Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hKi9HY7TRyJ8Cb3UCx8KG-BHod8.roa
File: hKi9HY7TRyJ8Cb3UCx8KG-BHod8.roa (raw, json)
Hash identifier: gGCNGUchc9PYJMVvmICrQkCa4z89OjodKsvfXu9Xxlk=
Subject key identifier: 84:A8:BD:1D:8E:D3:47:22:7C:09:BD:D4:0B:1F:0A:1B:E0:47:A1:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188CDFD8D255FADB49D3707814FEC7DC51C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hKi9HY7TRyJ8Cb3UCx8KG-BHod8.roa
Signing time: Sun 18 Jun 2023 10:12:06 +0000
ROA not before: Sun 18 Jun 2023 10:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198535
IP address blocks: 2a0e:b107:1b00::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cd:fd:8d:25:5f:ad:b4:9d:37:07:81:4f:ec:7d:c5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 18 10:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84a8bd1d8ed347227c09bdd40b1f0a1be047a1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fe:41:29:e4:91:fa:73:f1:5a:25:5f:d0:2e:
7b:56:74:1e:85:c2:d2:1d:dc:a7:7c:c1:61:8e:c7:
85:c0:22:a0:31:7a:d6:0e:d3:a2:fe:91:ef:f6:50:
34:92:51:24:ca:56:10:b5:c8:89:62:fd:58:cb:fd:
44:ed:c5:a0:d0:1a:6f:b9:41:45:b6:e2:c8:99:69:
98:68:20:5f:d4:e8:fc:bd:12:08:c6:9a:aa:22:9f:
1b:e2:74:8d:27:45:09:e2:ff:64:32:1b:58:00:5f:
2c:87:1f:a2:d6:35:9d:f9:23:14:50:94:3d:bc:b4:
23:c9:1f:a8:6a:c6:35:34:3d:40:57:52:ad:d0:3e:
ff:e3:9e:47:44:83:6d:90:1e:9e:10:6f:8a:22:2c:
11:98:f3:8c:d3:d7:62:e6:8d:94:68:74:0a:0d:8b:
73:e1:e2:7d:e2:79:5a:95:52:cc:dc:43:2f:51:ed:
ed:d3:bd:a0:2d:f0:9f:17:a9:68:95:2b:67:bb:7b:
79:23:f7:55:74:c3:e5:27:bd:c6:e2:3d:bc:07:b9:
63:3d:5d:09:93:04:a2:9e:90:81:25:b5:4b:80:ff:
26:6f:61:3d:01:c3:ef:7d:30:b0:02:4f:6f:00:36:
66:56:ee:b6:c0:99:01:f7:56:e9:08:fa:a7:8a:85:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A8:BD:1D:8E:D3:47:22:7C:09:BD:D4:0B:1F:0A:1B:E0:47:A1:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hKi9HY7TRyJ8Cb3UCx8KG-BHod8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b00::/44
Signature Algorithm: sha256WithRSAEncryption
ba:30:37:78:1d:c1:ba:3a:76:87:cb:de:26:98:96:44:9e:ca:
2e:57:98:5d:fe:d0:33:50:55:65:3e:8c:e7:9c:9a:a0:c4:27:
3d:75:f0:ea:58:dd:b1:12:45:f0:9a:00:d4:1e:07:7d:d1:ff:
8d:d3:02:c1:c3:db:e3:0a:a5:f7:d7:a3:52:32:cb:38:80:db:
c2:56:28:af:77:23:46:89:73:2f:d1:5e:61:fb:39:e7:87:de:
6e:32:ce:ac:13:7f:7d:cb:cf:00:c3:1c:9d:41:cf:5d:44:4e:
01:85:b7:2b:08:8f:ec:be:b3:5f:1a:0c:54:0b:1f:49:26:24:
22:68:16:51:85:d5:38:c5:ac:93:a6:51:e2:0b:08:48:c0:55:
8f:6b:3f:e4:3c:85:7a:79:56:01:ac:f3:af:4b:e7:d5:ea:81:
45:f1:e0:99:64:4b:db:0a:93:3b:46:86:75:5e:c4:73:e9:a5:
cb:4d:11:db:e3:8d:76:25:4d:a1:32:66:9d:d0:a6:ac:ac:52:
5d:48:ae:9b:78:75:50:b0:40:79:0b:19:19:08:b2:71:ff:1a:
68:d0:18:d6:77:48:ea:47:a5:8a:18:c1:88:dc:43:d3:fa:43:
cc:30:c5:2a:46:52:73:f6:de:8e:37:eb:09:22:15:e6:81:f1:
e4:05:3d:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjN/Y0lX620nTcHgU/sfcUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjE4MTAxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE4YmQxZDhlZDM0NzIyN2MwOWJkZDQwYjFmMGExYmUwNDdhMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf5BKeSR+nPxWiVf0C57VnQehcLS
HdynfMFhjseFwCKgMXrWDtOi/pHv9lA0klEkylYQtciJYv1Yy/1E7cWg0BpvuUFF
tuLImWmYaCBf1Oj8vRIIxpqqIp8b4nSNJ0UJ4v9kMhtYAF8shx+i1jWd+SMUUJQ9
vLQjyR+oasY1ND1AV1Kt0D7/455HRINtkB6eEG+KIiwRmPOM09di5o2UaHQKDYtz
4eJ94nlalVLM3EMvUe3t072gLfCfF6lolStnu3t5I/dVdMPlJ73G4j28B7ljPV0J
kwSinpCBJbVLgP8mb2E9AcPvfTCwAk9vADZmVu62wJkB91bpCPqnioUNXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISovR2O00cifAm91AsfChvgR6HfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaEtpOUhZN1RSeUo4Q2IzVUN4OEtHLUJIb2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxsA
MA0GCSqGSIb3DQEBCwUAA4IBAQC6MDd4HcG6OnaHy94mmJZEnsouV5hd/tAzUFVl
PoznnJqgxCc9dfDqWN2xEkXwmgDUHgd90f+N0wLBw9vjCqX316NSMss4gNvCViiv
dyNGiXMv0V5h+znnh95uMs6sE399y88AwxydQc9dRE4BhbcrCI/svrNfGgxUCx9J
JiQiaBZRhdU4xayTplHiCwhIwFWPaz/kPIV6eVYBrPOvS+fV6oFF8eCZZEvbCpM7
RoZ1XsRz6aXLTRHb4412JU2hMmad0KasrFJdSK6beHVQsEB5CxkZCLJx/xpo0BjW
d0jqR6WKGMGI3EPT+kPMMMUqRlJz9t6ON+sJIhXmgfHkBT3t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:09 2024 by rpki-client on console-ams.rpki-client.org