Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tIatljVgS0SKkwzqJz6EkCZjZo.roa
File: _tIatljVgS0SKkwzqJz6EkCZjZo.roa (raw, json)
Hash identifier: DY9YABK/gWkaYSQWFd7qX0XRvnp85aAxek/64zDxqiQ=
Subject key identifier: FE:D2:1A:B6:58:D5:81:2D:12:2A:4C:33:A8:9C:FA:12:40:99:8D:9A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCDA3C016C110E30577FE1F81889B1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tIatljVgS0SKkwzqJz6EkCZjZo.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136535
IP address blocks: 2a0e:97c0:83f::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Feb 2024 23:52:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:da:3c:01:6c:11:0e:30:57:7f:e1:f8:18:89:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fed21ab658d5812d122a4c33a89cfa1240998d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a1:3a:00:c1:7f:12:35:78:c8:49:95:de:31:
ec:3f:3b:04:57:97:8a:4e:20:e5:56:82:fc:57:41:
fc:86:40:a9:14:0b:19:19:73:6c:90:f0:bb:58:c7:
cd:de:1d:9d:75:ee:68:5f:12:c6:8e:9c:08:74:2f:
76:45:82:fe:13:71:d9:00:0e:01:94:54:ca:42:02:
63:99:d2:02:0b:19:46:bb:17:f6:72:9d:03:18:4f:
d4:5a:7e:50:a8:80:22:9b:4b:13:00:d8:90:8c:3e:
e7:0f:1f:c7:67:a2:c5:5a:56:13:ba:0e:c3:19:a7:
e5:14:a3:6c:c7:61:6d:e7:8b:bb:59:5e:55:25:d3:
0e:f5:fd:4e:90:5c:64:ff:ef:22:a9:46:bb:7f:35:
4d:e6:d4:18:e8:0d:84:04:3f:eb:41:3d:c8:e0:31:
3c:34:a5:3a:02:55:cb:76:01:56:5b:7e:df:18:fb:
9a:ad:e8:fc:b9:5f:57:da:86:bc:bc:c0:c9:05:d1:
ca:c3:1e:66:f1:ed:9c:ae:85:eb:6b:41:8f:74:59:
1f:fd:bf:b8:9f:5d:48:c7:67:63:d7:dd:6d:38:9c:
ec:d8:7a:b4:fa:0b:f0:15:f8:9e:63:1f:2d:ac:f3:
ae:d8:20:bd:e8:48:49:5a:72:1b:e7:91:81:7a:b0:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D2:1A:B6:58:D5:81:2D:12:2A:4C:33:A8:9C:FA:12:40:99:8D:9A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_tIatljVgS0SKkwzqJz6EkCZjZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:83f::/48
Signature Algorithm: sha256WithRSAEncryption
35:00:df:30:22:fe:78:8a:11:e4:28:3a:f9:29:ff:40:d2:ef:
a5:b3:7f:4d:ef:2b:ed:51:7d:cb:8c:90:de:52:24:43:d7:5c:
c4:d5:d2:00:65:e1:0e:74:04:71:28:de:d3:89:64:f1:ae:b8:
c8:2c:b7:45:d7:ad:09:49:a7:7e:b7:4e:04:94:1b:70:51:98:
a6:2d:70:1b:45:27:cc:9b:3f:cb:d8:df:0b:83:57:10:74:6b:
14:0c:3d:78:31:14:fc:8b:0f:57:76:9c:94:bf:b5:f0:18:1f:
37:aa:20:5f:23:7d:a4:d4:41:f8:41:bc:5c:ec:03:92:5f:29:
57:0c:b1:ff:6d:b3:11:49:f3:d3:87:65:4b:95:60:ea:07:60:
e5:47:f0:5a:a6:5a:f5:c1:5d:f3:49:8a:e0:95:26:5a:12:26:
b3:cc:42:44:22:90:b8:00:6f:fe:2f:e9:0f:a2:e0:5f:c8:74:
d8:ca:e0:f5:b5:0f:31:48:59:2a:92:48:77:9d:b0:5f:83:38:
5a:e7:c8:7c:df:01:8c:64:90:52:d5:93:bf:a5:0c:55:1c:fc:
7b:e5:a4:91:b3:d3:f6:ff:df:73:c2:b1:5a:27:72:82:60:ad:
3f:99:c2:5c:d8:0f:3c:1d:d8:2c:f6:c4:18:ea:86:18:d3:29:
9f:9b:09:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvNo8AWwRDjBXf+H4GImxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQyMWFiNjU4ZDU4MTJkMTIyYTRjMzNhODljZmExMjQwOTk4ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKE6AMF/EjV4yEmV3jHsPzsEV5eK
TiDlVoL8V0H8hkCpFAsZGXNskPC7WMfN3h2dde5oXxLGjpwIdC92RYL+E3HZAA4B
lFTKQgJjmdICCxlGuxf2cp0DGE/UWn5QqIAim0sTANiQjD7nDx/HZ6LFWlYTug7D
GaflFKNsx2Ft54u7WV5VJdMO9f1OkFxk/+8iqUa7fzVN5tQY6A2EBD/rQT3I4DE8
NKU6AlXLdgFWW37fGPuarej8uV9X2oa8vMDJBdHKwx5m8e2croXra0GPdFkf/b+4
n11Ix2dj191tOJzs2Hq0+gvwFfieYx8trPOu2CC96EhJWnIb55GBerB9PwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP7SGrZY1YEtEipMM6ic+hJAmY2aMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX3RJYXRsalZnUzBTS2t3enFKejZFa0NaalpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAg/
MA0GCSqGSIb3DQEBCwUAA4IBAQA1AN8wIv54ihHkKDr5Kf9A0u+ls39N7yvtUX3L
jJDeUiRD11zE1dIAZeEOdARxKN7TiWTxrrjILLdF160JSad+t04ElBtwUZimLXAb
RSfMmz/L2N8Lg1cQdGsUDD14MRT8iw9XdpyUv7XwGB83qiBfI32k1EH4Qbxc7AOS
XylXDLH/bbMRSfPTh2VLlWDqB2DlR/Baplr1wV3zSYrglSZaEiazzEJEIpC4AG/+
L+kPouBfyHTYyuD1tQ8xSFkqkkh3nbBfgzha58h83wGMZJBS1ZO/pQxVHPx75aSR
s9P2/99zwrFaJ3KCYK0/mcJc2A88Hdgs9sQY6oYY0ymfmwmn
-----END CERTIFICATE-----
Generated at Wed Feb 7 03:15:19 2024 by rpki-client on console-ams.rpki-client.org