Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i3CPlS-vklhiQvBMrw--55TiPpk.roa
File: i3CPlS-vklhiQvBMrw--55TiPpk.roa (raw, json)
Hash identifier: ibmRfy9RX1nXd0F/EMJYQUQtL7RGnjetZd6FnXos8qw=
Subject key identifier: 8B:70:8F:95:2F:AF:92:58:62:42:F0:4C:AF:0F:BE:E7:94:E2:3E:99
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D50F0E297398BFFA862725E91569D87EE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i3CPlS-vklhiQvBMrw--55TiPpk.roa
Signing time: Sun 28 Jan 2024 16:39:40 +0000
ROA not before: Sun 28 Jan 2024 16:39:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215669
IP address blocks: 2a06:de01:110::/44 maxlen: 48
2a0e:97c0:8b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:24:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:50:f0:e2:97:39:8b:ff:a8:62:72:5e:91:56:9d:87:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 16:39:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b708f952faf92586242f04caf0fbee794e23e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ef:f2:1e:c3:63:eb:be:8f:f8:79:37:1c:8f:
50:11:c8:55:f6:0e:6b:40:b3:0e:87:bc:45:7b:94:
47:ca:32:64:4e:90:91:2e:5e:a1:26:90:6e:12:8b:
88:9c:03:57:93:fd:b1:f9:59:fa:f0:8b:a0:4a:0a:
61:bb:c3:4b:3d:c2:2c:d3:dc:8c:8b:25:16:e1:0a:
a3:a4:1b:2d:ab:f1:3d:67:4a:6f:c5:c2:1b:f2:b9:
fa:b7:b3:97:bc:bc:4a:40:08:31:87:37:05:7d:31:
24:73:ec:5f:55:68:12:06:6b:8a:fb:7f:9c:30:af:
0d:34:d3:f7:a2:72:ac:00:3f:05:75:8a:ca:a8:17:
65:b7:a4:46:a1:aa:61:fb:75:33:13:db:9e:05:84:
b8:2f:09:ad:aa:41:5f:01:97:d2:ea:22:43:53:bc:
12:9d:1e:fd:1f:5f:7c:48:e9:89:0e:fa:d2:c1:01:
54:93:83:a1:06:0a:3a:75:c8:df:ba:2e:10:c5:99:
e6:51:c5:0c:41:79:cd:ac:91:66:2d:ed:21:95:c0:
3c:57:1c:e4:33:e8:9a:5f:eb:03:b7:3d:6d:2a:28:
04:eb:04:81:b1:33:2e:eb:18:0a:25:c5:38:96:d3:
63:02:96:0a:8a:8b:78:ae:1e:31:27:fc:c5:de:ac:
36:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:70:8F:95:2F:AF:92:58:62:42:F0:4C:AF:0F:BE:E7:94:E2:3E:99
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/i3CPlS-vklhiQvBMrw--55TiPpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:110::/44
2a0e:97c0:8b0::/44
Signature Algorithm: sha256WithRSAEncryption
bc:36:70:a7:c5:f0:16:e9:a6:85:0e:e0:61:be:cc:c8:5b:97:
bd:d0:44:bc:a7:8e:20:00:7c:b1:6c:4d:c3:5b:c3:9e:bf:e6:
c2:c0:58:85:30:d0:6e:b3:04:a7:0a:44:d6:6e:b7:45:a4:72:
a8:18:12:4d:c9:a3:ac:9a:5c:dd:2a:5d:1e:6e:54:37:2e:da:
72:68:20:ed:3d:33:17:a3:27:ff:03:1a:a2:19:a2:55:87:a0:
6d:11:ef:31:41:2d:d1:39:56:49:0f:f1:b3:eb:eb:20:59:4c:
64:cb:09:6d:23:06:27:7f:9e:ed:9f:d6:0c:8c:13:98:5f:79:
73:35:ed:ea:9b:b0:2e:71:1b:99:14:62:2a:00:a9:c1:10:1d:
9e:97:11:b3:75:0e:5c:b5:86:e5:a9:8e:85:fb:0c:38:81:c1:
90:35:54:d2:8f:4d:b0:c6:41:6a:57:d3:ea:31:08:c8:a9:c7:
fb:0d:a4:98:b3:77:73:2d:24:23:c9:87:07:39:a6:74:4f:8e:
85:b1:d2:79:8d:f7:1f:66:c1:0b:b1:37:50:a6:1e:68:18:e0:
9f:48:63:3d:b0:bd:aa:25:04:03:c9:a4:6b:ba:68:dd:f3:8e:
e3:57:ff:60:29:52:20:17:1d:85:24:c0:b8:5a:18:8d:5d:e8:
bc:7f:9d:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1Q8OKXOYv/qGJyXpFWnYfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTI4MTYzOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjcwOGY5NTJmYWY5MjU4NjI0MmYwNGNhZjBmYmVlNzk0ZTIzZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+/yHsNj676P+Hk3HI9QEchV9g5r
QLMOh7xFe5RHyjJkTpCRLl6hJpBuEouInANXk/2x+Vn68IugSgphu8NLPcIs09yM
iyUW4QqjpBstq/E9Z0pvxcIb8rn6t7OXvLxKQAgxhzcFfTEkc+xfVWgSBmuK+3+c
MK8NNNP3onKsAD8FdYrKqBdlt6RGoaph+3UzE9ueBYS4LwmtqkFfAZfS6iJDU7wS
nR79H198SOmJDvrSwQFUk4OhBgo6dcjfui4QxZnmUcUMQXnNrJFmLe0hlcA8Vxzk
M+iaX+sDtz1tKigE6wSBsTMu6xgKJcU4ltNjApYKiot4rh4xJ/zF3qw2jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItwj5Uvr5JYYkLwTK8PvueU4j6ZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaTNDUGxTLXZrbGhpUXZCTXJ3LS01NVRpUHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAQEQ
AwcEKg6XwAiwMA0GCSqGSIb3DQEBCwUAA4IBAQC8NnCnxfAW6aaFDuBhvszIW5e9
0ES8p44gAHyxbE3DW8Oev+bCwFiFMNBuswSnCkTWbrdFpHKoGBJNyaOsmlzdKl0e
blQ3LtpyaCDtPTMXoyf/AxqiGaJVh6BtEe8xQS3ROVZJD/Gz6+sgWUxkywltIwYn
f57tn9YMjBOYX3lzNe3qm7AucRuZFGIqAKnBEB2elxGzdQ5ctYblqY6F+ww4gcGQ
NVTSj02wxkFqV9PqMQjIqcf7DaSYs3dzLSQjyYcHOaZ0T46FsdJ5jfcfZsELsTdQ
ph5oGOCfSGM9sL2qJQQDyaRrumjd847jV/9gKVIgFx2FJMC4WhiNXei8f50M
-----END CERTIFICATE-----
Generated at Mon Jan 29 13:56:23 2024 by rpki-client on console-ams.rpki-client.org