Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqGrPxkuCPABlwKkvbJN0ohLlWc.roa
File: YqGrPxkuCPABlwKkvbJN0ohLlWc.roa (raw, json)
Hash identifier: 3fNl2M/982QYPQ8lNYH8kmeSe3f8hJ3Bvvs/33dsWVs=
Subject key identifier: 62:A1:AB:3F:19:2E:08:F0:01:97:02:A4:BD:B2:4D:D2:88:4B:95:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01911D1D4E0C1B51CE1AEF1E6CC8DADECE3E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqGrPxkuCPABlwKkvbJN0ohLlWc.roa
Signing time: Sun 04 Aug 2024 11:19:05 +0000
ROA not before: Sun 04 Aug 2024 11:19:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214953
IP address blocks: 2a06:de07:de00::/48 maxlen: 48
2a06:de07:de01::/48 maxlen: 48
2a06:de07:de02::/48 maxlen: 48
2a10:2f01:403::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Aug 2024 21:35:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1d:1d:4e:0c:1b:51:ce:1a:ef:1e:6c:c8:da:de:ce:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 4 11:19:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a1ab3f192e08f0019702a4bdb24dd2884b9567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c3:0e:51:da:44:c1:32:56:cc:65:32:57:69:
32:56:87:fd:db:eb:77:ca:b1:48:df:b4:35:54:91:
68:b9:7e:f5:5b:0c:bb:59:71:b0:4d:d4:49:d1:6b:
d1:c0:9d:b2:09:78:61:53:7c:9e:33:23:7a:f8:5e:
4e:d6:e6:4c:f9:35:cb:42:90:cd:67:fe:b9:5d:34:
cb:b4:fe:7c:54:71:44:d4:27:8f:0f:ad:81:4d:a3:
cd:d7:5c:b3:03:ac:5b:d2:77:ac:a4:8d:56:e3:38:
5e:cd:94:d3:cf:01:ec:33:67:1d:e9:1b:a3:4a:21:
5e:0b:fc:62:fe:a7:20:99:63:2a:3b:8c:3c:79:d4:
86:3c:0c:9c:fd:32:a2:61:8b:08:7d:23:f3:45:4e:
46:1f:c7:4f:6f:8b:c4:87:93:62:58:b3:78:47:de:
15:64:e5:73:81:65:8d:08:b2:57:f0:91:aa:94:a4:
b0:33:f7:77:a3:e0:24:0a:6a:19:3b:52:ad:0d:d3:
5d:ef:d0:6f:b5:0f:16:7e:52:49:4d:eb:2d:6f:34:
ed:bb:f5:a4:9b:62:6f:59:e2:eb:03:20:4b:22:bf:
49:d5:2f:71:6b:c7:9f:b7:b5:46:50:e3:88:7c:2f:
ca:27:61:2a:cb:52:3d:a1:c9:63:ba:42:12:2f:01:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A1:AB:3F:19:2E:08:F0:01:97:02:A4:BD:B2:4D:D2:88:4B:95:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YqGrPxkuCPABlwKkvbJN0ohLlWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de07:de00::-2a06:de07:de02:ffff:ffff:ffff:ffff:ffff
2a10:2f01:403::/48
Signature Algorithm: sha256WithRSAEncryption
85:1d:e7:72:16:1c:11:6a:ad:4c:ce:4b:7b:21:f3:cd:e1:24:
45:2f:db:bb:ee:d4:2e:d2:27:ee:8f:69:1e:b8:cd:44:1c:f7:
b7:81:6c:ba:e0:b6:6e:a3:ae:99:d1:be:f2:94:eb:7b:f6:33:
01:e3:b0:89:a8:6f:2b:9d:08:e3:88:c1:c4:aa:e8:e5:ec:7b:
b5:35:8f:02:05:25:27:61:20:a6:f2:c4:5c:84:71:6b:68:68:
2c:39:d5:38:19:38:67:f6:22:c3:07:2e:ae:6a:fb:96:e5:21:
b8:b5:67:bd:68:e9:a3:f2:c9:05:b4:22:82:8f:df:d7:77:86:
07:43:b9:86:75:34:07:37:2c:a1:ec:51:62:b0:4c:86:cf:6f:
3d:79:1b:b4:30:96:3c:9f:9d:29:58:97:47:ec:a2:0c:94:88:
28:29:0e:5e:31:01:4a:58:5b:d5:c5:92:d4:de:96:c0:6b:2c:
8c:e0:06:b0:82:2b:1e:3c:fa:60:08:a1:91:96:ca:94:3d:a0:
d8:93:10:49:4d:46:b6:cd:56:76:39:1f:83:00:e4:f4:ac:0e:
4e:98:3f:da:e9:b8:33:ac:65:d5:f7:43:41:17:71:39:55:32:
5b:8d:57:26:19:39:ca:2c:5c:02:c9:b2:24:44:0a:fa:f1:ff:
a7:ef:19:21
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZEdHU4MG1HOGu8ebMja3s4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODA0MTExOTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmExYWIzZjE5MmUwOGYwMDE5NzAyYTRiZGIyNGRkMjg4NGI5NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcMOUdpEwTJWzGUyV2kyVof92+t3
yrFI37Q1VJFouX71Wwy7WXGwTdRJ0WvRwJ2yCXhhU3yeMyN6+F5O1uZM+TXLQpDN
Z/65XTTLtP58VHFE1CePD62BTaPN11yzA6xb0nespI1W4zhezZTTzwHsM2cd6Ruj
SiFeC/xi/qcgmWMqO4w8edSGPAyc/TKiYYsIfSPzRU5GH8dPb4vEh5NiWLN4R94V
ZOVzgWWNCLJX8JGqlKSwM/d3o+AkCmoZO1KtDdNd79BvtQ8WflJJTestbzTtu/Wk
m2JvWeLrAyBLIr9J1S9xa8eft7VGUOOIfC/KJ2Eqy1I9ocljukISLwHCpwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGKhqz8ZLgjwAZcCpL2yTdKIS5VnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWXFHclB4a3VDUEFCbHdLa3ZiSk4wb2hMbFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcMBEDBgEqBt4H
3gMHACoG3gfeAgMHACoQLwEEAzANBgkqhkiG9w0BAQsFAAOCAQEAhR3nchYcEWqt
TM5LeyHzzeEkRS/bu+7ULtIn7o9pHrjNRBz3t4FsuuC2bqOumdG+8pTre/YzAeOw
iahvK50I44jBxKro5ex7tTWPAgUlJ2EgpvLEXIRxa2hoLDnVOBk4Z/Yiwwcurmr7
luUhuLVnvWjpo/LJBbQigo/f13eGB0O5hnU0BzcsoexRYrBMhs9vPXkbtDCWPJ+d
KViXR+yiDJSIKCkOXjEBSlhb1cWS1N6WwGssjOAGsIIrHjz6YAihkZbKlD2g2JMQ
SU1Gts1WdjkfgwDk9KwOTpg/2um4M6xl1fdDQRdxOVUyW41XJhk5yixcAsmyJEQK
+vH/p+8ZIQ==
-----END CERTIFICATE-----
Generated at Mon Aug 5 23:27:27 2024 by rpki-client on console-ams.rpki-client.org