Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fJ0gULjW0a0AJzcHB23lRw4BMSU.roa
File: fJ0gULjW0a0AJzcHB23lRw4BMSU.roa (raw, json)
Hash identifier: 6ZY09Z6n3TeP+ydx1HBLfJ6/2mtiKfF/bPrdADNerXs=
Subject key identifier: 7C:9D:20:50:B8:D6:D1:AD:00:27:37:07:07:6D:E5:47:0E:01:31:25
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD3A66159FA8F156DD8A69E1B0A049
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fJ0gULjW0a0AJzcHB23lRw4BMSU.roa
Signing time: Tue 02 Jan 2024 10:34:30 +0000
ROA not before: Tue 02 Jan 2024 10:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211685
IP address blocks: 2a0e:97c0:250::/44 maxlen: 48
2a0e:97c0:250::/48 maxlen: 48
2a0e:97c0:251::/48 maxlen: 48
2a0e:97c0:252::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jul 2024 21:10:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:3a:66:15:9f:a8:f1:56:dd:8a:69:e1:b0:a0:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c9d2050b8d6d1ad00273707076de5470e013125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:64:ae:09:0d:be:0c:67:df:dc:a3:02:06:bc:
09:d9:ea:90:13:95:90:34:17:04:15:bc:c8:09:da:
2f:8c:20:e2:5f:78:09:9c:40:55:ec:a0:f9:3c:f8:
83:00:05:97:fb:73:0b:b5:16:bf:97:7f:c0:49:3d:
69:22:9b:20:fc:8d:2f:ca:85:99:c4:23:64:a4:18:
db:4d:70:3f:c7:a4:8f:d2:34:47:9f:5a:ba:26:7a:
79:6e:2f:a9:dc:c2:36:61:e4:36:05:da:0f:f8:2e:
35:99:1f:4b:7f:c7:f9:1c:52:9c:75:20:e1:c1:79:
16:63:8a:bd:89:6a:89:bc:79:96:c0:3c:52:47:94:
68:10:75:b0:93:34:5c:c5:59:5e:f7:be:92:cf:16:
06:ba:60:27:bc:a7:9d:13:01:d5:18:ab:f9:66:f8:
66:4c:a0:be:d6:64:74:80:bd:09:e3:d4:11:78:3b:
65:45:37:69:79:d2:4f:4a:1d:5b:fd:cd:93:98:ee:
e9:0f:8c:70:ca:e6:7b:69:f9:67:3e:fb:dc:71:60:
87:83:1f:2e:25:9c:31:4e:fa:6b:0a:42:0c:1c:48:
1a:ad:43:63:c9:b0:eb:0f:db:00:95:33:97:76:15:
93:33:24:46:4f:50:1c:6f:d5:e1:17:70:47:b4:5c:
c3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9D:20:50:B8:D6:D1:AD:00:27:37:07:07:6D:E5:47:0E:01:31:25
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fJ0gULjW0a0AJzcHB23lRw4BMSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:250::/44
Signature Algorithm: sha256WithRSAEncryption
28:4d:fd:ad:7d:8b:c8:72:45:97:a7:7a:39:45:96:98:fa:e1:
01:0f:7c:a3:ce:aa:97:30:14:d2:12:fb:f8:ba:01:8e:36:9e:
57:2b:b3:9e:3d:97:82:a2:f6:a6:bc:1e:69:70:d6:5b:e8:6c:
29:05:3a:04:b6:24:a7:89:9e:06:70:db:a2:9d:34:22:c1:2b:
a9:f3:de:38:7f:46:90:c9:91:e1:86:19:5f:27:06:ad:98:75:
e4:db:9e:f6:5c:20:7a:57:ed:27:86:9d:64:54:4f:cf:f3:29:
76:a7:82:33:07:3b:23:7e:db:e7:22:06:33:60:c4:a7:ab:47:
5b:80:d9:2e:0d:8a:91:2f:3e:5a:4a:4f:78:cb:24:b0:88:a4:
63:71:43:e1:df:59:03:f7:c0:8c:72:a6:cd:51:6e:8c:b7:c7:
16:e9:b7:05:bc:e3:ee:32:cd:e3:a5:e3:2f:6e:c0:ac:22:3a:
7e:05:cb:db:5b:72:98:c7:30:b9:c4:22:43:e5:22:cd:9b:fb:
0b:54:3c:54:fe:42:56:dd:6a:f9:3d:a6:fe:f0:20:c5:b7:0c:
c1:b0:1b:0b:9a:ac:fb:da:88:84:ef:00:fe:a3:50:ea:15:f6:
a7:2b:2b:c8:1e:1b:04:86:89:3c:59:83:2c:ea:5b:b4:35:2b:
15:23:16:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTpmFZ+o8VbdimnhsKBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzlkMjA1MGI4ZDZkMWFkMDAyNzM3MDcwNzZkZTU0NzBlMDEzMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGSuCQ2+DGff3KMCBrwJ2eqQE5WQ
NBcEFbzICdovjCDiX3gJnEBV7KD5PPiDAAWX+3MLtRa/l3/AST1pIpsg/I0vyoWZ
xCNkpBjbTXA/x6SP0jRHn1q6Jnp5bi+p3MI2YeQ2BdoP+C41mR9Lf8f5HFKcdSDh
wXkWY4q9iWqJvHmWwDxSR5RoEHWwkzRcxVle976SzxYGumAnvKedEwHVGKv5Zvhm
TKC+1mR0gL0J49QReDtlRTdpedJPSh1b/c2TmO7pD4xwyuZ7aflnPvvccWCHgx8u
JZwxTvprCkIMHEgarUNjybDrD9sAlTOXdhWTMyRGT1Acb9XhF3BHtFzDNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHydIFC41tGtACc3Bwdt5UcOATElMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZkowZ1VMalcwYTBBSnpjSEIyM2xSdzRCTVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoTf2tfYvIckWXp3o5RZaY+uEBD3yjzqqXMBTS
Evv4ugGONp5XK7OePZeCovamvB5pcNZb6GwpBToEtiSniZ4GcNuinTQiwSup8944
f0aQyZHhhhlfJwatmHXk2572XCB6V+0nhp1kVE/P8yl2p4IzBzsjftvnIgYzYMSn
q0dbgNkuDYqRLz5aSk94yySwiKRjcUPh31kD98CMcqbNUW6Mt8cW6bcFvOPuMs3j
peMvbsCsIjp+BcvbW3KYxzC5xCJD5SLNm/sLVDxU/kJW3Wr5Pab+8CDFtwzBsBsL
mqz72oiE7wD+o1DqFfanKyvIHhsEhok8WYMs6lu0NSsVIxbt
-----END CERTIFICATE-----
Generated at Fri Jul 5 22:29:07 2024 by rpki-client on console-fra.rpki-client.org