Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fy2NjVJntoX9UC0NjCszS6TS48M.roa
File: fy2NjVJntoX9UC0NjCszS6TS48M.roa (raw, json)
Hash identifier: NGeMQWVcwT7UpggO1R6q7iTxSpot+6VQzkhByaNHYks=
Subject key identifier: 7F:2D:8D:8D:52:67:B6:85:FD:50:2D:0D:8C:2B:33:4B:A4:D2:E3:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E80E6594BEFCE59E1C03041448380A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fy2NjVJntoX9UC0NjCszS6TS48M.roa
Signing time: Mon 02 Jan 2023 05:15:34 +0000
ROA not before: Mon 02 Jan 2023 05:15:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211840
IP address blocks: 2a0e:97c0:1ba::/47 maxlen: 48
2a0e:97c0:1bd::/48 maxlen: 48
2a0e:97c0:1b0::/48 maxlen: 48
2a0e:b107:862::/48 maxlen: 48
2a0e:b107:86c::/48 maxlen: 48
2a0e:b107:861::/48 maxlen: 48
2a0e:97c0:1bc::/48 maxlen: 48
2a0e:97c0:1b2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:0e:65:94:be:fc:e5:9e:1c:03:04:14:48:38:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f2d8d8d5267b685fd502d0d8c2b334ba4d2e3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:ae:69:87:4d:ad:8d:7a:5b:16:0f:b0:27:
9c:44:1a:35:e0:c0:71:cf:ce:09:57:dd:09:18:b1:
7c:d4:35:df:45:0d:e9:ad:36:92:7f:b8:ff:10:a4:
c5:92:96:1f:ad:4e:dc:22:e9:43:ec:b9:33:63:fb:
08:71:1c:f0:6f:b7:29:b2:f9:bf:39:2b:52:42:10:
45:23:3e:6b:2d:8b:f4:c9:dd:21:0a:be:f9:c0:a2:
b6:dc:6a:b7:04:ec:87:95:51:6e:fc:e7:5a:92:78:
42:77:48:b9:fd:ff:a2:be:b6:00:47:a6:3f:b4:42:
90:1d:64:54:6f:0a:21:77:6a:4c:74:2d:4b:c1:1d:
9d:96:95:96:99:50:e6:14:9f:82:9c:58:c2:b1:14:
1c:52:4d:46:8f:11:e2:1e:b9:e7:d1:17:c9:cb:f6:
1d:af:ba:50:ad:bb:85:72:c6:83:a1:7e:47:93:6a:
2c:ef:c0:5b:d8:96:9a:06:db:39:0a:6e:7e:cb:45:
92:d4:6d:a3:e7:3c:3d:92:5d:b8:69:25:9c:d7:00:
bf:2e:c0:53:29:96:53:89:15:3d:25:26:95:4f:20:
20:c2:a8:f7:98:2d:92:00:f2:df:ee:b6:f0:8f:ea:
91:9d:bf:97:d4:8b:99:b7:84:76:80:4f:60:1e:5f:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2D:8D:8D:52:67:B6:85:FD:50:2D:0D:8C:2B:33:4B:A4:D2:E3:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fy2NjVJntoX9UC0NjCszS6TS48M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1b0::/48
2a0e:97c0:1b2::/48
2a0e:97c0:1ba::-2a0e:97c0:1bd:ffff:ffff:ffff:ffff:ffff
2a0e:b107:861::-2a0e:b107:862:ffff:ffff:ffff:ffff:ffff
2a0e:b107:86c::/48
Signature Algorithm: sha256WithRSAEncryption
70:98:a1:d8:47:ea:46:a7:6c:36:10:2a:e0:d5:72:40:be:f5:
22:99:5e:78:ae:5f:66:d0:0e:6e:60:00:e1:e9:0b:62:91:ee:
b2:f8:39:e5:43:13:04:51:bf:c4:3f:ae:90:bb:e2:1c:77:45:
05:f8:06:81:36:28:6d:c6:54:a0:be:c3:f4:01:ae:32:18:f9:
ed:76:32:89:d1:3b:ee:c3:81:32:09:1c:9e:30:d7:45:b9:c3:
6e:50:be:73:da:90:6f:cd:65:bd:52:28:66:29:98:23:7c:a2:
93:f6:58:17:f4:4b:e4:4a:e3:3a:8f:39:59:6c:54:e8:a2:42:
c3:2e:dd:bd:45:cf:7e:cc:a0:24:9d:77:6c:7a:9a:b2:92:a5:
8d:4f:3c:85:84:2a:f6:95:b4:b6:07:f3:f6:5e:36:07:7f:30:
c1:74:40:9e:aa:d7:42:4e:10:e2:bf:02:8c:03:78:85:6b:f1:
9c:e3:aa:5c:ea:0d:e2:24:a7:06:91:78:85:cb:51:93:33:21:
ee:82:a4:97:53:a1:43:4e:d2:9d:a0:79:e4:ac:60:be:1b:12:
c7:f2:1d:81:4d:ae:90:9a:ea:b5:d2:22:9f:67:f2:1d:e5:8e:
79:80:f0:8c:ff:fe:b1:56:5f:12:9b:e6:c5:32:2d:86:3b:04:
18:90:d6:3c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVw6A5llL785Z4cAwQUSDgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJkOGQ4ZDUyNjdiNjg1ZmQ1MDJkMGQ4YzJiMzM0YmE0ZDJlM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL6uaYdNrY16WxYPsCecRBo14MBx
z84JV90JGLF81DXfRQ3prTaSf7j/EKTFkpYfrU7cIulD7LkzY/sIcRzwb7cpsvm/
OStSQhBFIz5rLYv0yd0hCr75wKK23Gq3BOyHlVFu/OdaknhCd0i5/f+ivrYAR6Y/
tEKQHWRUbwohd2pMdC1LwR2dlpWWmVDmFJ+CnFjCsRQcUk1GjxHiHrnn0RfJy/Yd
r7pQrbuFcsaDoX5Hk2os78Bb2JaaBts5Cm5+y0WS1G2j5zw9kl24aSWc1wC/LsBT
KZZTiRU9JSaVTyAgwqj3mC2SAPLf7rbwj+qRnb+X1IuZt4R2gE9gHl9I2QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFH8tjY1SZ7aF/VAtDYwrM0uk0uPDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZnkyTmpWSm50b1g5VUMwTmpDc3pTNlRTNDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcAKg6XwAGw
AwcAKg6XwAGyMBIDBwEqDpfAAboDBwEqDpfAAbwwEgMHACoOsQcIYQMHACoOsQcI
YgMHACoOsQcIbDANBgkqhkiG9w0BAQsFAAOCAQEAcJih2EfqRqdsNhAq4NVyQL71
IpleeK5fZtAObmAA4ekLYpHusvg55UMTBFG/xD+ukLviHHdFBfgGgTYobcZUoL7D
9AGuMhj57XYyidE77sOBMgkcnjDXRbnDblC+c9qQb81lvVIoZimYI3yik/ZYF/RL
5ErjOo85WWxU6KJCwy7dvUXPfsygJJ13bHqaspKljU88hYQq9pW0tgfz9l42B38w
wXRAnqrXQk4Q4r8CjAN4hWvxnOOqXOoN4iSnBpF4hctRkzMh7oKkl1OhQ07SnaB5
5KxgvhsSx/IdgU2ukJrqtdIin2fyHeWOeYDwjP/+sVZfEpvmxTIthjsEGJDWPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org