Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fSpndDE3VkCjDDuDn4iNaw16JqE.roa
File: fSpndDE3VkCjDDuDn4iNaw16JqE.roa (raw, json)
Hash identifier: 09Y+jfnIIHbP1RDYnQFQu9SXu1kxwIB0i9KctBvEg3w=
Subject key identifier: 7D:2A:67:74:31:37:56:40:A3:0C:3B:83:9F:88:8D:6B:0D:7A:26:A1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018640459A5B76957615515A635A044F3434
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fSpndDE3VkCjDDuDn4iNaw16JqE.roa
Signing time: Sat 11 Feb 2023 11:39:08 +0000
ROA not before: Sat 11 Feb 2023 11:39:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199918
IP address blocks: 2a0e:97c0:880::/48 maxlen: 48
2a0e:97c0:88a::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 11 Feb 2023 12:41:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:40:45:9a:5b:76:95:76:15:51:5a:63:5a:04:4f:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 11 11:39:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d2a677431375640a30c3b839f888d6b0d7a26a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3b:45:6a:94:3b:9d:fd:17:8b:02:75:bc:62:
43:0a:c4:93:75:84:93:02:dc:39:b2:34:3f:fd:6a:
59:4f:e7:4e:e6:54:08:fd:cf:82:8a:29:b8:e8:79:
7e:bf:bf:3b:af:8b:f2:b8:93:d9:af:e2:22:2d:75:
51:d5:fd:ad:06:f7:9b:a6:3f:45:49:39:21:18:52:
84:07:a6:d8:70:45:c6:f4:b1:4a:83:ce:38:83:02:
5a:d1:94:f1:66:5b:0f:69:83:a1:bf:8e:31:94:bc:
6e:42:30:7d:a1:00:38:5e:a6:7b:4d:ac:2e:fe:73:
56:58:98:b9:2d:70:b8:18:7d:7b:f8:6c:03:3b:c9:
0c:f8:ef:a8:b9:e0:35:67:91:25:fa:e1:67:a5:66:
e3:6e:2e:6c:6f:20:da:e0:ca:5f:de:ee:49:12:7d:
ba:af:67:95:b7:2b:33:13:59:dc:a7:f0:41:a6:7c:
c8:ce:7e:db:e1:94:67:ad:9c:a0:c0:f0:cd:21:a5:
84:88:26:21:b2:77:8a:39:ee:33:4f:8f:d5:12:95:
11:60:6b:a8:a9:a6:8b:a1:63:4c:2e:25:be:be:d2:
81:29:6e:f7:b5:30:aa:39:77:96:10:7e:2f:ba:9f:
a8:43:eb:a0:eb:1d:99:c6:77:a3:36:30:14:3a:76:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2A:67:74:31:37:56:40:A3:0C:3B:83:9F:88:8D:6B:0D:7A:26:A1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fSpndDE3VkCjDDuDn4iNaw16JqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:880::/48
2a0e:97c0:88a::/48
Signature Algorithm: sha256WithRSAEncryption
04:80:ba:20:4c:a4:53:a8:ac:0d:8c:c4:b5:92:bb:ab:23:ee:
36:57:5e:00:ba:eb:87:05:20:4a:c4:60:de:6f:36:dc:c0:54:
b8:51:50:3b:0a:cd:04:9b:4b:7e:75:3c:aa:e1:db:01:37:5b:
63:d7:5e:e2:36:ba:87:02:f5:df:de:8d:f6:dc:53:ca:70:df:
6f:a6:e6:94:5f:7f:f4:0b:0e:d1:e6:60:b1:1a:82:f8:11:7e:
bb:0a:e6:45:5c:0f:be:07:7f:14:7d:eb:dd:e7:e3:16:0e:54:
37:d6:ae:e3:d9:05:68:8f:9e:45:55:b8:15:cc:b0:b1:0c:72:
a8:c0:3a:b4:46:9e:6d:c2:4a:57:69:42:f5:2b:45:d7:1b:10:
f2:0b:74:c1:7d:a5:20:4f:25:18:da:63:ef:14:de:00:31:91:
15:bd:3c:cd:d4:59:1f:a2:50:c3:9a:1b:11:b2:bf:02:d1:43:
a4:17:e4:1a:14:2e:c8:5c:0c:6c:24:eb:a3:db:87:da:35:21:
cb:24:a8:54:92:71:a2:b1:99:c4:1d:61:fd:8a:8b:a7:77:e3:
d3:8e:27:50:b4:61:60:3f:0f:6f:84:8a:a9:7f:7b:fa:e7:9a:
81:2d:30:ca:2c:0d:0c:a3:8e:8c:62:a2:5e:cd:82:bf:a2:e6:
d6:66:36:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZARZpbdpV2FVFaY1oETzQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjExMTEzOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJhNjc3NDMxMzc1NjQwYTMwYzNiODM5Zjg4OGQ2YjBkN2EyNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnztFapQ7nf0XiwJ1vGJDCsSTdYST
Atw5sjQ//WpZT+dO5lQI/c+Ciim46Hl+v787r4vyuJPZr+IiLXVR1f2tBvebpj9F
STkhGFKEB6bYcEXG9LFKg844gwJa0ZTxZlsPaYOhv44xlLxuQjB9oQA4XqZ7Tawu
/nNWWJi5LXC4GH17+GwDO8kM+O+oueA1Z5El+uFnpWbjbi5sbyDa4Mpf3u5JEn26
r2eVtyszE1ncp/BBpnzIzn7b4ZRnrZygwPDNIaWEiCYhsneKOe4zT4/VEpURYGuo
qaaLoWNMLiW+vtKBKW73tTCqOXeWEH4vup+oQ+ug6x2ZxnejNjAUOnajFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH0qZ3QxN1ZAoww7g5+IjWsNeiahMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZlNwbmRERTNWa0NqRER1RG40aU5hdzE2SnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAiA
AwcAKg6XwAiKMA0GCSqGSIb3DQEBCwUAA4IBAQAEgLogTKRTqKwNjMS1krurI+42
V14AuuuHBSBKxGDebzbcwFS4UVA7Cs0Em0t+dTyq4dsBN1tj117iNrqHAvXf3o32
3FPKcN9vpuaUX3/0Cw7R5mCxGoL4EX67CuZFXA++B38Ufevd5+MWDlQ31q7j2QVo
j55FVbgVzLCxDHKowDq0Rp5twkpXaUL1K0XXGxDyC3TBfaUgTyUY2mPvFN4AMZEV
vTzN1FkfolDDmhsRsr8C0UOkF+QaFC7IXAxsJOuj24faNSHLJKhUknGisZnEHWH9
iound+PTjidQtGFgPw9vhIqpf3v655qBLTDKLA0Mo46MYqJezYK/oubWZjb7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:35 2024 by rpki-client on console-fra.rpki-client.org