Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f835BQHfPmMJvkmwlGzFvKZRlZc.roa
File: f835BQHfPmMJvkmwlGzFvKZRlZc.roa (raw, json)
Hash identifier: kkvcV7nbYV5EPfDXtdr+CkNm0k1FVZlSrky3aPUMM5w=
Subject key identifier: 7F:CD:F9:05:01:DF:3E:63:09:BE:49:B0:94:6C:C5:BC:A6:51:95:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F24B316E40B505DC9C0A3CEBD327091EF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f835BQHfPmMJvkmwlGzFvKZRlZc.roa
Signing time: Sun 28 Apr 2024 12:34:27 +0000
ROA not before: Sun 28 Apr 2024 12:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215697
IP address blocks: 2a0e:97c0:ec0::/44 maxlen: 48
2a0e:97c0:ec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 May 2024 17:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:b3:16:e4:0b:50:5d:c9:c0:a3:ce:bd:32:70:91:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 28 12:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fcdf90501df3e6309be49b0946cc5bca6519597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:75:8a:9e:a4:10:d1:a4:fc:29:c0:bd:33:69:
1d:da:0c:6b:b5:ac:05:4c:d3:5a:5f:fa:e7:f7:00:
da:e6:b2:ee:ca:07:92:48:b9:9e:63:8f:96:fd:9f:
09:5b:47:e2:40:0f:82:35:e2:30:9c:dd:3b:24:2a:
1d:72:8a:a9:32:f8:8a:18:e6:e5:10:52:34:c8:ec:
8a:1d:e6:69:9a:ae:d3:2c:d3:05:63:76:9c:bd:ee:
ac:4a:d5:2d:a0:9f:56:4f:02:c8:97:d6:db:ff:12:
f4:ec:e7:2d:05:59:8c:a9:a3:6a:fb:49:1b:f2:37:
b7:d0:3b:11:6c:d8:bc:f0:c7:df:11:8e:c9:11:7e:
33:02:a2:ce:bf:ca:23:f8:85:5a:05:82:c3:01:1a:
b1:d4:b2:a0:64:5d:2c:82:a7:0b:6c:a0:2f:1f:e5:
d5:c4:52:70:51:d0:09:20:9b:ea:27:ba:50:f9:ce:
c3:6f:90:16:48:07:62:c3:82:60:52:54:5c:0d:60:
4f:7b:f5:ed:74:96:da:ce:87:c4:d7:28:e1:63:04:
d6:85:4a:e2:2d:69:41:0d:6d:a4:e3:7c:86:0f:c2:
35:9c:9c:76:4b:93:1b:f9:da:45:82:9b:08:87:45:
02:f5:a5:64:ee:91:45:47:96:e5:b2:73:60:22:7d:
ed:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CD:F9:05:01:DF:3E:63:09:BE:49:B0:94:6C:C5:BC:A6:51:95:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/f835BQHfPmMJvkmwlGzFvKZRlZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
1c:77:46:cb:76:54:f2:3d:82:04:c6:64:5a:08:9e:3a:cc:fd:
53:c9:68:2e:09:33:f1:1b:0a:7d:da:e9:48:0c:8b:49:41:a4:
6e:6c:29:10:c0:b3:78:0c:2a:0b:30:a5:47:1d:21:92:95:1b:
b4:94:9a:de:84:4b:65:35:a8:0d:b9:bb:02:4a:e3:a9:f2:14:
4f:bf:f8:bd:b4:20:46:26:35:d9:26:f6:dc:13:e2:72:e5:7b:
32:04:38:f1:26:87:06:af:e6:80:45:b7:d4:0c:5e:28:0f:c5:
38:69:46:37:66:91:07:5e:5a:2f:c9:a9:2b:af:f4:fc:e5:06:
18:1e:b4:c2:73:48:ab:bc:dc:2d:65:78:6b:ed:30:65:86:90:
df:03:72:28:29:87:86:3d:ad:66:1f:0e:09:0e:c5:c1:34:fb:
9a:46:8d:82:1b:ea:e6:c8:a5:b2:b8:4a:15:71:bb:cf:2c:38:
c3:f0:ff:6a:83:77:36:3d:c8:65:75:5b:71:e7:12:23:8b:0e:
be:f7:a7:e9:ad:98:8c:05:2c:05:ba:7a:f5:bf:61:f3:c6:98:
9b:9d:80:58:85:cc:16:d8:47:20:b7:47:6f:95:4c:bb:98:7c:
98:42:cc:55:89:0e:60:4f:58:92:2f:42:29:04:d2:a6:88:76:
cd:71:0e:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8ksxbkC1BdycCjzr0ycJHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDI4MTIzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNkZjkwNTAxZGYzZTYzMDliZTQ5YjA5NDZjYzViY2E2NTE5NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHWKnqQQ0aT8KcC9M2kd2gxrtawF
TNNaX/rn9wDa5rLuygeSSLmeY4+W/Z8JW0fiQA+CNeIwnN07JCodcoqpMviKGObl
EFI0yOyKHeZpmq7TLNMFY3acve6sStUtoJ9WTwLIl9bb/xL07OctBVmMqaNq+0kb
8je30DsRbNi88MffEY7JEX4zAqLOv8oj+IVaBYLDARqx1LKgZF0sgqcLbKAvH+XV
xFJwUdAJIJvqJ7pQ+c7Db5AWSAdiw4JgUlRcDWBPe/XtdJbazofE1yjhYwTWhUri
LWlBDW2k43yGD8I1nJx2S5Mb+dpFgpsIh0UC9aVk7pFFR5blsnNgIn3tpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH/N+QUB3z5jCb5JsJRsxbymUZWXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZjgzNUJRSGZQbU1Kdmttd2xHekZ2S1pSbFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA7A
MA0GCSqGSIb3DQEBCwUAA4IBAQAcd0bLdlTyPYIExmRaCJ46zP1TyWguCTPxGwp9
2ulIDItJQaRubCkQwLN4DCoLMKVHHSGSlRu0lJrehEtlNagNubsCSuOp8hRPv/i9
tCBGJjXZJvbcE+Jy5XsyBDjxJocGr+aARbfUDF4oD8U4aUY3ZpEHXlovyakrr/T8
5QYYHrTCc0irvNwtZXhr7TBlhpDfA3IoKYeGPa1mHw4JDsXBNPuaRo2CG+rmyKWy
uEoVcbvPLDjD8P9qg3c2PchldVtx5xIjiw6+96fprZiMBSwFunr1v2HzxpibnYBY
hcwW2Ecgt0dvlUy7mHyYQsxViQ5gT1iSL0IpBNKmiHbNcQ7f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org