Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tGfqujX4hoO3KUS08qT4NnP7xw.roa
File: _tGfqujX4hoO3KUS08qT4NnP7xw.roa (raw, json)
Hash identifier: 8H1uUUJLOx0v7/fBAkDIK04goNFeV2KCQ3BLXfdP2FI=
Subject key identifier: FE:D1:9F:AA:E8:D7:E2:1A:0E:DC:A5:12:D3:CA:93:E0:D9:CF:EF:1C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E6D0FF29F880C4232D9E6E9D784A2DD15
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tGfqujX4hoO3KUS08qT4NnP7xw.roa
Signing time: Sat 23 Mar 2024 20:45:45 +0000
ROA not before: Sat 23 Mar 2024 20:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
2a0e:b107:12d8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Apr 2024 18:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6d:0f:f2:9f:88:0c:42:32:d9:e6:e9:d7:84:a2:dd:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 23 20:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fed19faae8d7e21a0edca512d3ca93e0d9cfef1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f0:9c:f0:c2:64:a2:8b:0f:49:54:8e:b8:50:
13:0a:2a:f6:2e:52:7d:3b:ea:94:6a:d6:dd:9b:7b:
93:46:ce:ce:e0:fb:ca:54:36:71:18:31:15:a6:10:
b7:da:b9:23:ca:dc:68:57:40:1e:ca:42:ec:5b:70:
85:50:15:9c:79:0a:8f:ad:21:48:c1:09:8a:d2:3b:
13:cf:d3:a0:25:99:0f:0d:e7:39:2f:82:67:ad:71:
14:92:2a:1b:e7:ba:bb:14:2f:cc:5e:71:25:f7:35:
d5:9f:6e:e9:b2:b4:81:e2:83:6d:75:be:9a:93:71:
89:8c:e1:e7:0f:f2:03:32:a9:a5:3d:02:a1:75:d1:
a5:57:90:4e:08:b1:0e:91:64:dc:34:6f:b3:77:55:
cc:b9:ff:fb:a5:95:59:c6:6e:d6:74:77:d6:cd:0a:
3c:af:d9:66:13:2a:39:e1:6c:1e:9e:5e:f5:c3:a7:
a3:a9:e0:94:d7:35:44:4b:a6:b1:f9:07:f8:1e:e9:
11:bf:a5:a0:32:bf:98:8b:fe:09:3a:0c:4a:e8:6c:
ca:1b:50:5f:20:11:96:63:64:cd:9d:df:c2:3b:cd:
0d:31:1b:44:56:9b:a8:46:fd:52:1d:d8:75:65:a3:
da:d1:e6:b8:84:80:d7:da:f3:bb:77:04:59:0a:18:
5b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D1:9F:AA:E8:D7:E2:1A:0E:DC:A5:12:D3:CA:93:E0:D9:CF:EF:1C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tGfqujX4hoO3KUS08qT4NnP7xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::/48
2a0e:b107:12d3::-2a0e:b107:12d5:ffff:ffff:ffff:ffff:ffff
2a0e:b107:12d7::-2a0e:b107:12d8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
35:dc:62:26:be:f7:c5:7e:09:28:dc:ae:8b:ff:0b:d6:f9:07:
01:6d:d6:5a:5f:ac:f5:48:66:d8:71:a7:07:9f:7a:6d:d5:cc:
ca:70:a2:0a:9e:2d:b8:fd:fc:08:86:e9:4c:f5:58:50:80:03:
49:c2:fb:10:79:ec:24:9d:1a:b0:5d:30:6c:85:6f:30:38:bb:
00:a6:f5:41:25:e0:1e:78:59:5a:06:ac:a3:b0:99:ea:9a:81:
5d:91:98:a9:17:00:bf:8c:65:2b:be:f3:41:ee:f8:16:7a:81:
70:e2:1b:dc:f3:ab:73:46:3d:3d:cc:b6:d4:12:eb:33:e3:50:
b1:9b:50:4d:83:97:33:63:07:99:6f:62:47:61:c3:96:fb:7f:
b7:dd:60:41:0f:7f:1f:4d:fc:ff:da:c3:50:b7:7f:08:92:00:
9b:3c:a4:ee:67:dd:86:29:71:52:83:12:23:8c:7a:a0:e1:33:
ea:b9:c8:b5:f1:86:da:6d:d5:eb:af:e7:ce:1d:63:e2:11:5b:
7e:4f:49:32:f8:9a:75:a4:b6:34:e4:21:df:44:cd:c5:05:d1:
84:4a:1a:9e:67:48:09:84:24:19:08:17:c0:c7:9c:26:0c:2f:
31:e3:d2:f5:da:52:93:b7:83:95:ef:b4:9e:76:67:2f:e9:4c:
78:0e:69:be
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY5tD/KfiAxCMtnm6deEot0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzIzMjA0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQxOWZhYWU4ZDdlMjFhMGVkY2E1MTJkM2NhOTNlMGQ5Y2ZlZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fCc8MJkoosPSVSOuFATCir2LlJ9
O+qUatbdm3uTRs7O4PvKVDZxGDEVphC32rkjytxoV0AeykLsW3CFUBWceQqPrSFI
wQmK0jsTz9OgJZkPDec5L4JnrXEUkiob57q7FC/MXnEl9zXVn27psrSB4oNtdb6a
k3GJjOHnD/IDMqmlPQKhddGlV5BOCLEOkWTcNG+zd1XMuf/7pZVZxm7WdHfWzQo8
r9lmEyo54Wwenl71w6ejqeCU1zVES6ax+Qf4HukRv6WgMr+Yi/4JOgxK6GzKG1Bf
IBGWY2TNnd/CO80NMRtEVpuoRv1SHdh1ZaPa0ea4hIDX2vO7dwRZChhb6QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFP7Rn6ro1+IaDtylEtPKk+DZz+8cMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX3RHZnF1alg0aG9PM0tVUzA4cVQ0Tm5QN3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwcAKg6xBxLR
MBIDBwAqDrEHEtMDBwEqDrEHEtQwEgMHACoOsQcS1wMHACoOsQcS2DANBgkqhkiG
9w0BAQsFAAOCAQEANdxiJr73xX4JKNyui/8L1vkHAW3WWl+s9Uhm2HGnB596bdXM
ynCiCp4tuP38CIbpTPVYUIADScL7EHnsJJ0asF0wbIVvMDi7AKb1QSXgHnhZWgas
o7CZ6pqBXZGYqRcAv4xlK77zQe74FnqBcOIb3POrc0Y9Pcy21BLrM+NQsZtQTYOX
M2MHmW9iR2HDlvt/t91gQQ9/H038/9rDULd/CJIAmzyk7mfdhilxUoMSI4x6oOEz
6rnItfGG2m3V66/nzh1j4hFbfk9JMviadaS2NOQh30TNxQXRhEoanmdICYQkGQgX
wMecJgwvMePS9dpSk7eDle+0nnZnL+lMeA5pvg==
-----END CERTIFICATE-----
Generated at Tue Apr 9 21:27:02 2024 by rpki-client on console-fra.rpki-client.org