Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eHvSgUtXPMM94ztbqTSz-AReIVI.roa
File: eHvSgUtXPMM94ztbqTSz-AReIVI.roa (raw, json)
Hash identifier: uxFjD4V/eoVR9WUj6k2+Ue86/ohUbkSUR1i/LcgEFIc=
Subject key identifier: 78:7B:D2:81:4B:57:3C:C3:3D:E3:3B:5B:A9:34:B3:F8:04:5E:21:52
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189569A858D368646B592920F1E192C9DB2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eHvSgUtXPMM94ztbqTSz-AReIVI.roa
Signing time: Fri 14 Jul 2023 22:51:54 +0000
ROA not before: Fri 14 Jul 2023 22:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210537
IP address blocks: 2a0e:97c0:600::/44 maxlen: 48
2a0e:b107:17c0::/44 maxlen: 48
2a10:cc46:100::/48 maxlen: 48
2a10:cc46:102::/48 maxlen: 48
2a10:cc46:101::/48 maxlen: 48
2a10:cc46:104::/48 maxlen: 48
2a10:cc46:103::/48 maxlen: 48
2a10:cc46:106::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Aug 2023 22:51:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:56:9a:85:8d:36:86:46:b5:92:92:0f:1e:19:2c:9d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 14 22:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=787bd2814b573cc33de33b5ba934b3f8045e2152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:02:22:4c:7d:56:55:43:e0:24:85:f6:a8:
1f:bf:23:1f:47:6d:5f:61:b5:c0:51:5a:f3:95:09:
2b:69:7d:9f:8b:76:3d:7e:4b:09:a4:a9:32:1f:c1:
86:af:cf:9d:63:3f:fd:50:fd:d5:84:31:20:73:ff:
88:5a:10:10:01:26:fe:99:26:2b:ce:42:8a:7a:58:
ac:6e:ee:a3:71:c5:8e:d0:b9:8d:d3:98:0a:32:cc:
ff:9b:e5:e1:50:4b:ba:84:c1:cb:a0:46:9f:72:19:
07:4f:fa:bb:2c:2f:cc:b5:54:84:60:7b:93:1b:b5:
7e:ab:57:61:27:8f:51:45:5c:33:20:b8:c0:0c:5b:
7b:2a:ea:d4:56:74:b5:d7:57:33:94:ff:f3:c0:70:
33:16:14:80:3c:31:f8:c4:b6:e8:e5:b0:85:33:07:
0c:b5:14:ba:a0:21:ca:f0:78:db:bb:02:db:3b:03:
ad:0e:da:10:6a:15:e1:42:d3:db:b5:14:a1:d9:3a:
6e:01:1a:67:e0:01:50:35:6f:19:4d:ad:52:b7:f9:
60:03:f9:77:5c:d6:c5:eb:2f:32:ac:ac:35:25:b3:
d1:6e:3f:85:ba:13:92:ea:7d:1d:79:42:8e:47:bc:
00:6c:7b:3b:c1:0f:b2:96:e4:57:47:ed:6a:e5:85:
fb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7B:D2:81:4B:57:3C:C3:3D:E3:3B:5B:A9:34:B3:F8:04:5E:21:52
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eHvSgUtXPMM94ztbqTSz-AReIVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:600::/44
2a0e:b107:17c0::/44
2a10:cc46:100::-2a10:cc46:104:ffff:ffff:ffff:ffff:ffff
2a10:cc46:106::/48
Signature Algorithm: sha256WithRSAEncryption
7d:e1:fb:4c:a3:3a:e6:28:49:76:15:77:2c:52:f5:d6:3e:b9:
6c:c3:5f:56:bc:97:9e:63:9b:29:7e:b9:bf:8c:06:4b:a0:78:
1f:97:4e:8f:93:e4:c2:80:e6:7d:8e:d6:ba:29:89:c1:2f:7d:
e9:13:47:d6:ab:e8:44:98:bc:be:29:5a:42:e6:b6:ed:78:c9:
77:fc:74:d8:82:d6:0e:8a:c5:13:cc:ac:a5:3c:78:86:d4:3d:
a8:e1:85:58:05:09:e8:0e:19:4b:43:f0:86:f6:bb:1c:99:a1:
f3:a6:0d:b3:3e:ea:ae:86:db:10:fd:6f:61:2b:95:d9:f4:5a:
90:42:ab:9a:a0:a8:cd:3a:17:68:e7:8d:63:1d:07:e3:63:cb:
ef:bd:a3:3f:89:8d:c6:c8:1f:08:01:37:72:37:6e:73:b9:c8:
1c:76:02:06:0f:ae:13:83:f4:b0:c6:82:fe:54:8b:7d:fc:92:
40:9e:e4:26:08:61:b4:74:6e:1f:6a:a7:e9:d7:46:65:3a:c9:
0e:5a:78:c4:c6:d2:74:45:96:90:ad:bc:9a:31:5e:89:0e:3f:
17:e1:d9:de:c8:5d:64:7e:6d:ea:e8:0f:0a:9b:13:4a:78:71:
0a:34:14:e4:59:24:3b:ba:38:a4:24:79:59:33:42:9d:d2:fa:
a5:0e:e9:9f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYlWmoWNNoZGtZKSDx4ZLJ2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzE0MjI1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODdiZDI4MTRiNTczY2MzM2RlMzNiNWJhOTM0YjNmODA0NWUyMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJwCIkx9VlVD4CSF9qgfvyMfR21f
YbXAUVrzlQkraX2fi3Y9fksJpKkyH8GGr8+dYz/9UP3VhDEgc/+IWhAQASb+mSYr
zkKKelisbu6jccWO0LmN05gKMsz/m+XhUEu6hMHLoEafchkHT/q7LC/MtVSEYHuT
G7V+q1dhJ49RRVwzILjADFt7KurUVnS111czlP/zwHAzFhSAPDH4xLbo5bCFMwcM
tRS6oCHK8HjbuwLbOwOtDtoQahXhQtPbtRSh2TpuARpn4AFQNW8ZTa1St/lgA/l3
XNbF6y8yrKw1JbPRbj+FuhOS6n0deUKOR7wAbHs7wQ+yluRXR+1q5YX7BQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHh70oFLVzzDPeM7W6k0s/gEXiFSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZUh2U2dVdFhQTU05NHp0YnFUU3otQVJlSVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcEKg6XwAYA
AwcEKg6xBxfAMBEDBgAqEMxGAQMHACoQzEYBBAMHACoQzEYBBjANBgkqhkiG9w0B
AQsFAAOCAQEAfeH7TKM65ihJdhV3LFL11j65bMNfVryXnmObKX65v4wGS6B4H5dO
j5PkwoDmfY7WuimJwS996RNH1qvoRJi8vilaQua27XjJd/x02ILWDorFE8yspTx4
htQ9qOGFWAUJ6A4ZS0Pwhva7HJmh86YNsz7qrobbEP1vYSuV2fRakEKrmqCozToX
aOeNYx0H42PL772jP4mNxsgfCAE3cjduc7nIHHYCBg+uE4P0sMaC/lSLffySQJ7k
JghhtHRuH2qn6ddGZTrJDlp4xMbSdEWWkK28mjFeiQ4/F+HZ3shdZH5t6ugPCpsT
SnhxCjQU5FkkO7o4pCR5WTNCndL6pQ7pnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:08 2024 by rpki-client on console-ams.rpki-client.org