Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ertMa5sSnK1GXumXPSjVBiLmScc.roa
File: ertMa5sSnK1GXumXPSjVBiLmScc.roa (raw, json)
Hash identifier: chV/ndzXczw32pIDT4VSQgZNo6S5niAgNJdnmQT2IQA=
Subject key identifier: 7A:BB:4C:6B:9B:12:9C:AD:46:5E:E9:97:3D:28:D5:06:22:E6:49:C7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AF6973CB7EFAE1A0650B61434B930
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ertMa5sSnK1GXumXPSjVBiLmScc.roa
Signing time: Tue 24 Jan 2023 16:09:50 +0000
ROA not before: Tue 24 Jan 2023 16:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d8::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d9::/48 maxlen: 48
2a0e:b107:381::/48 maxlen: 48
2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d6::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Aug 2023 12:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:f6:97:3c:b7:ef:ae:1a:06:50:b6:14:34:b9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7abb4c6b9b129cad465ee9973d28d50622e649c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:4f:ab:da:e1:a0:7b:86:20:32:33:c8:ef:
ae:cc:d8:8c:85:81:50:e5:2a:73:9f:f3:3b:c0:7d:
94:86:74:be:19:5e:8d:12:01:6b:ec:bd:1a:0d:23:
7f:05:cb:4e:f2:3a:dd:c9:ac:0b:b7:72:43:f7:b7:
17:96:42:bb:49:2e:0e:b7:91:eb:c7:f6:d6:88:f9:
0b:db:2d:28:59:5c:f9:f8:16:c2:2a:9c:c3:a7:cf:
fe:16:16:6d:44:ed:27:65:24:d2:56:8f:ff:ad:e0:
11:7f:ab:e2:36:3e:0c:95:ee:09:48:29:bf:2b:f3:
6d:0b:af:da:a4:32:bb:38:9e:77:f9:86:35:1b:7e:
84:43:44:8e:95:61:ac:0c:55:bf:2a:af:e0:a2:43:
11:c9:56:21:f4:b0:57:61:c7:2e:81:5b:74:48:3e:
49:94:56:7d:00:ff:b4:3a:59:11:0e:78:e9:ea:72:
17:b3:cd:fc:d6:cb:a4:bd:61:94:2b:ad:88:58:f8:
25:6b:d1:34:44:04:be:2d:fe:78:91:35:35:59:5c:
66:3d:63:08:80:f4:b7:58:42:a4:54:ce:65:44:3a:
dc:bd:de:83:6a:e4:4d:89:8c:e9:30:1b:50:0e:10:
30:08:29:8b:9e:4d:6f:f1:0e:9f:7e:74:7f:76:c5:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BB:4C:6B:9B:12:9C:AD:46:5E:E9:97:3D:28:D5:06:22:E6:49:C7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ertMa5sSnK1GXumXPSjVBiLmScc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:381::/48
2a0e:b107:12d1::-2a0e:b107:12d9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:56:c7:d6:e0:90:79:68:cb:39:f3:16:46:d6:f0:b7:ef:a2:
46:80:9a:e1:1f:5f:06:2a:63:f5:f1:ef:54:8f:52:ce:36:c8:
d5:72:ab:b1:dd:67:95:38:09:35:c5:54:7c:3b:d7:69:9e:6e:
e3:3e:29:3e:a2:a5:b6:a4:fe:6f:b4:bc:f2:bc:81:ec:6a:42:
4e:15:8a:7c:f9:fb:23:fc:ad:f8:47:9c:c6:53:72:96:da:4c:
f1:a4:b2:76:f7:da:4a:29:65:d3:4a:04:87:c9:1a:75:e1:58:
df:9f:6d:91:35:bc:32:ff:b6:d6:15:53:34:a7:d6:98:37:e2:
95:ac:d5:b9:07:76:16:b9:04:f1:51:53:d9:99:8a:b4:c8:39:
af:eb:cf:98:4e:17:e0:3d:63:92:69:7c:43:7d:31:48:dd:2e:
1e:d2:f0:7b:bd:ab:98:bc:86:bf:e1:e6:a8:fd:d2:16:38:9e:
10:d2:b3:27:7a:d0:bc:08:c3:10:10:23:a3:f3:25:cd:45:f5:
78:56:1e:d2:ea:57:d4:ac:76:f4:f9:84:2b:c6:38:68:6f:7e:
68:c0:75:b8:44:ea:5a:c2:74:23:cd:69:91:de:57:b8:b6:79:
a8:a9:22:1f:8e:e5:27:02:04:38:3c:67:d6:fd:85:12:26:76:
df:2e:f5:be
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYXkivaXPLfvrhoGULYUNLkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJiNGM2YjliMTI5Y2FkNDY1ZWU5OTczZDI4ZDUwNjIyZTY0OWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCFPq9rhoHuGIDIzyO+uzNiMhYFQ
5Spzn/M7wH2UhnS+GV6NEgFr7L0aDSN/BctO8jrdyawLt3JD97cXlkK7SS4Ot5Hr
x/bWiPkL2y0oWVz5+BbCKpzDp8/+FhZtRO0nZSTSVo//reARf6viNj4Mle4JSCm/
K/NtC6/apDK7OJ53+YY1G36EQ0SOlWGsDFW/Kq/gokMRyVYh9LBXYccugVt0SD5J
lFZ9AP+0OlkRDnjp6nIXs8381sukvWGUK62IWPgla9E0RAS+Lf54kTU1WVxmPWMI
gPS3WEKkVM5lRDrcvd6DauRNiYzpMBtQDhAwCCmLnk1v8Q6ffnR/dsU+uwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHq7TGubEpytRl7plz0o1QYi5knHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZXJ0TWE1c1NuSzFHWHVtWFBTalZCaUxtU2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBwOB
MBIDBwAqDrEHEtEDBwEqDrEHEtgwDQYJKoZIhvcNAQELBQADggEBAKdWx9bgkHlo
yznzFkbW8LfvokaAmuEfXwYqY/Xx71SPUs42yNVyq7HdZ5U4CTXFVHw712mebuM+
KT6ipbak/m+0vPK8gexqQk4Vinz5+yP8rfhHnMZTcpbaTPGksnb32kopZdNKBIfJ
GnXhWN+fbZE1vDL/ttYVUzSn1pg34pWs1bkHdha5BPFRU9mZirTIOa/rz5hOF+A9
Y5JpfEN9MUjdLh7S8Hu9q5i8hr/h5qj90hY4nhDSsyd60LwIwxAQI6PzJc1F9XhW
HtLqV9SsdvT5hCvGOGhvfmjAdbhE6lrCdCPNaZHeV7i2eaipIh+O5ScCBDg8Z9b9
hRImdt8u9b4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org