Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hB8vQLEPKXfgNUMw1Blc6lajlh0.roa
File: hB8vQLEPKXfgNUMw1Blc6lajlh0.roa (raw, json)
Hash identifier: G8oUd4e8LSApkUSya12JkaZcfNhSpRWEnoCPb83b+vo=
Subject key identifier: 84:1F:2F:40:B1:0F:29:77:E0:35:43:30:D4:19:5C:EA:56:A3:96:1D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D96A339F5C32FC48D3F2818829CC6B18C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hB8vQLEPKXfgNUMw1Blc6lajlh0.roa
Signing time: Sun 11 Feb 2024 05:28:16 +0000
ROA not before: Sun 11 Feb 2024 05:28:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Feb 2024 19:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:96:a3:39:f5:c3:2f:c4:8d:3f:28:18:82:9c:c6:b1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 11 05:28:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=841f2f40b10f2977e0354330d4195cea56a3961d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b1:48:4a:c3:b7:49:f7:c2:34:df:9c:9a:a6:
5a:01:3b:66:64:49:c8:ba:15:34:e9:d4:c7:67:bd:
9e:43:46:79:e5:78:10:10:b0:41:2f:3b:36:75:8a:
7e:d7:d4:ca:e5:6c:fc:14:78:6d:bc:28:3f:45:d3:
60:ea:8b:81:98:9a:6a:04:83:61:8b:c8:be:29:0e:
a7:a1:11:f1:87:5f:a4:7e:23:a8:9e:09:01:f2:4d:
14:0c:96:ff:d4:83:18:42:28:1b:d6:d5:62:56:53:
8f:4e:09:30:05:ba:8b:4e:d6:95:48:59:98:d2:b7:
f6:35:c5:46:6d:91:a7:2f:79:20:32:d2:c4:5c:f4:
e5:2a:8c:04:26:8b:9f:b8:6b:af:0e:62:6a:67:50:
27:25:9f:26:ba:fc:0e:88:45:fa:f3:ec:70:f3:54:
bd:e4:65:50:1d:31:1a:33:f0:9d:3c:ce:32:b6:36:
f4:43:b5:60:e8:5e:e8:cb:50:3e:18:96:51:cc:f9:
90:e2:2d:64:05:ea:33:94:4c:8f:c4:96:8a:6b:4d:
d2:af:56:01:37:c8:a1:32:9f:44:47:6f:6c:38:88:
66:7f:52:90:fa:2c:1f:60:cb:f8:d2:35:a0:3b:1c:
dc:c2:35:6e:c4:09:7f:79:ce:8e:e9:f6:c5:cd:48:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1F:2F:40:B1:0F:29:77:E0:35:43:30:D4:19:5C:EA:56:A3:96:1D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hB8vQLEPKXfgNUMw1Blc6lajlh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b1:12:ac:4c:7e:c8:6c:7f:44:6c:f4:d0:15:32:de:93:d6:41:
16:5d:dd:1b:f8:08:10:5d:01:9a:34:93:ab:54:79:23:d7:06:
44:fb:b5:bd:ef:09:05:85:33:41:05:14:3d:45:5f:2c:cf:6e:
cf:e4:08:ac:d2:75:fd:51:aa:0e:2a:7b:da:33:59:66:28:71:
11:13:52:46:de:cc:eb:6d:9c:02:cd:f9:f7:c8:c9:c4:dc:d8:
13:12:a6:f8:00:56:52:fa:81:79:75:49:10:7a:98:d5:e6:57:
0b:a5:19:78:72:4f:bb:b5:94:60:d4:b1:50:d3:ed:a7:cb:05:
bd:42:bb:a7:9d:6a:74:92:e6:71:28:db:13:54:da:1a:7a:04:
e8:c2:dd:09:73:bf:67:63:98:40:aa:fa:8d:ee:b0:8b:08:af:
5f:1e:6d:a2:9c:18:96:47:34:87:d1:5f:db:b9:db:12:f4:bc:
e0:08:91:ea:65:29:18:a9:3e:41:1b:a4:02:14:a1:51:bf:6b:
16:66:d4:c4:62:bf:f6:f8:f4:ba:58:3e:ca:99:55:6b:8d:1a:
16:ba:c4:08:03:42:ec:43:57:05:f2:b1:d6:09:be:75:73:54:
f3:de:bc:8c:ad:d8:86:61:cf:52:e6:50:ca:ca:55:96:e2:6e:
42:33:6a:40
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY2Wozn1wy/EjT8oGIKcxrGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjExMDUyODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFmMmY0MGIxMGYyOTc3ZTAzNTQzMzBkNDE5NWNlYTU2YTM5NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrFISsO3SffCNN+cmqZaATtmZEnI
uhU06dTHZ72eQ0Z55XgQELBBLzs2dYp+19TK5Wz8FHhtvCg/RdNg6ouBmJpqBINh
i8i+KQ6noRHxh1+kfiOongkB8k0UDJb/1IMYQigb1tViVlOPTgkwBbqLTtaVSFmY
0rf2NcVGbZGnL3kgMtLEXPTlKowEJoufuGuvDmJqZ1AnJZ8muvwOiEX68+xw81S9
5GVQHTEaM/CdPM4ytjb0Q7Vg6F7oy1A+GJZRzPmQ4i1kBeozlEyPxJaKa03Sr1YB
N8ihMp9ER29sOIhmf1KQ+iwfYMv40jWgOxzcwjVuxAl/ec6O6fbFzUjAjQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIQfL0CxDyl34DVDMNQZXOpWo5YdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaEI4dlFMRVBLWGZnTlVNdzFCbGM2bGFqbGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQwDQYJKoZIhvcN
AQELBQADggEBALESrEx+yGx/RGz00BUy3pPWQRZd3Rv4CBBdAZo0k6tUeSPXBkT7
tb3vCQWFM0EFFD1FXyzPbs/kCKzSdf1Rqg4qe9ozWWYocRETUkbezOttnALN+ffI
ycTc2BMSpvgAVlL6gXl1SRB6mNXmVwulGXhyT7u1lGDUsVDT7afLBb1Cu6edanSS
5nEo2xNU2hp6BOjC3Qlzv2djmECq+o3usIsIr18ebaKcGJZHNIfRX9u52xL0vOAI
keplKRipPkEbpAIUoVG/axZm1MRiv/b49LpYPsqZVWuNGha6xAgDQuxDVwXysdYJ
vnVzVPPevIyt2IZhz1LmUMrKVZbibkIzakA=
-----END CERTIFICATE-----
Generated at Thu Feb 15 21:13:57 2024 by rpki-client on console-fra.rpki-client.org