Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa
File: c1lkfjqbxpcGCRtiFTthNRA9lqA.roa (raw, json)
Hash identifier: ntsS7I5v8b1Sa6otOv4zeW01FpABKmxoi4R3tOsvO0w=
Subject key identifier: 73:59:64:7E:3A:9B:C6:97:06:09:1B:62:15:3B:61:35:10:3D:96:A0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018ED933FEA2197E6D3395CA4E493C40B82F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa
Signing time: Sat 13 Apr 2024 20:44:07 +0000
ROA not before: Sat 13 Apr 2024 20:44:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215108
IP address blocks: 2a06:de01:120::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Apr 2024 09:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d9:33:fe:a2:19:7e:6d:33:95:ca:4e:49:3c:40:b8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 13 20:44:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7359647e3a9bc69706091b62153b6135103d96a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d2:89:c7:4f:34:0c:ac:80:11:e9:64:21:d3:
ba:3d:66:a4:b7:de:92:88:11:b1:69:18:0d:89:e4:
ac:ea:2d:45:bc:64:f3:23:09:bf:02:04:02:ae:db:
74:4b:75:1d:37:f5:be:85:80:c7:33:45:45:15:ff:
9c:85:6f:21:f6:ed:d0:c9:2c:f3:41:fb:51:e9:4f:
f0:a6:55:c4:0a:2e:62:aa:01:44:d6:bb:b3:d4:9b:
64:c7:2a:78:b8:eb:b2:81:08:97:12:3a:9f:39:3b:
52:7f:20:6f:b9:cb:01:82:b9:54:45:e0:92:7e:3c:
e8:af:00:8d:a5:7d:8f:68:ff:4d:d3:e5:16:43:08:
18:0b:d9:57:ef:15:0e:80:b3:32:99:d8:29:da:75:
31:3c:55:c9:44:a8:a7:b7:ae:4c:ed:f1:0f:5e:8c:
00:f8:8b:7f:b1:04:e9:35:ce:4a:12:9c:6b:1c:92:
0e:67:ea:d4:84:a8:5f:be:85:b9:e5:25:9e:b2:5f:
e5:4a:5a:02:f2:92:0b:0d:25:ef:20:d6:cd:87:ca:
0f:1c:28:9d:d5:2b:20:49:f5:73:a7:c7:eb:8f:dd:
0b:f1:de:60:02:92:88:32:17:85:69:9a:9a:89:a4:
45:01:c2:38:43:9b:e9:4b:df:35:c0:93:ca:35:71:
84:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:59:64:7E:3A:9B:C6:97:06:09:1B:62:15:3B:61:35:10:3D:96:A0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/c1lkfjqbxpcGCRtiFTthNRA9lqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:120::/44
Signature Algorithm: sha256WithRSAEncryption
4b:b0:31:97:ca:0d:86:64:86:2a:d9:3c:0c:8c:93:35:a7:3d:
86:25:1d:f4:4f:3f:28:9b:2b:a8:38:20:7f:08:56:1a:43:aa:
48:ea:d8:67:c0:15:3d:c4:f5:c3:77:e0:77:70:d6:c3:1a:f1:
2f:49:59:03:f9:4b:26:87:80:57:37:52:ca:a1:c8:0e:3f:14:
24:1c:63:3b:30:ab:98:a7:f8:37:23:87:ce:d1:7a:5b:f0:1e:
31:8c:37:f3:a1:d4:d4:f4:d0:df:de:ab:8d:2f:97:c8:8f:9c:
3f:ef:c5:8d:fa:24:61:48:8c:e9:1b:6e:05:e4:52:43:18:01:
bd:dc:7e:06:dd:d6:7c:9e:f8:f6:09:68:15:68:bd:39:4c:58:
f4:63:2f:81:9b:a4:01:92:2d:2c:54:6f:66:44:cc:36:aa:64:
04:2e:b1:c4:02:06:e3:de:e4:cc:92:b4:c8:8a:c2:af:ca:ab:
6d:bd:99:8f:37:03:e9:8d:d1:80:75:6c:15:d0:19:7c:04:e8:
f5:de:21:9d:a3:6b:79:a8:e6:03:0f:25:f6:2c:6c:28:38:dc:
1c:d8:91:a6:6b:2c:e7:51:12:5a:e5:37:98:2f:d9:8b:a8:69:
20:2a:27:cd:5e:42:ac:83:d2:83:c2:79:1f:8f:b1:e3:3d:53:
0a:95:16:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7ZM/6iGX5tM5XKTkk8QLgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDEzMjA0NDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU5NjQ3ZTNhOWJjNjk3MDYwOTFiNjIxNTNiNjEzNTEwM2Q5NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNKJx080DKyAEelkIdO6PWakt96S
iBGxaRgNieSs6i1FvGTzIwm/AgQCrtt0S3UdN/W+hYDHM0VFFf+chW8h9u3QySzz
QftR6U/wplXECi5iqgFE1ruz1Jtkxyp4uOuygQiXEjqfOTtSfyBvucsBgrlUReCS
fjzorwCNpX2PaP9N0+UWQwgYC9lX7xUOgLMymdgp2nUxPFXJRKint65M7fEPXowA
+It/sQTpNc5KEpxrHJIOZ+rUhKhfvoW55SWesl/lSloC8pILDSXvINbNh8oPHCid
1SsgSfVzp8frj90L8d5gApKIMheFaZqaiaRFAcI4Q5vpS981wJPKNXGEuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHNZZH46m8aXBgkbYhU7YTUQPZagMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYzFsa2ZqcWJ4cGNHQ1J0aUZUdGhOUkE5bHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBLsDGXyg2GZIYq2TwMjJM1pz2GJR30Tz8omyuo
OCB/CFYaQ6pI6thnwBU9xPXDd+B3cNbDGvEvSVkD+Usmh4BXN1LKocgOPxQkHGM7
MKuYp/g3I4fO0Xpb8B4xjDfzodTU9NDf3quNL5fIj5w/78WN+iRhSIzpG24F5FJD
GAG93H4G3dZ8nvj2CWgVaL05TFj0Yy+Bm6QBki0sVG9mRMw2qmQELrHEAgbj3uTM
krTIisKvyqttvZmPNwPpjdGAdWwV0Bl8BOj13iGdo2t5qOYDDyX2LGwoONwc2JGm
ayznURJa5TeYL9mLqGkgKifNXkKsg9KDwnkfj7HjPVMKlRbq
-----END CERTIFICATE-----
Generated at Sun Apr 14 13:03:53 2024 by rpki-client on console-ams.rpki-client.org