Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/addR0eZzVKt_jSdc4gjGniuFtLc.roa
File: addR0eZzVKt_jSdc4gjGniuFtLc.roa (raw, json)
Hash identifier: 8u41v+89WfRxiIhMKlDlXtFNJJyK+zXo31SakKPtb0c=
Subject key identifier: 69:D7:51:D1:E6:73:54:AB:7F:8D:27:5C:E2:08:C6:9E:2B:85:B4:B7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD2645969C53485B779C917C2D7FD5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/addR0eZzVKt_jSdc4gjGniuFtLc.roa
Signing time: Tue 02 Jan 2024 10:34:25 +0000
ROA not before: Tue 02 Jan 2024 10:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210617
IP address blocks: 2a0e:97c0:5a0::/48 maxlen: 48
2a0e:97c0:5a1::/48 maxlen: 48
2a0e:97c0:5af::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 22:52:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:26:45:96:9c:53:48:5b:77:9c:91:7c:2d:7f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69d751d1e67354ab7f8d275ce208c69e2b85b4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:b6:f9:4b:33:4f:ec:32:b0:3c:1f:6c:77:
1f:46:bb:4e:dd:6b:f6:b7:f9:f2:a6:dd:5e:7b:31:
d7:b2:68:90:68:1a:38:87:26:84:43:b8:60:d1:28:
7a:60:16:d9:af:28:92:03:68:5c:6d:ee:6b:db:2e:
39:32:10:4c:93:b5:4e:d4:3d:17:e9:7d:d8:74:d3:
8c:21:13:ac:cd:07:b3:0a:0f:c1:49:94:88:5f:29:
76:db:be:a2:fd:12:23:a9:8d:49:78:82:c0:89:d1:
90:71:6d:08:b8:39:94:2a:3f:b6:cb:15:e6:3e:bf:
d2:e5:30:dc:d4:f7:0f:fa:df:37:10:6f:d2:aa:72:
d9:a6:09:e0:46:2f:63:89:27:c3:49:d8:67:f2:56:
2a:ef:59:ce:6a:72:35:a2:c2:a9:2e:b0:59:2b:6c:
90:db:81:26:5c:9e:51:88:7b:d2:74:7d:dd:27:d5:
21:f1:0c:3f:ca:d0:e2:63:b4:95:15:ce:1f:c0:d7:
72:b9:bd:a8:f0:87:0c:ed:71:13:f1:29:e4:9b:2c:
06:26:c6:75:1d:17:2b:0b:71:1b:e1:ba:a7:84:d9:
95:25:92:d4:51:fe:85:2c:1c:67:aa:7a:c9:96:da:
9e:ac:1e:98:ac:ec:32:33:db:2f:96:a8:7e:9c:2c:
6e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D7:51:D1:E6:73:54:AB:7F:8D:27:5C:E2:08:C6:9E:2B:85:B4:B7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/addR0eZzVKt_jSdc4gjGniuFtLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5a0::/47
2a0e:97c0:5af::/48
Signature Algorithm: sha256WithRSAEncryption
37:79:b5:1a:cd:64:d6:2e:4c:f7:dc:29:92:37:2c:f5:91:d4:
53:cc:5b:eb:a3:20:10:3a:71:69:1a:2e:3e:b6:3a:49:7b:2f:
18:4f:67:f7:9c:44:17:25:4c:bf:15:ed:fb:1e:77:d5:9c:7a:
80:98:d0:a0:e0:dc:8d:10:59:be:42:74:65:3c:59:ed:c5:31:
b1:58:b4:11:b4:ed:cd:06:ee:88:6e:34:65:05:d4:3e:e3:a3:
4f:e9:b5:b7:3a:2f:ed:6d:f6:b4:e3:00:2f:b1:0c:67:af:0d:
ce:ad:77:12:69:8e:79:86:45:e9:03:da:25:14:d0:d4:14:20:
70:db:10:21:d3:64:ad:39:06:43:50:81:5a:88:b1:2f:2c:61:
79:7a:e2:2e:cb:08:73:85:56:77:6e:9d:f8:59:6d:8b:20:51:
30:0e:53:9f:fe:e3:c2:55:1e:19:68:bf:d7:6a:ae:12:47:f1:
00:ed:be:f2:a9:27:28:a4:8f:c3:53:8c:43:ce:d9:d1:bb:53:
72:d9:58:fe:82:bb:3a:07:67:3e:a5:20:88:e2:ab:e5:de:e0:
01:15:d4:f3:a8:62:9b:86:39:c5:04:b7:67:bd:55:8b:f9:e0:
25:96:07:b0:d1:4f:b9:a1:a6:16:7c:07:f4:8f:a5:8b:e3:59:
d4:41:6c:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvSZFlpxTSFt3nJF8LX/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQ3NTFkMWU2NzM1NGFiN2Y4ZDI3NWNlMjA4YzY5ZTJiODViNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/i2+UszT+wysDwfbHcfRrtO3Wv2
t/nypt1eezHXsmiQaBo4hyaEQ7hg0Sh6YBbZryiSA2hcbe5r2y45MhBMk7VO1D0X
6X3YdNOMIROszQezCg/BSZSIXyl2276i/RIjqY1JeILAidGQcW0IuDmUKj+2yxXm
Pr/S5TDc1PcP+t83EG/SqnLZpgngRi9jiSfDSdhn8lYq71nOanI1osKpLrBZK2yQ
24EmXJ5RiHvSdH3dJ9Uh8Qw/ytDiY7SVFc4fwNdyub2o8IcM7XET8SnkmywGJsZ1
HRcrC3Eb4bqnhNmVJZLUUf6FLBxnqnrJltqerB6YrOwyM9svlqh+nCxu4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGnXUdHmc1Srf40nXOIIxp4rhbS3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYWRkUjBlWnpWS3RfalNkYzRnakduaXVGdExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAWg
AwcAKg6XwAWvMA0GCSqGSIb3DQEBCwUAA4IBAQA3ebUazWTWLkz33CmSNyz1kdRT
zFvroyAQOnFpGi4+tjpJey8YT2f3nEQXJUy/Fe37HnfVnHqAmNCg4NyNEFm+QnRl
PFntxTGxWLQRtO3NBu6IbjRlBdQ+46NP6bW3Oi/tbfa04wAvsQxnrw3OrXcSaY55
hkXpA9olFNDUFCBw2xAh02StOQZDUIFaiLEvLGF5euIuywhzhVZ3bp34WW2LIFEw
DlOf/uPCVR4ZaL/Xaq4SR/EA7b7yqScopI/DU4xDztnRu1Ny2Vj+grs6B2c+pSCI
4qvl3uABFdTzqGKbhjnFBLdnvVWL+eAllgew0U+5oaYWfAf0j6WL41nUQWyl
-----END CERTIFICATE-----
Generated at Thu Jan 11 03:40:43 2024 by rpki-client on console-fra.rpki-client.org