Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ge3cN6PsprzLOZ6kxQENU687PhQ.roa
File: ge3cN6PsprzLOZ6kxQENU687PhQ.roa (raw, json)
Hash identifier: OnY3KnNy7e1z1E9KaKTQUMV/c023ELqWmUBStu9i5Qw=
Subject key identifier: 81:ED:DC:37:A3:EC:A6:BC:CB:39:9E:A4:C5:01:0D:53:AF:3B:3E:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B122D1724A31EACB7981A1107B2C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ge3cN6PsprzLOZ6kxQENU687PhQ.roa
Signing time: Tue 24 Jan 2023 16:09:57 +0000
ROA not before: Tue 24 Jan 2023 16:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213372
IP address blocks: 2a0e:b107:8e0::/44 maxlen: 48
2a10:2f00:128::/48 maxlen: 48
2a09:4c2:34::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Mar 2023 14:35:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:12:2d:17:24:a3:1e:ac:b7:98:1a:11:07:b2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81eddc37a3eca6bccb399ea4c5010d53af3b3e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4c:8a:3c:37:83:05:f7:b9:d5:58:86:47:71:
76:b4:fb:64:a3:6f:d0:b3:72:ca:5f:13:eb:bd:d8:
84:d3:d1:22:d1:6c:99:35:ae:2a:db:b8:02:d3:f5:
ef:80:c0:13:f0:ea:c7:e1:4f:bf:0a:75:13:87:66:
32:a3:bb:a1:66:32:04:a0:c1:57:f4:1c:c8:6d:b6:
f2:a3:1f:35:94:b4:31:8a:5e:38:30:3d:85:f9:c2:
c9:25:6c:1f:6f:12:56:8d:7b:7b:c8:15:e9:38:20:
42:9f:3d:28:83:95:1b:39:fb:55:29:78:02:09:85:
34:0b:40:7b:3e:ce:64:af:48:f0:0b:41:28:54:95:
06:05:ed:c4:aa:81:b7:91:e2:63:32:45:ef:19:37:
38:9f:52:87:9b:a5:de:88:77:15:9f:ef:aa:5f:76:
38:9f:a3:29:a1:a9:9e:b1:7a:1e:13:cc:20:62:0f:
47:26:9c:bc:92:49:88:f2:4e:5d:8a:5b:b6:48:56:
64:2a:0f:74:2f:17:24:88:d6:4f:53:0b:ad:3a:f8:
63:f0:a0:85:eb:62:0d:22:31:83:f4:cd:8d:27:0f:
ec:cf:ea:48:70:51:93:d8:7d:f1:5c:a3:16:89:7e:
d9:09:92:f6:41:5c:3d:ea:0b:ee:58:1c:ef:9f:06:
52:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:ED:DC:37:A3:EC:A6:BC:CB:39:9E:A4:C5:01:0D:53:AF:3B:3E:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ge3cN6PsprzLOZ6kxQENU687PhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4c2:34::/48
2a0e:b107:8e0::/44
2a10:2f00:128::/48
Signature Algorithm: sha256WithRSAEncryption
8f:28:bd:f2:12:65:9c:63:a6:ee:1e:db:8b:d8:c4:b7:47:50:
fc:5c:23:23:f0:24:79:86:94:cf:c3:b1:d2:a1:62:76:d1:84:
90:b3:69:d3:0b:e4:cf:a7:bc:3a:5b:d9:59:b5:a6:dc:44:8a:
e6:09:b5:15:5c:70:91:0c:b4:53:16:1d:eb:44:0e:c2:d7:5e:
a8:ee:87:98:39:74:b9:d5:2f:f9:80:24:79:d1:22:5c:40:b5:
13:d7:c2:e9:b5:5b:0e:8a:8b:6b:d2:3e:6f:40:4f:5b:a4:be:
61:fc:45:76:24:e3:11:dd:53:56:45:1b:c6:a9:f5:4d:b1:8b:
a4:be:f2:69:04:96:4e:04:15:7f:00:f2:b8:e7:7c:6b:c2:fc:
e9:93:29:55:44:cb:1a:a9:2c:f8:2c:9c:3a:e0:13:1e:7d:90:
99:7e:6a:ec:78:73:e7:1a:16:dc:de:4b:90:65:23:cc:88:52:
9b:92:bf:56:d2:61:77:94:e7:70:7f:62:75:52:36:ca:07:31:
b7:6d:86:e3:de:f6:9c:8b:6f:f3:47:1c:08:75:a0:10:f0:48:
a9:e4:95:7e:48:e0:f9:e0:ed:92:29:db:95:8d:8e:a4:cd:61:
dd:54:9d:3f:c7:b8:36:98:03:3f:66:47:68:e0:9b:fc:16:06:
3e:fc:f9:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXkixItFySjHqy3mBoRB7LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVkZGMzN2EzZWNhNmJjY2IzOTllYTRjNTAxMGQ1M2FmM2IzZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EyKPDeDBfe51ViGR3F2tPtko2/Q
s3LKXxPrvdiE09Ei0WyZNa4q27gC0/XvgMAT8OrH4U+/CnUTh2Yyo7uhZjIEoMFX
9BzIbbbyox81lLQxil44MD2F+cLJJWwfbxJWjXt7yBXpOCBCnz0og5UbOftVKXgC
CYU0C0B7Ps5kr0jwC0EoVJUGBe3EqoG3keJjMkXvGTc4n1KHm6XeiHcVn++qX3Y4
n6MpoamesXoeE8wgYg9HJpy8kkmI8k5dilu2SFZkKg90LxckiNZPUwutOvhj8KCF
62INIjGD9M2NJw/sz+pIcFGT2H3xXKMWiX7ZCZL2QVw96gvuWBzvnwZSOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIHt3Dej7Ka8yzmepMUBDVOvOz4UMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ2UzY042UHNwcnpMT1o2a3hRRU5VNjg3UGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgkEwgA0
AwcEKg6xBwjgAwcAKhAvAAEoMA0GCSqGSIb3DQEBCwUAA4IBAQCPKL3yEmWcY6bu
HtuL2MS3R1D8XCMj8CR5hpTPw7HSoWJ20YSQs2nTC+TPp7w6W9lZtabcRIrmCbUV
XHCRDLRTFh3rRA7C116o7oeYOXS51S/5gCR50SJcQLUT18LptVsOiotr0j5vQE9b
pL5h/EV2JOMR3VNWRRvGqfVNsYukvvJpBJZOBBV/APK453xrwvzpkylVRMsaqSz4
LJw64BMefZCZfmrseHPnGhbc3kuQZSPMiFKbkr9W0mF3lOdwf2J1UjbKBzG3bYbj
3vaci2/zRxwIdaAQ8Eip5JV+SOD54O2SKduVjY6kzWHdVJ0/x7g2mAM/Zkdo4Jv8
FgY+/Pl7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org