Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dhocKUZyh80f7C0O6N-FeMfxwiU.roa
File: dhocKUZyh80f7C0O6N-FeMfxwiU.roa (raw, json)
Hash identifier: tkw462esA9VlBX10DPQwTJdr6qxulz7sdjNrrgPhyrs=
Subject key identifier: 76:1A:1C:29:46:72:87:CD:1F:EC:2D:0E:E8:DF:85:78:C7:F1:C2:25
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CFAE0BE1F52370F267D1B1034AB901693
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dhocKUZyh80f7C0O6N-FeMfxwiU.roa
Signing time: Thu 11 Jan 2024 23:34:41 +0000
ROA not before: Thu 11 Jan 2024 23:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215751
IP address blocks: 2a10:cc40:cc42::/48 maxlen: 48
2a10:cc40:cc40::/48 maxlen: 48
2a10:cc40:cc46::/48 maxlen: 48
2a10:cc40:cc41::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jan 2024 21:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fa:e0:be:1f:52:37:0f:26:7d:1b:10:34:ab:90:16:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 11 23:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=761a1c29467287cd1fec2d0ee8df8578c7f1c225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0a:72:c2:b9:e5:cd:79:31:1f:54:a9:0e:93:
32:97:ad:d2:bc:b2:fc:0d:9a:82:29:db:a8:38:33:
a9:b1:c4:aa:45:84:5f:7b:2a:b5:40:1d:97:59:ad:
f5:41:1c:87:c7:30:48:f0:5f:9b:a0:d6:05:74:f6:
0f:8a:1f:81:4f:ec:fa:51:dc:2f:a1:09:89:87:b7:
ee:e1:73:91:5e:53:4b:76:11:de:6c:ce:cb:77:4a:
f2:e5:e1:d3:4e:9c:fc:ce:37:1a:42:e9:0f:77:11:
a4:99:89:89:62:11:22:f5:38:d1:1b:ea:54:ed:ef:
ef:61:ba:90:1c:d6:ed:88:be:ce:ca:9c:b7:24:10:
12:a2:c7:5f:cc:e1:54:cb:52:b5:15:a7:4d:ef:d0:
88:c9:ed:73:2f:2e:46:f2:47:f7:b1:5a:fc:36:19:
f0:0d:5d:80:50:a2:9c:7e:84:0c:38:d6:e8:ee:2b:
7e:6b:0a:f5:b0:4e:fb:00:92:60:12:d0:38:72:64:
17:17:28:e6:03:1a:82:5e:e1:51:10:30:e8:cf:02:
a8:26:61:b7:d5:9c:11:d4:af:7e:95:4b:de:11:75:
d6:41:fc:de:ea:aa:f4:ad:95:83:4b:ac:bb:b3:ff:
35:5c:b2:49:e6:b6:b5:a7:b4:f3:68:5c:76:ae:bd:
2d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1A:1C:29:46:72:87:CD:1F:EC:2D:0E:E8:DF:85:78:C7:F1:C2:25
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dhocKUZyh80f7C0O6N-FeMfxwiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:cc40::-2a10:cc40:cc42:ffff:ffff:ffff:ffff:ffff
2a10:cc40:cc46::/48
Signature Algorithm: sha256WithRSAEncryption
a0:f8:4d:0a:40:2b:01:ba:c6:d2:7c:df:0d:b2:f9:51:44:61:
de:a9:eb:f7:2b:5e:9a:3a:22:05:5b:c0:25:ea:07:57:9d:0f:
90:4c:2f:0b:02:39:b8:43:7f:e8:05:8c:f3:a5:43:b6:81:e3:
e1:59:82:df:8a:6f:82:b5:5a:22:51:2a:c2:e5:d5:3b:75:c0:
83:15:6f:50:e6:cd:28:e8:f5:9b:f6:b4:68:6b:fa:14:f1:b5:
c3:49:9b:0f:d6:fa:5f:a3:2c:64:cb:19:b4:d0:38:66:86:11:
23:6a:2c:22:0c:89:fd:ef:1e:2f:02:5f:68:ca:2d:d3:67:81:
c0:29:c2:d4:c7:c1:b8:a5:64:48:fd:2f:4f:df:1b:e6:40:82:
d6:2e:a9:f6:3d:4b:ef:ee:f9:0f:f2:4d:df:96:8d:61:f3:59:
4b:5e:19:4b:45:cd:21:78:f4:7d:d7:92:81:7c:9c:70:2b:84:
3e:49:51:52:5a:d9:d9:1c:ff:4c:14:2c:06:26:6c:36:66:53:
04:8e:79:1a:70:9e:cb:6a:53:e7:ab:ef:fc:7f:12:68:09:32:
16:bc:08:be:77:ed:b5:cd:b3:c5:04:8a:eb:b8:6b:74:fd:41:
17:db:87:3e:86:56:70:13:51:9a:ab:57:2a:ee:48:12:1f:50:
5d:44:b3:91
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYz64L4fUjcPJn0bEDSrkBaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTExMjMzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFhMWMyOTQ2NzI4N2NkMWZlYzJkMGVlOGRmODU3OGM3ZjFjMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgpywrnlzXkxH1SpDpMyl63SvLL8
DZqCKduoODOpscSqRYRfeyq1QB2XWa31QRyHxzBI8F+boNYFdPYPih+BT+z6Udwv
oQmJh7fu4XORXlNLdhHebM7Ld0ry5eHTTpz8zjcaQukPdxGkmYmJYhEi9TjRG+pU
7e/vYbqQHNbtiL7Oypy3JBASosdfzOFUy1K1FadN79CIye1zLy5G8kf3sVr8Nhnw
DV2AUKKcfoQMONbo7it+awr1sE77AJJgEtA4cmQXFyjmAxqCXuFREDDozwKoJmG3
1ZwR1K9+lUveEXXWQfze6qr0rZWDS6y7s/81XLJJ5ra1p7TzaFx2rr0taQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHYaHClGcofNH+wtDujfhXjH8cIlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZGhvY0tVWnloODBmN0MwTzZOLUZlTWZ4d2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwYqEMxA
zEADBwAqEMxAzEIDBwAqEMxAzEYwDQYJKoZIhvcNAQELBQADggEBAKD4TQpAKwG6
xtJ83w2y+VFEYd6p6/crXpo6IgVbwCXqB1edD5BMLwsCObhDf+gFjPOlQ7aB4+FZ
gt+Kb4K1WiJRKsLl1Tt1wIMVb1DmzSjo9Zv2tGhr+hTxtcNJmw/W+l+jLGTLGbTQ
OGaGESNqLCIMif3vHi8CX2jKLdNngcApwtTHwbilZEj9L0/fG+ZAgtYuqfY9S+/u
+Q/yTd+WjWHzWUteGUtFzSF49H3XkoF8nHArhD5JUVJa2dkc/0wULAYmbDZmUwSO
eRpwnstqU+er7/x/EmgJMha8CL537bXNs8UEiuu4a3T9QRfbhz6GVnATUZqrVyru
SBIfUF1Es5E=
-----END CERTIFICATE-----
Generated at Sun Jan 14 02:06:29 2024 by rpki-client on console-ams.rpki-client.org