Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aH9IluF7UCZPh1H-4aNZzqCM1ME.roa
File: aH9IluF7UCZPh1H-4aNZzqCM1ME.roa (raw, json)
Hash identifier: vDqAuye7vLr0qdOqlqFnWw4DA5pqkYc+6OnF9Zsz5/A=
Subject key identifier: 68:7F:48:96:E1:7B:50:26:4F:87:51:FE:E1:A3:59:CE:A0:8C:D4:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D23DFE61F67932ECA93C34A54E99EA29C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aH9IluF7UCZPh1H-4aNZzqCM1ME.roa
Signing time: Fri 19 Jan 2024 22:38:12 +0000
ROA not before: Fri 19 Jan 2024 22:38:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211738
IP address blocks: 2a0e:b107:fd0::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Feb 2024 11:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:df:e6:1f:67:93:2e:ca:93:c3:4a:54:e9:9e:a2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 19 22:38:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687f4896e17b50264f8751fee1a359cea08cd4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:74:03:d7:2f:7d:79:83:5e:90:70:11:06:
89:f8:dc:2c:77:2e:50:cc:66:7f:9f:45:80:5d:4a:
2f:31:0f:de:96:f5:91:39:1f:1a:67:c5:66:ae:c9:
1f:4b:86:9b:13:df:99:e3:f5:01:ef:90:29:8f:f6:
da:28:61:6a:56:eb:03:c7:7a:9e:1f:9a:ae:89:d9:
18:af:ca:fe:34:64:a3:08:3b:13:64:4a:56:1c:e6:
8e:62:81:46:3b:4f:e8:04:7d:10:34:82:97:2b:ff:
f3:d6:bb:c0:31:ad:f5:12:07:03:1f:08:c8:01:32:
8e:94:fa:96:e6:ed:64:e0:e1:19:50:2c:1f:d9:4f:
46:d5:82:8a:2b:04:ae:31:dd:f6:07:f0:db:e2:d1:
8d:96:70:3b:2a:f1:65:10:a4:c9:cd:a5:d2:ae:3c:
2d:83:b2:d2:b8:17:8a:41:2f:93:84:c6:e9:eb:96:
86:82:7e:42:b3:d3:eb:d1:16:09:90:eb:e0:b2:cd:
92:04:cf:df:7c:d5:7a:2c:98:12:51:f3:e0:85:b2:
d1:4b:73:29:18:7c:f2:0f:35:d5:7a:c4:d7:02:3e:
d3:74:54:09:54:84:c2:5d:e8:d9:2f:f6:1f:27:ee:
a1:c0:76:3a:c7:84:95:17:c4:3c:db:4f:0f:90:16:
9c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:48:96:E1:7B:50:26:4F:87:51:FE:E1:A3:59:CE:A0:8C:D4:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aH9IluF7UCZPh1H-4aNZzqCM1ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:fd0::/44
Signature Algorithm: sha256WithRSAEncryption
87:90:58:d6:0d:62:0a:91:78:72:a0:6b:63:db:f4:8c:f3:b4:
92:90:fb:b9:3c:1f:39:ef:79:95:1c:7d:36:7b:20:31:4d:02:
8a:02:55:5f:b6:15:cd:45:c9:59:ff:65:d4:4d:a8:10:06:2c:
3e:fe:92:d3:fd:1f:06:95:3d:94:c3:19:0d:ea:ea:aa:93:67:
0f:01:aa:0e:63:82:79:48:b0:19:db:06:f4:b2:11:37:a3:8a:
6b:d3:37:a4:a6:d7:e0:20:ad:5b:0c:45:90:24:e3:e9:c8:75:
f0:a6:ed:aa:1d:a6:39:e2:fc:a6:79:b9:6a:c6:99:22:3b:27:
fa:fc:5d:5f:34:22:d0:5d:ab:40:81:75:fa:45:13:85:8b:ea:
a2:0a:be:08:c4:29:1d:c8:4d:13:3f:0c:4c:b0:27:f7:29:d1:
a1:ea:62:dc:24:b1:a5:c9:73:48:99:2d:cf:c2:bc:be:09:1d:
c4:74:d4:b7:2d:d6:24:79:81:25:8d:be:71:1a:71:4c:14:8e:
42:41:62:da:45:77:85:5d:81:f1:57:9a:f2:ec:07:e9:87:e3:
e9:ad:af:2a:d7:69:87:9a:94:ae:af:15:77:a9:f9:50:ff:18:
e2:3f:09:8a:31:4b:a1:63:60:1b:91:fe:42:cf:3d:f0:99:d3:
5a:7d:27:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0j3+YfZ5MuypPDSlTpnqKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE5MjIzODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdmNDg5NmUxN2I1MDI2NGY4NzUxZmVlMWEzNTljZWEwOGNkNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+F0A9cvfXmDXpBwEQaJ+Nwsdy5Q
zGZ/n0WAXUovMQ/elvWROR8aZ8VmrskfS4abE9+Z4/UB75Apj/baKGFqVusDx3qe
H5quidkYr8r+NGSjCDsTZEpWHOaOYoFGO0/oBH0QNIKXK//z1rvAMa31EgcDHwjI
ATKOlPqW5u1k4OEZUCwf2U9G1YKKKwSuMd32B/Db4tGNlnA7KvFlEKTJzaXSrjwt
g7LSuBeKQS+ThMbp65aGgn5Cs9Pr0RYJkOvgss2SBM/ffNV6LJgSUfPghbLRS3Mp
GHzyDzXVesTXAj7TdFQJVITCXejZL/YfJ+6hwHY6x4SVF8Q8208PkBacSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGh/SJbhe1AmT4dR/uGjWc6gjNTBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYUg5SWx1RjdVQ1pQaDFILTRhTlp6cUNNMU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw/Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCHkFjWDWIKkXhyoGtj2/SM87SSkPu5PB8573mV
HH02eyAxTQKKAlVfthXNRclZ/2XUTagQBiw+/pLT/R8GlT2UwxkN6uqqk2cPAaoO
Y4J5SLAZ2wb0shE3o4pr0zekptfgIK1bDEWQJOPpyHXwpu2qHaY54vymeblqxpki
Oyf6/F1fNCLQXatAgXX6RROFi+qiCr4IxCkdyE0TPwxMsCf3KdGh6mLcJLGlyXNI
mS3Pwry+CR3EdNS3LdYkeYEljb5xGnFMFI5CQWLaRXeFXYHxV5ry7Afph+Ppra8q
12mHmpSurxV3qflQ/xjiPwmKMUuhY2Abkf5Czz3wmdNafSdi
-----END CERTIFICATE-----
Generated at Fri Feb 16 15:29:05 2024 by rpki-client on console-ams.rpki-client.org