Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aWglXMLOEGUClY7mqF49euEB3WE.roa
File: aWglXMLOEGUClY7mqF49euEB3WE.roa (raw, json)
Hash identifier: VUFKIS5aZNP3AS1lf22ooII6IGwpEFJsTUZdJYcFSHY=
Subject key identifier: 69:68:25:5C:C2:CE:10:65:02:95:8E:E6:A8:5E:3D:7A:E1:01:DD:61
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AEF07F47DDA3FC188903CB2339590
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aWglXMLOEGUClY7mqF49euEB3WE.roa
Signing time: Tue 24 Jan 2023 16:09:48 +0000
ROA not before: Tue 24 Jan 2023 16:09:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210925
IP address blocks: 2a0e:b107:1182::/48 maxlen: 48
2a0e:b107:1183::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:ef:07:f4:7d:da:3f:c1:88:90:3c:b2:33:95:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6968255cc2ce106502958ee6a85e3d7ae101dd61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:1e:54:61:33:ee:0d:8d:e4:c9:6e:d4:73:
20:5e:63:39:e8:d1:f0:cc:89:16:c2:d3:82:27:ba:
b8:8f:63:f5:d3:4b:a1:2c:5a:9c:ff:27:53:d7:63:
f4:9b:7b:79:ca:2f:8b:93:83:12:f9:92:4b:d7:57:
7c:02:5e:b0:b3:b4:ab:cf:91:c9:88:af:b6:24:b8:
84:b0:12:7f:6e:c3:39:e7:9a:e2:14:a7:17:62:de:
c8:d0:c3:23:d0:1d:42:5c:6c:4f:93:d5:33:53:85:
7d:82:c6:57:49:1b:01:91:6a:33:37:1a:1b:4d:93:
54:7c:5b:cf:62:50:27:40:d0:f1:27:fc:55:66:ab:
b6:50:85:93:e3:ed:46:ab:b4:fe:81:34:40:11:8f:
ba:12:13:bd:54:40:72:f3:c4:5c:3c:c7:30:c0:65:
1a:87:59:dc:a1:da:2f:2f:fc:96:06:82:6d:7a:18:
29:98:3e:27:69:37:1a:87:7b:42:5f:f0:ac:1a:ac:
9c:e1:aa:3e:ae:83:55:2b:56:3b:97:82:7f:e1:d0:
07:c1:36:fb:3f:e5:7c:5d:37:df:17:aa:28:5e:31:
0f:1b:20:b9:b2:50:56:e2:a1:bf:01:d6:3e:9a:7e:
6d:ab:97:8b:c8:25:cc:43:db:be:25:d2:df:1a:36:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:68:25:5C:C2:CE:10:65:02:95:8E:E6:A8:5E:3D:7A:E1:01:DD:61
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aWglXMLOEGUClY7mqF49euEB3WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1182::/47
Signature Algorithm: sha256WithRSAEncryption
7e:c2:32:0a:93:3f:38:9a:b7:65:fe:af:5d:66:a7:3f:3c:2e:
60:f5:15:18:62:36:b2:d7:76:71:9b:16:92:2d:61:40:a3:2b:
ba:62:b5:b2:d1:d5:4c:98:77:15:23:1a:44:ec:67:72:4f:89:
3f:a4:a3:f4:0e:0c:fb:af:f0:86:c4:48:14:9b:bc:34:7b:cc:
6b:3e:5f:1e:50:fa:6d:4f:f7:69:0d:e6:5b:7a:cc:06:1d:92:
03:40:a3:2e:f8:58:a2:31:43:22:ea:32:c0:7a:e2:90:ad:d6:
72:83:00:3d:f9:9c:8e:98:de:c8:8a:c7:ec:a3:01:e3:e2:9e:
73:9a:73:dd:55:e6:04:9c:8f:36:77:cf:f6:ce:b7:18:e5:ef:
96:0b:9e:76:dd:04:5c:bf:4b:9a:53:92:94:08:e1:12:7c:1c:
a1:92:b4:43:10:9c:2c:df:1d:fb:39:d0:1e:61:37:6c:be:62:
7c:8b:3b:6b:d5:f0:ff:51:cc:cd:c4:16:45:5c:81:0e:2a:d0:
b9:bd:61:52:a8:b0:49:af:91:20:1a:93:3b:7a:62:3d:e0:41:
dc:73:6c:59:31:0b:48:ee:15:73:4d:35:32:c2:e3:10:5f:60:
94:0d:48:15:20:72:6f:a8:8b:12:4a:e0:a5:52:47:8f:16:cd:
f5:7a:3d:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiu8H9H3aP8GIkDyyM5WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY4MjU1Y2MyY2UxMDY1MDI5NThlZTZhODVlM2Q3YWUxMDFkZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6YeVGEz7g2N5Mlu1HMgXmM56NHw
zIkWwtOCJ7q4j2P100uhLFqc/ydT12P0m3t5yi+Lk4MS+ZJL11d8Al6ws7Srz5HJ
iK+2JLiEsBJ/bsM555riFKcXYt7I0MMj0B1CXGxPk9UzU4V9gsZXSRsBkWozNxob
TZNUfFvPYlAnQNDxJ/xVZqu2UIWT4+1Gq7T+gTRAEY+6EhO9VEBy88RcPMcwwGUa
h1ncodovL/yWBoJtehgpmD4naTcah3tCX/CsGqyc4ao+roNVK1Y7l4J/4dAHwTb7
P+V8XTffF6ooXjEPGyC5slBW4qG/AdY+mn5tq5eLyCXMQ9u+JdLfGjZ4HwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGloJVzCzhBlApWO5qhePXrhAd1hMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYVdnbFhNTE9FR1VDbFk3bXFGNDlldUVCM1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBxGC
MA0GCSqGSIb3DQEBCwUAA4IBAQB+wjIKkz84mrdl/q9dZqc/PC5g9RUYYjay13Zx
mxaSLWFAoyu6YrWy0dVMmHcVIxpE7GdyT4k/pKP0Dgz7r/CGxEgUm7w0e8xrPl8e
UPptT/dpDeZbeswGHZIDQKMu+FiiMUMi6jLAeuKQrdZygwA9+ZyOmN7IisfsowHj
4p5zmnPdVeYEnI82d8/2zrcY5e+WC5523QRcv0uaU5KUCOESfByhkrRDEJws3x37
OdAeYTdsvmJ8iztr1fD/UczNxBZFXIEOKtC5vWFSqLBJr5EgGpM7emI94EHcc2xZ
MQtI7hVzTTUywuMQX2CUDUgVIHJvqIsSSuClUkePFs31ej0w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org