Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa
File: asToFC21bWrPxI-z2oVpsMZ5MD4.roa (raw, json)
Hash identifier: O/NBAgE/wfM0uvkPvkf1gHLzsu9+0M3ALwS0xbtN4vo=
Subject key identifier: 6A:C4:E8:14:2D:B5:6D:6A:CF:C4:8F:B3:DA:85:69:B0:C6:79:30:3E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D96A33AA0AF5E36B9333D5FD044662595
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa
Signing time: Sun 11 Feb 2024 05:28:16 +0000
ROA not before: Sun 11 Feb 2024 05:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Feb 2024 19:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:96:a3:3a:a0:af:5e:36:b9:33:3d:5f:d0:44:66:25:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 11 05:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac4e8142db56d6acfc48fb3da8569b0c679303e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:04:1f:eb:16:25:ed:1d:1b:b7:c2:df:90:
ed:ad:8c:7c:6e:bf:97:8d:13:d1:48:a1:f2:65:5b:
54:be:8f:45:a0:5c:78:57:c8:93:f5:a4:45:8b:ea:
9a:9b:43:a2:76:f4:ca:85:aa:86:5c:09:05:79:08:
cc:8f:67:6e:2d:15:36:79:cc:cc:a3:65:77:c7:fd:
93:a8:10:f4:d3:a1:90:eb:9d:3d:b4:a9:9a:2e:c0:
de:99:31:f3:e2:78:44:ca:be:a3:00:d3:9a:3d:0f:
f1:b6:2a:35:9a:a2:0b:77:1f:50:3b:fc:eb:a7:18:
09:ff:1f:e0:c6:9e:32:d6:ff:d0:ff:4c:1b:46:74:
43:37:b9:96:58:bc:db:0f:c4:45:86:6e:95:6c:0a:
18:73:b2:15:92:92:7d:ae:ba:e7:9b:42:14:ac:da:
51:a9:46:dc:0d:a8:bf:95:72:fe:cc:4d:91:5e:64:
72:61:8a:6a:f4:ff:99:95:07:3a:97:e7:99:bb:65:
ed:2d:a9:11:27:0f:4a:c5:4d:37:36:96:48:6a:bc:
5e:be:ff:4a:8b:89:72:eb:20:0a:f7:7b:83:eb:c9:
cc:9e:c1:ae:e3:dc:da:bd:c2:c8:07:ee:06:0b:67:
1c:f3:76:0d:ef:57:45:e1:f6:60:56:11:a7:e8:63:
bb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C4:E8:14:2D:B5:6D:6A:CF:C4:8F:B3:DA:85:69:B0:C6:79:30:3E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/asToFC21bWrPxI-z2oVpsMZ5MD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:7a:3f:4c:92:7b:2f:97:b3:53:4d:ce:8f:bf:7d:1f:2c:e1:
44:5c:56:fa:7b:71:6f:60:75:05:54:15:54:1a:00:38:b0:78:
89:cc:9d:46:29:d6:a8:ca:6e:00:dd:ad:52:6e:50:66:9f:94:
86:3c:53:6e:b3:e8:34:94:1e:5d:99:d3:af:f4:e9:1b:8f:cd:
32:a6:90:49:5d:44:28:be:59:95:6d:d8:76:ef:fd:4c:23:6b:
6b:43:9b:ff:4c:1f:77:a7:b2:48:4f:69:49:90:86:ef:92:ce:
2d:fb:4b:9b:dd:3a:bf:a9:63:a1:6d:c8:4e:69:cb:24:6b:e2:
a4:bb:f6:e9:f4:f6:df:43:a4:9c:a5:40:92:3a:35:5f:29:eb:
ce:ac:d4:10:f2:2b:08:25:75:87:b9:d0:8b:64:5b:ec:32:90:
14:0a:0d:a7:8f:0a:27:dc:1a:4b:d5:02:4d:ae:f5:53:7d:6d:
4c:0f:e6:34:ae:55:93:c6:93:d9:92:1c:12:05:f4:be:87:fb:
79:89:a9:17:ca:91:75:43:8e:61:e0:24:4a:20:1d:b6:32:5c:
25:18:41:3a:5c:66:34:1d:95:b6:6d:fd:16:6c:fc:f1:21:d5:
ce:7d:34:5e:b1:bd:c5:07:d4:5e:65:de:3a:57:a8:7c:91:19:
e3:65:5e:88
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY2Wozqgr142uTM9X9BEZiWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjExMDUyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM0ZTgxNDJkYjU2ZDZhY2ZjNDhmYjNkYTg1NjliMGM2NzkzMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzIEH+sWJe0dG7fC35DtrYx8br+X
jRPRSKHyZVtUvo9FoFx4V8iT9aRFi+qam0OidvTKhaqGXAkFeQjMj2duLRU2eczM
o2V3x/2TqBD006GQ6509tKmaLsDemTHz4nhEyr6jANOaPQ/xtio1mqILdx9QO/zr
pxgJ/x/gxp4y1v/Q/0wbRnRDN7mWWLzbD8RFhm6VbAoYc7IVkpJ9rrrnm0IUrNpR
qUbcDai/lXL+zE2RXmRyYYpq9P+ZlQc6l+eZu2XtLakRJw9KxU03NpZIarxevv9K
i4ly6yAK93uD68nMnsGu49zavcLIB+4GC2cc83YN71dF4fZgVhGn6GO7MQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGrE6BQttW1qz8SPs9qFabDGeTA+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYXNUb0ZDMjFiV3JQeEktejJvVnBzTVo1TUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQwDQYJKoZIhvcN
AQELBQADggEBAAN6P0ySey+Xs1NNzo+/fR8s4URcVvp7cW9gdQVUFVQaADiweInM
nUYp1qjKbgDdrVJuUGaflIY8U26z6DSUHl2Z06/06RuPzTKmkEldRCi+WZVt2Hbv
/Uwja2tDm/9MH3enskhPaUmQhu+Szi37S5vdOr+pY6FtyE5pyyRr4qS79un09t9D
pJylQJI6NV8p686s1BDyKwgldYe50ItkW+wykBQKDaePCifcGkvVAk2u9VN9bUwP
5jSuVZPGk9mSHBIF9L6H+3mJqRfKkXVDjmHgJEogHbYyXCUYQTpcZjQdlbZt/RZs
/PEh1c59NF6xvcUH1F5l3jpXqHyRGeNlXog=
-----END CERTIFICATE-----
Generated at Thu Feb 15 21:13:57 2024 by rpki-client on console-fra.rpki-client.org