Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-DS6piEKYtlWaSieZ0vXhtCuO0.roa
File: Y-DS6piEKYtlWaSieZ0vXhtCuO0.roa (raw, json)
Hash identifier: iUH4nuRTKeEXJomfVEtivLzV6QH8RolNFaftPBdBhNI=
Subject key identifier: 63:E0:D2:EA:98:84:29:8B:65:59:A4:A2:79:9D:2F:5E:1B:42:B8:ED
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D4D06615A8645C0D5CD5966F505A5EE98
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-DS6piEKYtlWaSieZ0vXhtCuO0.roa
Signing time: Sat 27 Jan 2024 22:24:40 +0000
ROA not before: Sat 27 Jan 2024 22:24:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215697
IP address blocks: 2a0e:97c0:ec0::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 21:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4d:06:61:5a:86:45:c0:d5:cd:59:66:f5:05:a5:ee:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 27 22:24:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63e0d2ea9884298b6559a4a2799d2f5e1b42b8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:16:8c:c0:82:5e:0c:0e:89:a7:26:a6:c0:
64:1d:57:78:fe:63:fe:39:b4:6c:92:06:52:29:b0:
14:09:a3:10:ff:8d:58:1b:80:e7:d3:11:5a:3a:c8:
a2:6d:e0:9b:3d:cf:4b:e1:bf:2b:79:97:93:ca:84:
89:7c:82:63:4b:af:d9:e8:56:cf:14:91:df:17:8b:
d7:ab:68:4a:c1:69:2c:50:d1:ad:06:18:a9:fb:06:
20:03:21:42:bd:b2:18:b1:23:85:f4:be:c2:91:2b:
8f:3d:12:1d:c2:0c:4a:6b:50:50:18:3d:6d:14:99:
57:a2:c5:d8:ae:cf:69:52:a0:27:de:df:11:fe:f2:
23:5b:a6:66:6d:fb:88:c0:e2:f7:fd:2b:bf:8e:74:
91:38:b9:c3:c1:46:46:86:a1:62:44:e7:6f:d9:f3:
8c:8c:aa:16:6d:5b:82:7f:d7:51:78:d8:51:a5:d9:
d2:dd:01:73:a8:2e:1b:5f:46:e5:e8:44:8a:2a:71:
01:5d:32:a5:24:d9:5d:79:6f:ef:c9:31:24:79:bf:
b7:fb:9f:2e:4e:6c:99:3d:95:68:13:7a:fe:fd:7e:
ba:e8:72:f5:29:8c:9d:a8:67:f3:db:0e:3c:d7:9b:
35:f0:a0:89:6c:e2:41:6c:a8:fa:2c:0e:38:98:77:
5f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E0:D2:EA:98:84:29:8B:65:59:A4:A2:79:9D:2F:5E:1B:42:B8:ED
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-DS6piEKYtlWaSieZ0vXhtCuO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
88:40:33:e9:74:18:15:5a:f5:69:f4:dc:a1:0e:28:38:92:2c:
46:ba:ff:74:ae:e7:97:84:76:68:71:e1:21:ea:b5:82:57:72:
be:ca:e5:bd:a4:84:49:ca:c4:1d:36:d8:68:da:0e:19:93:5d:
80:30:94:cb:e6:72:56:e3:c3:4f:63:a2:99:59:c3:0f:c5:0d:
57:ed:c0:62:a3:fc:f3:a3:33:a2:28:bb:78:9f:b6:ec:91:6d:
5a:ff:ce:74:a2:1f:35:d4:03:fb:89:91:ac:4d:81:25:1f:64:
c0:b7:80:94:82:44:4b:f6:4c:b9:86:8c:9f:fa:19:6a:c2:e4:
aa:d9:a7:75:9a:f4:50:64:9d:bc:7a:62:7b:90:5e:df:e5:b4:
58:13:14:db:64:98:53:28:f1:35:55:97:45:13:a4:9e:6e:4e:
e5:ae:19:e1:31:82:27:06:f1:6e:18:4a:25:c9:ec:5c:a4:75:
6c:1a:21:73:db:72:c1:0b:5d:40:23:33:b2:66:64:3d:30:a7:
a2:76:0e:be:79:54:cc:22:c4:02:e5:dd:84:95:51:fb:a0:1f:
cb:2d:5f:c3:42:55:85:76:f3:46:a5:75:ed:54:87:4d:86:40:
b9:7a:d9:27:b5:f1:4a:24:2b:b8:9d:32:0f:26:34:29:00:a7:
bb:b7:26:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1NBmFahkXA1c1ZZvUFpe6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI3MjIyNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2UwZDJlYTk4ODQyOThiNjU1OWE0YTI3OTlkMmY1ZTFiNDJiOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll4WjMCCXgwOiacmpsBkHVd4/mP+
ObRskgZSKbAUCaMQ/41YG4Dn0xFaOsiibeCbPc9L4b8reZeTyoSJfIJjS6/Z6FbP
FJHfF4vXq2hKwWksUNGtBhip+wYgAyFCvbIYsSOF9L7CkSuPPRIdwgxKa1BQGD1t
FJlXosXYrs9pUqAn3t8R/vIjW6ZmbfuIwOL3/Su/jnSROLnDwUZGhqFiROdv2fOM
jKoWbVuCf9dReNhRpdnS3QFzqC4bX0bl6ESKKnEBXTKlJNldeW/vyTEkeb+3+58u
TmyZPZVoE3r+/X666HL1KYydqGfz2w4815s18KCJbOJBbKj6LA44mHdfAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGPg0uqYhCmLZVmkonmdL14bQrjtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWS1EUzZwaUVLWXRsV2FTaWVaMHZYaHRDdU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCIQDPpdBgVWvVp9NyhDig4kixGuv90rueXhHZo
ceEh6rWCV3K+yuW9pIRJysQdNtho2g4Zk12AMJTL5nJW48NPY6KZWcMPxQ1X7cBi
o/zzozOiKLt4n7bskW1a/850oh811AP7iZGsTYElH2TAt4CUgkRL9ky5hoyf+hlq
wuSq2ad1mvRQZJ28emJ7kF7f5bRYExTbZJhTKPE1VZdFE6Sebk7lrhnhMYInBvFu
GEolyexcpHVsGiFz23LBC11AIzOyZmQ9MKeidg6+eVTMIsQC5d2ElVH7oB/LLV/D
QlWFdvNGpXXtVIdNhkC5etkntfFKJCu4nTIPJjQpAKe7tyYr
-----END CERTIFICATE-----
Generated at Tue Jan 30 22:09:39 2024 by rpki-client on console-ams.rpki-client.org