Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XlEHgrrtBcbhzOLVMBnZ0MNmIxI.roa
File: XlEHgrrtBcbhzOLVMBnZ0MNmIxI.roa (raw, json)
Hash identifier: TKyZEClzGrn8eLUDIS3v3TShnFpq94VBPucGR722Nq4=
Subject key identifier: 5E:51:07:82:BA:ED:05:C6:E1:CC:E2:D5:30:19:D9:D0:C3:66:23:12
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD52BF600D5F8C37FAFDA28BE2DB38
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XlEHgrrtBcbhzOLVMBnZ0MNmIxI.roa
Signing time: Tue 02 Jan 2024 10:34:37 +0000
ROA not before: Tue 02 Jan 2024 10:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215855
IP address blocks: 2a0e:97c0:e60::/48 maxlen: 48
2a0e:97c0:e63::/48 maxlen: 48
2a0e:97c0:e61::/48 maxlen: 48
2a0e:97c0:e62::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 12 Mar 2024 20:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:52:bf:60:0d:5f:8c:37:fa:fd:a2:8b:e2:db:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e510782baed05c6e1cce2d53019d9d0c3662312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:c1:2b:cb:13:0c:76:18:12:18:80:2c:d3:
8f:d3:d4:2f:a1:51:fe:9e:01:55:f4:0c:a3:d0:c2:
a1:1c:1d:6c:19:43:a9:7f:05:f2:0b:60:09:ea:b9:
73:17:6a:4b:4e:eb:4f:24:b0:60:f6:f3:84:2b:02:
f8:6c:56:c1:91:34:bc:1b:d1:06:e1:21:a1:a3:da:
f4:00:3b:f7:1d:60:03:8c:4e:bf:1b:9c:e8:fd:da:
7b:69:82:60:8a:a0:bd:ed:dd:4e:8c:05:9d:91:09:
22:82:50:45:c7:c8:12:a1:4e:1e:96:c3:82:52:92:
9d:7e:e4:04:a5:8c:62:1b:54:15:01:91:50:0d:84:
61:93:dc:e0:5e:6e:e1:97:9d:19:dc:68:de:ea:a0:
31:46:e8:30:47:f1:2d:76:d5:7a:ea:e9:80:2b:52:
6a:74:36:3a:00:91:06:b2:1a:03:23:b6:96:82:47:
8c:b0:f2:74:8d:0e:a6:d4:6c:41:f9:13:bb:9d:0e:
c8:4b:e5:58:2f:08:80:4c:2c:ea:3d:e6:d6:19:9d:
d0:c0:3c:0a:37:9b:19:ed:60:18:3e:b5:99:7f:96:
84:b7:3a:07:2c:c7:21:a2:38:0f:9e:2c:26:48:c2:
1f:09:a9:b8:46:bc:4d:58:4f:32:53:d6:5d:9f:6d:
d7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:51:07:82:BA:ED:05:C6:E1:CC:E2:D5:30:19:D9:D0:C3:66:23:12
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XlEHgrrtBcbhzOLVMBnZ0MNmIxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:e60::/46
Signature Algorithm: sha256WithRSAEncryption
0d:ea:47:20:68:2f:63:59:0b:75:89:1b:69:e9:71:29:cb:fc:
d9:ec:96:86:dc:17:a7:0d:57:36:ce:85:df:28:b3:e9:84:68:
d6:79:cb:17:95:4f:ac:a6:99:33:bf:89:e3:2a:ec:fb:ec:c6:
a3:ea:c7:2a:58:c3:80:58:67:73:b3:07:c3:9f:a8:fd:4f:05:
1e:c6:6d:84:b3:54:87:18:75:09:66:f4:b8:c5:bb:96:e1:40:
57:16:5a:b7:15:d1:10:ca:04:d7:c9:2a:f4:b3:bf:2b:fb:4f:
5f:9a:77:ae:0d:09:af:8f:23:68:e6:4c:56:01:63:d3:ed:79:
31:98:29:66:98:f7:88:69:17:cb:16:94:48:08:06:bc:16:e9:
4d:af:80:f5:d8:ef:f3:19:fc:f1:e3:c7:a6:ba:f9:52:cc:24:
44:24:f7:34:b0:ac:99:34:cf:cc:5c:68:50:50:e4:ee:a7:cd:
8a:78:ca:4e:d5:2e:37:b5:89:c6:d6:16:bd:4a:db:c1:70:8b:
81:c6:13:11:11:69:3c:f4:dd:3e:5e:64:fa:38:00:6a:17:fc:
07:d1:7a:3b:86:af:13:6c:bc:53:ff:29:cd:5e:63:5b:ca:61:
31:47:1f:b2:8c:11:ae:05:50:ac:a5:14:38:86:ca:2f:9a:fd:
21:0b:5d:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvVK/YA1fjDf6/aKL4ts4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUxMDc4MmJhZWQwNWM2ZTFjY2UyZDUzMDE5ZDlkMGMzNjYyMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxzBK8sTDHYYEhiALNOP09QvoVH+
ngFV9Ayj0MKhHB1sGUOpfwXyC2AJ6rlzF2pLTutPJLBg9vOEKwL4bFbBkTS8G9EG
4SGho9r0ADv3HWADjE6/G5zo/dp7aYJgiqC97d1OjAWdkQkiglBFx8gSoU4elsOC
UpKdfuQEpYxiG1QVAZFQDYRhk9zgXm7hl50Z3Gje6qAxRugwR/EtdtV66umAK1Jq
dDY6AJEGshoDI7aWgkeMsPJ0jQ6m1GxB+RO7nQ7IS+VYLwiATCzqPebWGZ3QwDwK
N5sZ7WAYPrWZf5aEtzoHLMchojgPniwmSMIfCam4RrxNWE8yU9Zdn23X4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF5RB4K67QXG4czi1TAZ2dDDZiMSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWGxFSGdycnRCY2Joek9MVk1CblowTU5tSXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6XwA5g
MA0GCSqGSIb3DQEBCwUAA4IBAQAN6kcgaC9jWQt1iRtp6XEpy/zZ7JaG3BenDVc2
zoXfKLPphGjWecsXlU+sppkzv4njKuz77Maj6scqWMOAWGdzswfDn6j9TwUexm2E
s1SHGHUJZvS4xbuW4UBXFlq3FdEQygTXySr0s78r+09fmneuDQmvjyNo5kxWAWPT
7XkxmClmmPeIaRfLFpRICAa8FulNr4D12O/zGfzx48emuvlSzCREJPc0sKyZNM/M
XGhQUOTup82KeMpO1S43tYnG1ha9StvBcIuBxhMREWk89N0+XmT6OABqF/wH0Xo7
hq8TbLxT/ynNXmNbymExRx+yjBGuBVCspRQ4hsovmv0hC10H
-----END CERTIFICATE-----
Generated at Tue Mar 12 21:47:28 2024 by rpki-client on console-fra.rpki-client.org