Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_app3RQPKBZIA7vh_VlTKDflboM.roa
File: _app3RQPKBZIA7vh_VlTKDflboM.roa (raw, json)
Hash identifier: DTE/BbqAAJzgWSTuQKRyteIFkLKEnnBJ0dRvU+UpHuA=
Subject key identifier: FD:AA:69:DD:14:0F:28:16:48:03:BB:E1:FD:59:53:28:37:E5:6E:83
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD4A2B8787B4FE08DEFD01F75A033B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_app3RQPKBZIA7vh_VlTKDflboM.roa
Signing time: Tue 02 Jan 2024 10:34:34 +0000
ROA not before: Tue 02 Jan 2024 10:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212948
IP address blocks: 2a0e:b107:27a0::/45 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 19:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:4a:2b:87:87:b4:fe:08:de:fd:01:f7:5a:03:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdaa69dd140f28164803bbe1fd59532837e56e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:22:1c:eb:94:42:45:fc:c2:8b:3b:60:3c:06:
1c:9d:19:e1:32:ef:29:30:13:b3:5c:e5:70:8d:51:
41:39:0f:fb:78:79:01:46:a9:f8:71:e4:16:44:4e:
bf:07:d4:c9:27:2e:64:8d:3d:93:54:f8:11:56:4f:
c4:b8:ce:11:0d:d3:61:22:2e:89:86:dc:bd:af:ef:
46:d0:13:cb:86:65:be:2b:61:d6:95:2e:f0:5a:6a:
1a:75:15:18:b7:18:2b:c5:db:87:92:f3:95:32:40:
4a:1f:49:c0:3e:11:93:7b:12:e8:27:84:4e:32:16:
da:c0:7a:36:e5:fd:59:c4:bb:06:6f:15:66:f1:49:
fd:13:73:f7:59:59:d4:d2:65:38:f9:ef:09:c6:90:
ff:5c:f0:99:9b:2d:0e:ef:77:a7:ea:25:92:30:a4:
59:f7:dc:f2:5e:aa:98:4f:30:59:bd:53:8d:02:d5:
f5:0a:60:a8:88:93:ff:fe:0d:ba:96:28:0f:6b:2e:
da:96:da:24:a0:49:a1:d8:07:a8:0d:16:37:ec:75:
a4:2e:61:b5:57:66:9c:65:1f:46:72:7c:df:96:f1:
bd:fd:52:06:91:17:db:8d:1a:f6:8e:24:c1:26:01:
c8:e0:4b:fc:a9:74:69:d7:a6:59:d6:80:32:16:f8:
ed:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AA:69:DD:14:0F:28:16:48:03:BB:E1:FD:59:53:28:37:E5:6E:83
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_app3RQPKBZIA7vh_VlTKDflboM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27a0::/45
Signature Algorithm: sha256WithRSAEncryption
20:e7:52:eb:04:54:f6:4b:0c:f1:cd:39:3f:13:24:1c:26:3d:
fa:1a:d5:6e:fb:71:37:95:95:18:ab:a4:7c:12:b3:fe:90:c8:
20:ad:f0:f9:32:12:09:58:dc:d8:2a:3f:67:77:c5:c0:19:60:
85:87:ad:e3:fe:8f:66:cd:ec:6b:59:a3:42:85:d1:f9:b2:f3:
c7:d4:e7:47:a6:36:b3:10:bb:04:6f:e1:82:31:5b:3e:fa:53:
8e:89:77:94:cf:f6:a7:77:c7:90:00:1f:01:e4:1e:6f:ff:41:
73:54:d5:73:72:f7:9f:7b:8a:11:d1:33:2f:43:3d:4b:5c:49:
5f:23:91:1f:76:d0:74:78:86:8b:6f:b8:55:f0:df:11:5b:dd:
39:c9:9a:df:7b:81:bd:94:81:27:b2:eb:a3:ad:f2:1d:80:c5:
7d:11:56:69:7c:f7:41:2a:0b:7b:ea:81:05:1d:2f:98:6f:6e:
20:f3:99:70:82:33:d9:d2:1c:83:07:a3:03:8b:25:3b:e0:38:
c0:8c:19:4b:0d:80:ac:8e:43:d9:1c:9f:57:f2:8f:f9:50:5c:
b4:6d:3b:50:81:1d:e0:90:99:d3:44:b0:ba:5d:c2:a0:35:45:
83:33:79:5a:67:9c:4c:01:00:aa:82:e7:68:38:43:80:73:6f:
52:20:7b:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUorh4e0/gje/QH3WgM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFhNjlkZDE0MGYyODE2NDgwM2JiZTFmZDU5NTMyODM3ZTU2ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyIc65RCRfzCiztgPAYcnRnhMu8p
MBOzXOVwjVFBOQ/7eHkBRqn4ceQWRE6/B9TJJy5kjT2TVPgRVk/EuM4RDdNhIi6J
hty9r+9G0BPLhmW+K2HWlS7wWmoadRUYtxgrxduHkvOVMkBKH0nAPhGTexLoJ4RO
MhbawHo25f1ZxLsGbxVm8Un9E3P3WVnU0mU4+e8JxpD/XPCZmy0O73en6iWSMKRZ
99zyXqqYTzBZvVONAtX1CmCoiJP//g26ligPay7altokoEmh2AeoDRY37HWkLmG1
V2acZR9GcnzflvG9/VIGkRfbjRr2jiTBJgHI4Ev8qXRp16ZZ1oAyFvjtXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP2qad0UDygWSAO74f1ZUyg35W6DMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX2FwcDNSUVBLQlpJQTd2aF9WbFRLRGZsYm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xByeg
MA0GCSqGSIb3DQEBCwUAA4IBAQAg51LrBFT2SwzxzTk/EyQcJj36GtVu+3E3lZUY
q6R8ErP+kMggrfD5MhIJWNzYKj9nd8XAGWCFh63j/o9mzexrWaNChdH5svPH1OdH
pjazELsEb+GCMVs++lOOiXeUz/and8eQAB8B5B5v/0FzVNVzcvefe4oR0TMvQz1L
XElfI5EfdtB0eIaLb7hV8N8RW905yZrfe4G9lIEnsuujrfIdgMV9EVZpfPdBKgt7
6oEFHS+Yb24g85lwgjPZ0hyDB6MDiyU74DjAjBlLDYCsjkPZHJ9X8o/5UFy0bTtQ
gR3gkJnTRLC6XcKgNUWDM3laZ5xMAQCqgudoOEOAc29SIHsv
-----END CERTIFICATE-----
Generated at Wed Jan 10 22:32:55 2024 by rpki-client on console-ams.rpki-client.org