Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YdRqwjCmZB7WAuzhl4QedmM5iIc.roa
File: YdRqwjCmZB7WAuzhl4QedmM5iIc.roa (raw, json)
Hash identifier: x5MNl7fzFpqXld0ancLeaCY6Pj92mWGEOkfzfYanfT0=
Subject key identifier: 61:D4:6A:C2:30:A6:64:1E:D6:02:EC:E1:97:84:1E:76:63:39:88:87
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE837B118479AE16229BFC00C3B60
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YdRqwjCmZB7WAuzhl4QedmM5iIc.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198016
IP address blocks: 2a0e:97c0:d00::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jul 2024 22:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e8:37:b1:18:47:9a:e1:62:29:bf:c0:0c:3b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d46ac230a6641ed602ece197841e7663398887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:68:ea:27:b5:31:81:1b:47:65:15:e5:5b:76:
0c:86:a0:14:8c:c4:82:e5:00:52:45:6e:8b:65:9e:
03:57:15:c4:f3:e3:0e:5e:48:43:25:8a:45:64:8d:
9e:bb:cd:35:e8:ab:26:aa:73:bf:cd:06:b3:c8:1d:
d3:7d:13:f6:21:70:30:19:fb:a7:6c:99:09:a8:b9:
2e:e7:6d:62:1b:29:08:cf:66:8b:4f:61:1c:85:1b:
b6:43:43:5d:d7:de:10:78:c5:ac:b2:17:fe:bf:c6:
03:3e:ea:6c:2f:27:76:e3:0b:4c:3d:7e:b8:b5:d3:
de:12:37:0c:8b:e7:d5:ff:82:e5:e4:ae:a6:b7:bd:
56:78:43:eb:9d:80:a9:44:44:48:59:6a:f3:f5:32:
96:8a:84:b0:8d:0a:60:11:cf:83:31:28:61:f9:16:
97:3a:f3:02:71:e6:9d:98:34:e9:ed:3a:53:31:54:
47:c9:f2:7b:6c:61:2a:47:89:8a:fc:f5:d2:96:99:
7d:1d:a3:27:86:a0:26:b5:b0:4e:74:7b:a4:82:f5:
57:94:99:6d:0b:86:7b:3b:76:98:0e:94:27:2f:63:
6e:d8:78:9b:c9:79:3d:5f:fb:b9:56:9e:8c:d4:f3:
71:a6:6d:3f:e8:23:5b:db:53:52:0e:81:05:27:c8:
e0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D4:6A:C2:30:A6:64:1E:D6:02:EC:E1:97:84:1E:76:63:39:88:87
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YdRqwjCmZB7WAuzhl4QedmM5iIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:d00::/44
Signature Algorithm: sha256WithRSAEncryption
cb:eb:88:f4:43:72:a6:a1:b7:6b:87:9f:ef:2c:94:df:4e:a3:
c8:6d:d1:37:5f:5c:72:72:b4:b7:7e:05:e0:ee:46:18:7f:9e:
7a:9a:40:f0:25:df:21:f6:90:78:12:67:52:2e:90:74:52:f3:
ce:d4:0e:2c:ed:a8:fe:64:ca:66:80:97:ee:05:39:4e:73:a6:
62:72:85:41:e9:94:29:4f:c7:e4:ab:b8:08:4b:af:e9:2f:25:
ae:1b:a0:6d:12:08:f8:ef:5c:11:f6:41:be:9f:b7:91:a8:29:
84:7e:3a:c2:3c:33:b3:bd:44:17:07:9c:85:ef:a4:a1:c5:c5:
dd:45:d1:2e:29:b7:8e:a8:37:e3:34:b7:39:74:63:ab:2c:71:
ac:9d:bf:b4:69:a9:d8:66:f9:0f:93:70:48:f0:8c:bb:db:4e:
50:05:87:05:51:9b:30:98:e0:8a:51:ad:78:79:45:68:3d:f7:
26:67:0c:0f:c8:08:7f:87:1e:bd:1e:91:60:98:9a:9b:9d:03:
ac:a4:1f:de:04:f0:5f:b3:37:b5:90:38:4d:a4:4d:2b:2a:2b:
6a:0c:0c:44:6a:88:0d:5a:dc:65:82:33:88:ca:00:f3:ad:bb:
10:2e:75:8d:5d:b4:78:1d:db:2f:2b:a4:25:c9:c2:ce:4a:0f:
17:64:70:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOg3sRhHmuFiKb/ADDtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ0NmFjMjMwYTY2NDFlZDYwMmVjZTE5Nzg0MWU3NjYzMzk4ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GjqJ7UxgRtHZRXlW3YMhqAUjMSC
5QBSRW6LZZ4DVxXE8+MOXkhDJYpFZI2eu8016KsmqnO/zQazyB3TfRP2IXAwGfun
bJkJqLku521iGykIz2aLT2EchRu2Q0Nd194QeMWsshf+v8YDPupsLyd24wtMPX64
tdPeEjcMi+fV/4Ll5K6mt71WeEPrnYCpRERIWWrz9TKWioSwjQpgEc+DMShh+RaX
OvMCceadmDTp7TpTMVRHyfJ7bGEqR4mK/PXSlpl9HaMnhqAmtbBOdHukgvVXlJlt
C4Z7O3aYDpQnL2Nu2HibyXk9X/u5Vp6M1PNxpm0/6CNb21NSDoEFJ8jg8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGHUasIwpmQe1gLs4ZeEHnZjOYiHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWWRScXdqQ21aQjdXQXV6aGw0UWVkbU01aUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA0A
MA0GCSqGSIb3DQEBCwUAA4IBAQDL64j0Q3Kmobdrh5/vLJTfTqPIbdE3X1xycrS3
fgXg7kYYf556mkDwJd8h9pB4EmdSLpB0UvPO1A4s7aj+ZMpmgJfuBTlOc6ZicoVB
6ZQpT8fkq7gIS6/pLyWuG6BtEgj471wR9kG+n7eRqCmEfjrCPDOzvUQXB5yF76Sh
xcXdRdEuKbeOqDfjNLc5dGOrLHGsnb+0aanYZvkPk3BI8Iy7205QBYcFUZswmOCK
Ua14eUVoPfcmZwwPyAh/hx69HpFgmJqbnQOspB/eBPBfsze1kDhNpE0rKitqDAxE
aogNWtxlgjOIygDzrbsQLnWNXbR4HdsvK6QlycLOSg8XZHD9
-----END CERTIFICATE-----
Generated at Thu Jul 18 00:50:37 2024 by rpki-client on console-fra.rpki-client.org