Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a-iCvk0xTpMUXcTLrNzr6MSHDLU.roa
File: a-iCvk0xTpMUXcTLrNzr6MSHDLU.roa (raw, json)
Hash identifier: yCZtfnTM4/x0AX6Ze0AS3AqwhsosXKN062m717cbdwo=
Subject key identifier: 6B:E8:82:BE:4D:31:4E:93:14:5D:C4:CB:AC:DC:EB:E8:C4:87:0C:B5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCF63B2EB841AC6042371BCB6EDFF9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a-iCvk0xTpMUXcTLrNzr6MSHDLU.roa
Signing time: Tue 02 Jan 2024 10:34:13 +0000
ROA not before: Tue 02 Jan 2024 10:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200598
IP address blocks: 2a06:de01:401::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Jan 2024 02:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f6:3b:2e:b8:41:ac:60:42:37:1b:cb:6e:df:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6be882be4d314e93145dc4cbacdcebe8c4870cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:de:b9:9e:36:85:c0:1e:f9:64:16:46:1b:0d:
05:69:04:00:95:be:fe:17:e8:8b:96:7d:6e:56:d7:
47:8c:a1:6d:06:76:88:4c:dd:2c:23:9c:0a:0c:95:
17:9e:3a:78:de:1f:52:26:64:ee:2f:e6:2e:c2:11:
3a:26:f9:c0:45:89:45:fb:83:bc:2b:4b:70:22:49:
92:e5:6a:0b:c9:b5:82:3c:15:42:b4:51:8a:78:a8:
53:24:6e:be:bb:4e:e0:92:62:8e:b8:42:69:34:0f:
20:6b:70:34:db:e4:ab:46:07:0a:aa:29:44:29:c1:
63:52:d9:39:e7:6a:dd:a2:7a:8d:3d:fd:1c:f2:6e:
34:64:69:fa:7b:dc:87:d3:b5:64:d1:db:67:5c:58:
3f:23:da:a0:2d:37:81:b4:49:57:d3:e5:b3:c5:fe:
2e:e8:e3:5a:13:15:94:3a:4b:02:f4:ae:59:62:43:
63:fa:e1:ae:74:38:83:c8:ea:98:02:c6:79:53:7d:
38:c3:d1:27:b7:93:96:d5:c3:3f:0d:51:9d:aa:af:
54:3c:89:d0:b6:64:39:08:f4:ff:b8:2f:6f:73:5e:
7a:c0:2c:72:0e:27:19:2a:15:28:72:9d:9e:b4:b1:
f5:73:f7:b8:2f:32:69:6e:20:35:d6:0f:65:e9:d7:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E8:82:BE:4D:31:4E:93:14:5D:C4:CB:AC:DC:EB:E8:C4:87:0C:B5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a-iCvk0xTpMUXcTLrNzr6MSHDLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:401::/48
Signature Algorithm: sha256WithRSAEncryption
8c:3f:60:e6:9d:d0:d9:82:2a:1f:15:b4:9c:85:b3:00:52:28:
8c:11:8e:69:b5:81:20:a1:4d:82:ed:fe:eb:c8:31:0b:0e:58:
8d:94:85:76:53:21:55:a6:f7:d0:cd:35:b5:2d:3e:42:37:f1:
be:bc:d9:fa:ba:65:8c:13:ff:c4:af:c5:ce:a2:dd:e7:35:ba:
58:d9:9a:fd:35:31:f2:ef:f5:f3:24:a0:1f:3e:66:ff:a7:7c:
f1:eb:e1:f5:69:8f:2b:54:f6:8a:f5:c6:59:85:e0:f2:eb:dc:
b1:5b:55:2f:92:b6:68:a9:9a:14:89:16:4f:40:fd:9b:f6:83:
b3:e8:6e:b1:8d:a8:53:ab:74:c4:45:1d:9c:4f:2d:84:54:eb:
d1:d9:17:70:cb:01:a4:70:8c:fe:ad:7d:c7:62:74:c4:05:a3:
a0:ac:25:9d:c7:d0:cb:f0:7c:94:34:02:f6:d6:dc:30:74:bd:
d1:f3:fe:5b:09:8c:84:1d:1c:2b:7e:47:ec:99:2d:ca:35:93:
9c:4a:ae:94:76:e5:37:73:d7:b2:2d:0a:a2:6d:21:2c:19:bf:
14:f6:1a:dc:ea:22:1f:6e:7d:d7:ab:7f:a4:fc:b5:69:e0:71:
0f:9f:65:bd:a6:30:87:d1:97:d1:05:46:4d:fc:d1:5c:8b:dd:
ef:ed:88:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvPY7LrhBrGBCNxvLbt/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU4ODJiZTRkMzE0ZTkzMTQ1ZGM0Y2JhY2RjZWJlOGM0ODcwY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt65njaFwB75ZBZGGw0FaQQAlb7+
F+iLln1uVtdHjKFtBnaITN0sI5wKDJUXnjp43h9SJmTuL+YuwhE6JvnARYlF+4O8
K0twIkmS5WoLybWCPBVCtFGKeKhTJG6+u07gkmKOuEJpNA8ga3A02+SrRgcKqilE
KcFjUtk552rdonqNPf0c8m40ZGn6e9yH07Vk0dtnXFg/I9qgLTeBtElX0+Wzxf4u
6ONaExWUOksC9K5ZYkNj+uGudDiDyOqYAsZ5U304w9Ent5OW1cM/DVGdqq9UPInQ
tmQ5CPT/uC9vc156wCxyDicZKhUocp2etLH1c/e4LzJpbiA11g9l6dfXgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGvogr5NMU6TFF3Ey6zc6+jEhwy1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYS1pQ3ZrMHhUcE1VWGNUTHJOenI2TVNIRExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbeAQQB
MA0GCSqGSIb3DQEBCwUAA4IBAQCMP2DmndDZgiofFbSchbMAUiiMEY5ptYEgoU2C
7f7ryDELDliNlIV2UyFVpvfQzTW1LT5CN/G+vNn6umWME//Er8XOot3nNbpY2Zr9
NTHy7/XzJKAfPmb/p3zx6+H1aY8rVPaK9cZZheDy69yxW1UvkrZoqZoUiRZPQP2b
9oOz6G6xjahTq3TERR2cTy2EVOvR2RdwywGkcIz+rX3HYnTEBaOgrCWdx9DL8HyU
NAL21twwdL3R8/5bCYyEHRwrfkfsmS3KNZOcSq6UduU3c9eyLQqibSEsGb8U9hrc
6iIfbn3Xq3+k/LVp4HEPn2W9pjCH0ZfRBUZN/NFci93v7Yhw
-----END CERTIFICATE-----
Generated at Sat Jan 20 06:05:00 2024 by rpki-client on console-fra.rpki-client.org