI1BQ=
-----END CERTIFICATE-----
Generated at Tue Aug 20 23:49:46 2024 by rpki-client on console-fra.rpki-client.org