Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUsb08dj8Mtma-P642QgDmdAs4s.roa
File: hUsb08dj8Mtma-P642QgDmdAs4s.roa (raw, json)
Hash identifier: rUh5AYq5KGUQU5fW32/KJIhKe9KA11+LkfdOSFOrTDQ=
Subject key identifier: 85:4B:1B:D3:C7:63:F0:CB:66:6B:E3:FA:E3:64:20:0E:67:40:B3:8B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DD5924298C17349F6F383BA2C60D2AF55
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUsb08dj8Mtma-P642QgDmdAs4s.roa
Signing time: Fri 23 Feb 2024 10:45:48 +0000
ROA not before: Fri 23 Feb 2024 10:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210490
IP address blocks: 2a0e:b107:17b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 14:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:92:42:98:c1:73:49:f6:f3:83:ba:2c:60:d2:af:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 23 10:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=854b1bd3c763f0cb666be3fae364200e6740b38b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ba:a6:8c:08:b5:b6:27:93:a7:b9:27:9c:b1:
e2:b0:39:b9:93:82:8f:2c:e8:ef:4d:ec:36:bd:36:
c7:0c:58:b5:d3:73:6e:5b:ca:c8:60:c7:5b:4d:eb:
76:48:4b:43:36:ce:7c:ba:69:d7:8b:85:ea:4c:97:
f4:be:e7:82:4f:93:6e:6d:9f:3e:35:81:70:cb:1b:
51:5a:8d:9d:d4:66:ca:da:d7:24:db:fd:e7:4a:c9:
b0:80:6d:68:9e:5e:ba:49:43:ca:25:d5:f1:f8:a9:
86:1b:03:c3:07:ac:88:d4:77:39:ae:b7:2d:c3:63:
66:2c:82:04:1e:c8:a6:e2:5e:8e:dd:6c:5e:43:ea:
c6:34:e9:c9:a5:b9:74:ab:d3:8c:5d:1f:2a:44:ef:
38:0d:56:eb:84:90:a9:95:ec:bc:f6:8f:27:21:22:
e7:9c:7c:e0:30:e8:03:c8:ef:50:3a:47:fc:45:76:
fa:46:2e:7a:30:d0:ef:eb:42:53:ac:10:ec:6f:51:
58:fa:63:33:10:5d:ef:c3:d7:0a:22:af:b3:48:6d:
49:7a:5f:10:15:8c:24:fa:5d:8a:0a:2a:48:49:a7:
f9:fa:7a:55:0d:81:54:19:e6:61:cf:b5:b6:fd:0a:
75:5d:a6:9f:09:b0:bc:10:0a:ac:68:1d:2a:69:f8:
95:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4B:1B:D3:C7:63:F0:CB:66:6B:E3:FA:E3:64:20:0E:67:40:B3:8B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hUsb08dj8Mtma-P642QgDmdAs4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:17b0::/44
Signature Algorithm: sha256WithRSAEncryption
67:44:93:f1:69:74:51:be:a9:00:52:c7:4e:b3:d8:24:a6:09:
8c:2f:33:56:74:26:85:5b:b3:a3:36:31:b1:34:40:ff:ee:a5:
59:cb:1d:07:01:f0:3b:d7:1e:07:45:60:eb:42:b2:7a:8b:77:
e6:ee:6f:70:e9:ee:bf:b7:8f:eb:92:e4:02:a5:fd:ae:d2:f3:
31:07:5c:90:4c:a9:f3:c7:6e:89:07:b8:6b:e5:80:36:c9:a9:
b7:c3:10:20:ab:ee:4a:2a:53:75:51:79:f3:6d:d1:79:e3:9e:
23:da:08:8a:a5:10:0c:91:be:2b:8c:1e:7a:36:de:d4:a0:cd:
a3:61:04:d9:70:19:6d:f2:c7:b4:a3:25:79:3d:78:b6:12:24:
10:ae:39:fc:57:af:1e:0e:85:6e:96:47:ea:80:6e:40:f9:5a:
d7:f1:47:93:bc:b4:1f:34:63:b8:b1:4c:40:27:48:1f:32:2a:
42:b0:23:ea:bb:6c:6f:fd:f0:2c:c0:d4:74:7e:43:79:4e:04:
36:18:e5:99:30:3a:3e:cd:81:d3:47:fa:12:bb:37:d7:f7:5c:
47:22:bd:7d:f9:b6:54:d9:5d:15:31:5c:13:c0:4d:8b:72:72:
5b:85:1b:06:19:97:e1:77:88:db:b2:94:aa:bf:c0:3c:0e:a2:
cb:ce:dd:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3VkkKYwXNJ9vODuixg0q9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIzMTA0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRiMWJkM2M3NjNmMGNiNjY2YmUzZmFlMzY0MjAwZTY3NDBiMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrqmjAi1tieTp7knnLHisDm5k4KP
LOjvTew2vTbHDFi103NuW8rIYMdbTet2SEtDNs58umnXi4XqTJf0vueCT5NubZ8+
NYFwyxtRWo2d1GbK2tck2/3nSsmwgG1onl66SUPKJdXx+KmGGwPDB6yI1Hc5rrct
w2NmLIIEHsim4l6O3WxeQ+rGNOnJpbl0q9OMXR8qRO84DVbrhJCpley89o8nISLn
nHzgMOgDyO9QOkf8RXb6Ri56MNDv60JTrBDsb1FY+mMzEF3vw9cKIq+zSG1Jel8Q
FYwk+l2KCipISaf5+npVDYFUGeZhz7W2/Qp1XaafCbC8EAqsaB0qafiVJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIVLG9PHY/DLZmvj+uNkIA5nQLOLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaFVzYjA4ZGo4TXRtYS1QNjQyUWdEbWRBczRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxew
MA0GCSqGSIb3DQEBCwUAA4IBAQBnRJPxaXRRvqkAUsdOs9gkpgmMLzNWdCaFW7Oj
NjGxNED/7qVZyx0HAfA71x4HRWDrQrJ6i3fm7m9w6e6/t4/rkuQCpf2u0vMxB1yQ
TKnzx26JB7hr5YA2yam3wxAgq+5KKlN1UXnzbdF5454j2giKpRAMkb4rjB56Nt7U
oM2jYQTZcBlt8se0oyV5PXi2EiQQrjn8V68eDoVulkfqgG5A+VrX8UeTvLQfNGO4
sUxAJ0gfMipCsCPqu2xv/fAswNR0fkN5TgQ2GOWZMDo+zYHTR/oSuzfX91xHIr19
+bZU2V0VMVwTwE2LcnJbhRsGGZfhd4jbspSqv8A8DqLLzt1C
-----END CERTIFICATE-----
Generated at Fri Feb 23 19:23:47 2024 by rpki-client on console-fra.rpki-client.org