Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bpdu1oDc0oKVClhrK0kZl6P40dE.roa
File: bpdu1oDc0oKVClhrK0kZl6P40dE.roa (raw, json)
Hash identifier: rBcDaZS0TWDK2BDxEizV2DrT5PtS8fPNs2oISdDfaDU=
Subject key identifier: 6E:97:6E:D6:80:DC:D2:82:95:0A:58:6B:2B:49:19:97:A3:F8:D1:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018851BE98B964C72A3CDFAEA9115BC3355C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bpdu1oDc0oKVClhrK0kZl6P40dE.roa
Signing time: Thu 25 May 2023 07:10:25 +0000
ROA not before: Thu 25 May 2023 07:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:ccc7:9000::/40 maxlen: 48
2a10:ccc7:9200::/40 maxlen: 48
2a10:ccc7:9300::/40 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a06:de01:800::/38 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Jun 2023 09:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:51:be:98:b9:64:c7:2a:3c:df:ae:a9:11:5b:c3:35:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 25 07:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e976ed680dcd282950a586b2b491997a3f8d1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0e:22:67:de:0d:0d:e8:73:54:c3:ec:1e:8f:
66:7c:03:36:9d:3c:aa:86:3b:b9:db:13:67:86:01:
75:ab:71:23:0d:38:f6:31:f3:73:4c:d2:23:52:68:
95:cb:fd:46:11:21:e9:50:6d:32:ef:53:9b:c7:36:
91:07:1c:f6:0d:71:82:39:3b:8b:9d:f4:db:6b:aa:
03:13:7d:63:72:4f:3d:05:91:4e:f7:1d:ba:6f:95:
2e:00:9a:be:09:00:2f:0d:83:c9:9a:24:31:b9:09:
7a:28:9b:df:5d:af:63:8a:13:fe:f9:64:19:91:28:
da:28:0f:31:2f:25:f1:90:e4:b3:fe:9a:ca:d4:6c:
59:83:69:c7:b6:be:07:6d:33:c0:58:c9:ba:44:76:
b7:87:39:13:43:66:cb:8e:93:a6:47:10:59:91:1c:
ae:55:63:eb:e1:45:0b:fc:f5:64:38:45:8e:63:bd:
f6:1a:bd:ff:df:44:8f:e0:69:d1:ea:3e:ef:da:d3:
72:e5:67:cb:fe:df:aa:43:57:ec:09:5c:08:43:65:
61:13:66:d0:be:de:af:b1:11:ba:21:46:71:b1:bf:
2f:cf:ae:0e:95:5f:38:85:54:ca:11:e8:bd:32:7d:
43:15:18:1a:e2:a6:44:fd:0c:42:4b:ca:79:6b:cf:
41:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:97:6E:D6:80:DC:D2:82:95:0A:58:6B:2B:49:19:97:A3:F8:D1:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bpdu1oDc0oKVClhrK0kZl6P40dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:800::/38
2a0e:97c6:4000::/34
2a10:ccc7:9000::/40
2a10:ccc7:9200::/39
Signature Algorithm: sha256WithRSAEncryption
72:23:8e:72:5e:0a:a2:bd:cc:9c:17:11:40:b1:9c:c3:8f:48:
a4:7a:d2:94:ae:81:de:91:c5:72:cf:d2:9d:be:bf:c9:37:7a:
90:b5:c4:e6:1e:57:50:1d:1d:0e:89:18:95:b6:2d:02:c7:ae:
e6:0b:3d:5a:0f:40:76:e1:28:c2:23:db:2b:e1:21:86:fd:d8:
19:12:38:d8:ee:8d:b3:4a:42:c9:e4:bc:ab:17:c7:5c:c6:dd:
b2:ad:cb:31:9b:cb:7d:90:70:b0:46:44:49:22:72:4b:cd:99:
76:30:7b:35:c4:74:6c:be:91:fd:01:c9:f0:fe:34:4e:e1:7b:
9b:88:d8:9e:c2:54:a2:91:ae:c5:65:d6:a5:26:8f:a8:db:68:
b3:4a:6f:3c:70:b0:e5:d7:d7:b6:ef:4a:30:da:6e:50:33:c2:
bb:e3:26:4b:31:5a:b4:52:5d:d9:92:a0:c2:31:d0:76:27:49:
5c:50:5d:34:d1:b5:b2:9a:27:4a:aa:87:b6:f6:01:af:b9:a5:
aa:62:d0:c9:8b:b7:d7:4b:33:07:4b:2a:ae:ac:51:e1:17:0d:
dd:ad:f6:cb:67:37:12:f5:41:89:d5:77:78:f7:74:a5:ee:52:
39:7c:13:e8:f2:99:bc:8f:fa:b9:df:f7:3f:e1:0b:d6:22:a0:
13:6d:0e:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYhRvpi5ZMcqPN+uqRFbwzVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTI1MDcxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk3NmVkNjgwZGNkMjgyOTUwYTU4NmIyYjQ5MTk5N2EzZjhkMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+g4iZ94NDehzVMPsHo9mfAM2nTyq
hju52xNnhgF1q3EjDTj2MfNzTNIjUmiVy/1GESHpUG0y71ObxzaRBxz2DXGCOTuL
nfTba6oDE31jck89BZFO9x26b5UuAJq+CQAvDYPJmiQxuQl6KJvfXa9jihP++WQZ
kSjaKA8xLyXxkOSz/prK1GxZg2nHtr4HbTPAWMm6RHa3hzkTQ2bLjpOmRxBZkRyu
VWPr4UUL/PVkOEWOY732Gr3/30SP4GnR6j7v2tNy5WfL/t+qQ1fsCVwIQ2VhE2bQ
vt6vsRG6IUZxsb8vz64OlV84hVTKEei9Mn1DFRga4qZE/QxCS8p5a89BrwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG6XbtaA3NKClQpYaytJGZej+NHRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYnBkdTFvRGMwb0tWQ2xockswa1psNlA0MGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwYCKgbeAQgD
BgYqDpfGQAMGACoQzMeQAwYBKhDMx5IwDQYJKoZIhvcNAQELBQADggEBAHIjjnJe
CqK9zJwXEUCxnMOPSKR60pSugd6RxXLP0p2+v8k3epC1xOYeV1AdHQ6JGJW2LQLH
ruYLPVoPQHbhKMIj2yvhIYb92BkSONjujbNKQsnkvKsXx1zG3bKtyzGby32QcLBG
REkickvNmXYwezXEdGy+kf0ByfD+NE7he5uI2J7CVKKRrsVl1qUmj6jbaLNKbzxw
sOXX17bvSjDablAzwrvjJksxWrRSXdmSoMIx0HYnSVxQXTTRtbKaJ0qqh7b2Aa+5
papi0MmLt9dLMwdLKq6sUeEXDd2t9stnNxL1QYnVd3j3dKXuUjl8E+jymbyP+rnf
9z/hC9YioBNtDgk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:34 2024 by rpki-client on console-fra.rpki-client.org