Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hI7Oni9pWa92BLfVtmgNpzWBKO4.roa
File: hI7Oni9pWa92BLfVtmgNpzWBKO4.roa (raw, json)
Hash identifier: QHFigvYdsdoD9UfcsXyWh5rUNInvjxVuzuYKTX9L+8k=
Subject key identifier: 84:8E:CE:9E:2F:69:59:AF:76:04:B7:D5:B6:68:0D:A7:35:81:28:EE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC77010864300EE280D7FB916381D3720
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hI7Oni9pWa92BLfVtmgNpzWBKO4.roa
Signing time: Mon 01 Jan 2024 23:50:59 +0000
ROA not before: Mon 01 Jan 2024 23:50:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200950
IP address blocks: 2a10:cc45:121::/48 maxlen: 48
2a10:cc45:126::/48 maxlen: 48
2a10:cc45:12f::/48 maxlen: 48
2a10:cc45:124::/48 maxlen: 48
2a10:cc45:125::/48 maxlen: 48
2a10:cc45:122::/48 maxlen: 48
2a10:cc45:123::/48 maxlen: 48
2a10:cc45:120::/44 maxlen: 48
2a10:cc45:120::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:70:10:86:43:00:ee:28:0d:7f:b9:16:38:1d:37:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 23:50:59 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=848ece9e2f6959af7604b7d5b6680da7358128ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5f:63:1d:e6:c2:71:3b:59:0a:74:2f:87:92:
c2:3c:37:da:51:f2:92:95:3f:d5:65:50:68:b8:a4:
3b:b8:c4:a2:dd:de:75:ce:e3:16:e5:3c:76:9f:11:
00:c6:83:b6:78:1c:11:cb:06:ac:31:62:6f:d9:fd:
5e:72:7a:26:4d:ab:47:5b:bc:c2:ce:a7:05:9a:ab:
71:42:04:3c:a1:d9:db:69:75:1b:9d:6d:0e:41:eb:
a9:14:04:5c:71:bb:b8:37:ae:46:b1:39:85:33:94:
02:0b:81:59:0f:51:b9:a2:96:0f:97:52:42:b7:63:
f6:bb:b5:ec:e5:d3:95:a6:51:1b:7d:da:a9:12:63:
4f:93:b2:e7:3a:e6:9f:95:35:c4:69:ff:b5:aa:08:
ac:f1:a8:d6:60:d7:49:3c:9f:b4:6e:f6:9a:42:2b:
9f:33:be:98:9b:ef:61:61:6b:a3:b6:69:84:02:34:
9b:e7:55:54:d2:7d:1b:9b:07:08:79:a5:28:f3:0d:
cc:99:c6:f5:c7:a6:b0:14:55:b4:82:ab:79:28:cb:
3b:4d:ce:2f:f5:e9:32:4b:54:59:23:d1:01:38:23:
a7:a6:b5:0e:08:45:be:56:dd:ac:91:84:77:c3:28:
5b:c7:71:46:57:b1:b6:d1:95:13:3b:77:f1:95:df:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8E:CE:9E:2F:69:59:AF:76:04:B7:D5:B6:68:0D:A7:35:81:28:EE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hI7Oni9pWa92BLfVtmgNpzWBKO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc45:120::/44
Signature Algorithm: sha256WithRSAEncryption
04:47:b1:92:bd:ba:6a:2d:2b:87:1d:0e:be:36:9f:2d:a5:4f:
00:93:66:14:fd:32:df:b1:e8:f6:15:89:f9:2f:97:37:e9:5e:
ce:e3:d8:b8:c6:d9:c5:a7:34:c4:1c:e3:0e:ae:4f:aa:d2:d4:
45:cd:64:ed:6e:fe:b3:2c:e4:fb:ea:24:ad:72:8d:f4:2b:94:
8f:c1:fc:ce:5c:7b:72:de:1c:4d:e1:7d:2d:4c:ac:0e:7b:b5:
74:82:71:e9:ab:dc:65:c6:1c:76:fb:2f:a5:d8:e4:3f:d4:27:
71:31:f0:1d:64:0d:fc:67:64:b2:b2:b4:67:87:fe:0a:75:68:
c7:c4:82:de:8c:32:da:bf:3a:48:b6:56:74:2d:25:70:98:29:
03:30:86:ff:55:64:0c:a7:0e:89:72:40:17:86:82:63:ae:e0:
05:33:d5:46:0f:94:65:2d:56:3e:a4:62:73:87:68:d4:73:92:
59:85:cc:69:6e:7e:a3:9d:cc:7f:7a:89:e1:2b:4f:bd:53:35:
cf:f2:73:85:69:50:ad:fc:6e:9e:1b:55:20:21:f7:68:c8:c2:
84:cc:bc:ed:09:1f:8f:a8:40:e9:8c:95:53:8d:00:b3:d9:86:
64:79:0c:11:38:46:c7:32:08:aa:8f:78:7d:7a:5d:3c:b6:3a:
9a:ac:f3:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHcBCGQwDuKA1/uRY4HTcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAxMjM1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhlY2U5ZTJmNjk1OWFmNzYwNGI3ZDViNjY4MGRhNzM1ODEyOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhV9jHebCcTtZCnQvh5LCPDfaUfKS
lT/VZVBouKQ7uMSi3d51zuMW5Tx2nxEAxoO2eBwRywasMWJv2f1ecnomTatHW7zC
zqcFmqtxQgQ8odnbaXUbnW0OQeupFARccbu4N65GsTmFM5QCC4FZD1G5opYPl1JC
t2P2u7Xs5dOVplEbfdqpEmNPk7LnOuaflTXEaf+1qgis8ajWYNdJPJ+0bvaaQiuf
M76Ym+9hYWujtmmEAjSb51VU0n0bmwcIeaUo8w3Mmcb1x6awFFW0gqt5KMs7Tc4v
9ekyS1RZI9EBOCOnprUOCEW+Vt2skYR3wyhbx3FGV7G20ZUTO3fxld83GQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISOzp4vaVmvdgS31bZoDac1gSjuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaEk3T25pOXBXYTkyQkxmVnRtZ05weldCS080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAER7GSvbpqLSuHHQ6+Np8tpU8Ak2YU/TLfsej2
FYn5L5c36V7O49i4xtnFpzTEHOMOrk+q0tRFzWTtbv6zLOT76iStco30K5SPwfzO
XHty3hxN4X0tTKwOe7V0gnHpq9xlxhx2+y+l2OQ/1CdxMfAdZA38Z2SysrRnh/4K
dWjHxILejDLavzpItlZ0LSVwmCkDMIb/VWQMpw6JckAXhoJjruAFM9VGD5RlLVY+
pGJzh2jUc5JZhcxpbn6jncx/eonhK0+9UzXP8nOFaVCt/G6eG1UgIfdoyMKEzLzt
CR+PqEDpjJVTjQCz2YZkeQwROEbHMgiqj3h9el08tjqarPNf
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:51 2024 by rpki-client on console-ams.rpki-client.org