Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/apy6N8zevEfXY4h7zDfh8WbK_LY.roa
File: apy6N8zevEfXY4h7zDfh8WbK_LY.roa (raw, json)
Hash identifier: ShVNfr6Vde9hLbJI2BriCELNhQv2GU9A/eTu5c2guzI=
Subject key identifier: 6A:9C:BA:37:CC:DE:BC:47:D7:63:88:7B:CC:37:E1:F1:66:CA:FC:B6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A380DC192FB9FBC7CDA7603C03F465555
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/apy6N8zevEfXY4h7zDfh8WbK_LY.roa
Signing time: Sun 27 Aug 2023 17:32:20 +0000
ROA not before: Sun 27 Aug 2023 17:32:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205043
IP address blocks: 2a0e:97c0:b10::/44 maxlen: 48
2a10:cc44:1b0::/44 maxlen: 48
2a0e:97c7::/40 maxlen: 48
Validation: Failed, certificate revoked on Sun 24 Sep 2023 12:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:38:0d:c1:92:fb:9f:bc:7c:da:76:03:c0:3f:46:55:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 27 17:32:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a9cba37ccdebc47d763887bcc37e1f166cafcb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bf:56:08:1c:b8:c2:76:b4:67:5f:2e:ae:e0:
3d:5b:58:25:49:30:a7:04:fc:ee:c5:9b:79:b9:51:
5b:9f:aa:ff:74:33:16:04:c1:c6:93:78:c2:a2:85:
2b:e2:5f:51:43:ed:63:e8:36:0d:50:69:0e:44:c8:
0f:87:fc:ff:53:1b:fe:38:69:76:33:04:b3:8d:2f:
69:3b:52:50:20:e7:b2:b6:e9:34:05:ac:4f:fc:50:
55:7f:2e:66:1a:c9:2e:91:99:ca:f9:9a:4f:fa:6d:
4d:d8:27:fd:50:19:20:e2:da:a2:20:3b:e5:94:06:
81:42:b9:25:91:cd:bc:37:68:af:b4:e1:07:1d:42:
f0:be:3f:7e:ec:2d:91:16:0a:3d:f7:3d:1d:e0:57:
35:60:bb:77:0a:92:4b:fd:47:b7:b1:b8:1b:c7:94:
6c:f0:79:eb:59:14:e3:87:20:a2:06:3f:41:56:a5:
60:fb:c1:a9:75:29:16:09:3c:98:d3:f2:f4:40:26:
c4:b8:c0:25:cd:bf:dc:41:04:c0:4c:a8:d3:dd:8a:
16:2a:74:22:be:df:be:09:e7:0b:1a:86:75:8c:d2:
62:be:e6:89:ff:64:69:85:96:e8:3c:b9:0d:b4:b9:
ea:51:2d:55:09:5f:7f:77:88:2d:e9:9a:b0:9b:7d:
71:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9C:BA:37:CC:DE:BC:47:D7:63:88:7B:CC:37:E1:F1:66:CA:FC:B6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/apy6N8zevEfXY4h7zDfh8WbK_LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b10::/44
2a0e:97c7::/40
2a10:cc44:1b0::/44
Signature Algorithm: sha256WithRSAEncryption
0a:b6:98:bd:b9:0b:e2:64:2b:64:8c:3b:61:c2:bc:dc:ca:51:
3f:fb:65:62:48:77:ca:be:e3:af:74:ab:bc:e7:ba:4b:4d:8b:
a4:3f:91:c2:d1:c9:9d:82:75:b3:bd:ca:ca:7f:c0:b0:d2:c8:
e1:87:56:86:41:a5:73:24:db:bc:b9:41:06:54:4c:82:df:cc:
c8:6e:8c:98:0e:01:bd:4e:4b:e7:f2:16:8b:fb:d4:22:31:72:
b8:12:37:0e:ac:d9:20:68:09:9e:03:fb:73:20:5d:8b:c2:bd:
54:7a:51:19:45:d1:fc:16:ad:dd:65:0d:65:07:da:9d:77:2f:
12:4b:2c:b9:8b:95:2a:e2:93:42:b2:e5:98:de:72:1b:93:c2:
e0:24:8c:45:57:d6:e2:04:b2:16:12:60:d8:c1:49:ec:89:b1:
91:e1:11:3b:68:a8:fa:d0:36:3e:62:f4:fe:55:1e:bf:0d:7a:
d9:b3:29:8d:c7:9b:d0:6c:47:53:a1:31:92:41:07:05:a5:63:
3b:b9:38:98:3f:a6:03:a4:c6:1d:cc:49:ac:9d:c9:fa:4d:9d:
74:b4:cf:58:a5:0b:fb:6c:b6:d5:27:85:6d:84:d1:1c:47:ec:
b1:35:e2:4d:73:b4:c6:f3:b8:31:ac:48:8d:bf:fe:d3:10:a7:
97:79:3e:30
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYo4DcGS+5+8fNp2A8A/RlVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODI3MTczMjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTljYmEzN2NjZGViYzQ3ZDc2Mzg4N2JjYzM3ZTFmMTY2Y2FmY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb9WCBy4wna0Z18uruA9W1glSTCn
BPzuxZt5uVFbn6r/dDMWBMHGk3jCooUr4l9RQ+1j6DYNUGkORMgPh/z/Uxv+OGl2
MwSzjS9pO1JQIOeytuk0BaxP/FBVfy5mGskukZnK+ZpP+m1N2Cf9UBkg4tqiIDvl
lAaBQrklkc28N2ivtOEHHULwvj9+7C2RFgo99z0d4Fc1YLt3CpJL/Ue3sbgbx5Rs
8HnrWRTjhyCiBj9BVqVg+8GpdSkWCTyY0/L0QCbEuMAlzb/cQQTATKjT3YoWKnQi
vt++CecLGoZ1jNJivuaJ/2RphZboPLkNtLnqUS1VCV9/d4gt6Zqwm31xWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGqcujfM3rxH12OIe8w34fFmyvy2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYXB5Nk44emV2RWZYWTRoN3pEZmg4V2JLX0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKg6XwAsQ
AwYAKg6XxwADBwQqEMxEAbAwDQYJKoZIhvcNAQELBQADggEBAAq2mL25C+JkK2SM
O2HCvNzKUT/7ZWJId8q+4690q7znuktNi6Q/kcLRyZ2CdbO9ysp/wLDSyOGHVoZB
pXMk27y5QQZUTILfzMhujJgOAb1OS+fyFov71CIxcrgSNw6s2SBoCZ4D+3MgXYvC
vVR6URlF0fwWrd1lDWUH2p13LxJLLLmLlSrik0Ky5ZjechuTwuAkjEVX1uIEshYS
YNjBSeyJsZHhETtoqPrQNj5i9P5VHr8NetmzKY3Hm9BsR1OhMZJBBwWlYzu5OJg/
pgOkxh3MSaydyfpNnXS0z1ilC/tsttUnhW2E0RxH7LE14k1ztMbzuDGsSI2//tMQ
p5d5PjA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org