Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y7c1Izm8ATlvIF5pJtSea3_6vC8.roa
File: Y7c1Izm8ATlvIF5pJtSea3_6vC8.roa (raw, json)
Hash identifier: Xqe2IX9jKlV/lJUl+t4agIlcApeewSCQxXzVNK2ycLk=
Subject key identifier: 63:B7:35:23:39:BC:01:39:6F:20:5E:69:26:D4:9E:6B:7F:FA:BC:2F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188D967E5BD65BBB21967ECDA95187CC79B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y7c1Izm8ATlvIF5pJtSea3_6vC8.roa
Signing time: Tue 20 Jun 2023 15:24:04 +0000
ROA not before: Tue 20 Jun 2023 15:24:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Nov 2023 14:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:67:e5:bd:65:bb:b2:19:67:ec:da:95:18:7c:c7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 20 15:24:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63b7352339bc01396f205e6926d49e6b7ffabc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:ea:78:1a:66:a0:b5:50:e8:16:c0:76:2d:
b9:18:ec:5f:4a:e8:d0:4a:52:94:5b:d3:1b:67:bf:
80:75:90:1e:d9:64:70:1d:23:3b:c3:01:b4:56:2a:
a0:ca:a3:3d:3a:39:4f:c4:61:26:a0:4c:21:b1:c8:
5b:f1:ef:f5:b5:84:5c:b2:2b:1e:64:3f:5a:9f:4a:
0a:05:29:21:ae:25:b8:b6:42:99:e9:ad:4a:d4:d5:
b5:fb:a0:8f:4a:40:95:e2:81:73:e7:2f:e3:b5:37:
49:3c:31:59:71:d3:ab:0a:4b:cd:cb:df:bb:06:41:
40:53:22:3a:1c:59:84:65:1a:d6:4f:ed:15:c3:41:
fa:92:04:58:04:30:b5:59:28:fa:eb:7a:93:56:e7:
49:49:98:e0:5c:04:cf:ab:18:56:4d:81:f3:e7:a4:
1c:f6:96:ac:89:cd:a6:93:43:6a:c3:31:8e:50:9c:
45:bc:17:7e:3a:19:53:43:55:e4:b2:3f:10:2e:70:
1a:90:c0:80:67:c5:9b:56:e3:c1:96:d5:e8:ba:3a:
56:c8:90:8b:92:13:93:f8:ed:b3:7e:2d:f7:97:c4:
63:9b:0e:9a:ef:7e:4e:3f:62:da:e4:73:0f:4c:0b:
77:ba:06:e5:36:3c:de:ff:94:f9:98:cd:b0:18:7a:
9b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B7:35:23:39:BC:01:39:6F:20:5E:69:26:D4:9E:6B:7F:FA:BC:2F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y7c1Izm8ATlvIF5pJtSea3_6vC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
3e:a7:11:bf:a7:39:c2:0f:96:f3:25:46:73:45:64:0c:56:6c:
50:0d:80:5f:0b:46:50:d9:54:b1:a5:74:66:42:10:d7:1f:9c:
84:47:b1:14:9f:7b:f9:df:a4:1e:57:48:29:c8:ea:c8:0d:76:
55:57:8f:ee:28:1d:0a:8c:42:e7:b4:03:34:3b:e3:4e:c3:44:
fe:e0:bd:1e:aa:df:73:00:57:8d:14:bc:51:d9:25:66:3f:34:
b7:6e:cb:da:fc:4b:09:8e:75:a0:6f:cf:38:7f:95:70:25:17:
45:3a:18:e2:aa:85:7a:2f:77:5f:b7:d9:71:5c:81:95:0c:7e:
e3:ca:01:ab:1f:a0:c4:5d:ab:2a:39:3f:9b:df:6f:07:88:c5:
7c:9e:46:07:45:52:c4:cc:86:3e:e4:d3:83:bb:27:d3:04:c1:
70:47:af:ed:2e:cb:36:f7:ca:55:89:f3:79:8a:2f:ce:88:5b:
30:79:5d:5d:d4:7d:98:80:89:9d:b8:fc:59:3a:1c:3f:c6:27:
22:6a:0d:bb:a4:d4:11:e1:c2:55:45:a6:d5:02:ee:6a:de:f8:
24:a2:5f:31:74:d0:9e:a5:cc:5d:95:d6:84:fa:3a:b6:5e:a0:
6a:0d:17:30:e4:d6:88:a9:63:64:2c:a6:d8:15:2a:2f:38:47:
cf:c7:b8:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjZZ+W9ZbuyGWfs2pUYfMebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjIwMTUyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2I3MzUyMzM5YmMwMTM5NmYyMDVlNjkyNmQ0OWU2YjdmZmFiYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB3qeBpmoLVQ6BbAdi25GOxfSujQ
SlKUW9MbZ7+AdZAe2WRwHSM7wwG0ViqgyqM9OjlPxGEmoEwhschb8e/1tYRcsise
ZD9an0oKBSkhriW4tkKZ6a1K1NW1+6CPSkCV4oFz5y/jtTdJPDFZcdOrCkvNy9+7
BkFAUyI6HFmEZRrWT+0Vw0H6kgRYBDC1WSj663qTVudJSZjgXATPqxhWTYHz56Qc
9pasic2mk0NqwzGOUJxFvBd+OhlTQ1Xksj8QLnAakMCAZ8WbVuPBltXoujpWyJCL
khOT+O2zfi33l8Rjmw6a735OP2La5HMPTAt3ugblNjze/5T5mM2wGHqbTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGO3NSM5vAE5byBeaSbUnmt/+rwvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWTdjMUl6bThBVGx2SUY1cEp0U2VhM182dkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgbeAAAQ
AwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQA+pxG/pznCD5bzJUZzRWQMVmxQ
DYBfC0ZQ2VSxpXRmQhDXH5yER7EUn3v536QeV0gpyOrIDXZVV4/uKB0KjELntAM0
O+NOw0T+4L0eqt9zAFeNFLxR2SVmPzS3bsva/EsJjnWgb884f5VwJRdFOhjiqoV6
L3dft9lxXIGVDH7jygGrH6DEXasqOT+b328HiMV8nkYHRVLEzIY+5NODuyfTBMFw
R6/tLss298pVifN5ii/OiFsweV1d1H2YgImduPxZOhw/xiciag27pNQR4cJVRabV
Au5q3vgkol8xdNCepcxdldaE+jq2XqBqDRcw5NaIqWNkLKbYFSovOEfPx7jO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:05 2024 by rpki-client on console-ams.rpki-client.org