Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/is_LDzF7s1DUzFbZdQK_20bTeqQ.roa
File: is_LDzF7s1DUzFbZdQK_20bTeqQ.roa (raw, json)
Hash identifier: iAKbGrs7Fj+i5zyyHFMMR932lXXBI9QyWxpwtB6fW2I=
Subject key identifier: 8A:CF:CB:0F:31:7B:B3:50:D4:CC:56:D9:75:02:BF:DB:46:D3:7A:A4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01911FF9B9C9567C58B7D8CFB2757612A51E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/is_LDzF7s1DUzFbZdQK_20bTeqQ.roa
Signing time: Mon 05 Aug 2024 00:39:05 +0000
ROA not before: Mon 05 Aug 2024 00:39:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:b107:1e10::/44 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Oct 2024 16:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1f:f9:b9:c9:56:7c:58:b7:d8:cf:b2:75:76:12:a5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 5 00:39:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8acfcb0f317bb350d4cc56d97502bfdb46d37aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a9:5a:53:b8:ce:d4:88:82:aa:a8:8b:58:62:
35:eb:0c:e0:58:2d:f6:ac:25:5f:61:1a:3c:c6:be:
40:60:0a:b3:78:d2:dc:61:8e:e7:63:2d:7a:83:b4:
ec:da:47:69:89:f7:d1:91:92:cf:c0:57:75:7e:77:
ab:67:da:e0:37:aa:25:5c:38:c0:21:76:52:5d:83:
e6:a0:cf:94:b2:c2:69:66:37:dd:fe:42:c0:07:a7:
43:27:bc:98:9f:b8:25:e5:39:b2:07:98:89:e9:20:
23:63:7b:16:50:04:3e:a7:07:ad:32:47:53:1e:02:
c0:af:7b:2c:74:30:9b:7c:15:4b:86:d6:bf:bc:25:
82:ab:55:f4:1c:67:49:bd:dc:a0:a1:44:0f:c2:f2:
39:2a:6a:9e:31:bc:a9:68:6a:83:17:5f:dd:70:ba:
75:c2:8a:ce:97:93:9d:ba:7c:99:42:43:44:29:8f:
dc:d9:3a:49:09:b8:cb:cc:b1:ff:4a:47:db:82:b9:
2d:51:f8:4a:62:6b:38:c6:dc:4d:8e:0e:48:ea:5f:
7a:71:24:3f:fa:7c:68:05:cc:04:c5:1a:9c:69:70:
ed:3a:c2:ab:9c:c4:06:04:eb:2e:1a:6b:87:f4:8e:
1a:59:c8:2e:3d:c1:46:01:61:a6:f6:dc:a2:7e:5b:
c0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:CB:0F:31:7B:B3:50:D4:CC:56:D9:75:02:BF:DB:46:D3:7A:A4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/is_LDzF7s1DUzFbZdQK_20bTeqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1e10::/44
2a10:2f00:187::/48
Signature Algorithm: sha256WithRSAEncryption
52:18:45:20:d6:6b:1a:c3:ef:04:c6:8e:1f:3a:ad:99:e0:6f:
fd:56:7c:94:b9:fa:8f:f4:e2:85:fc:61:7e:64:6d:fa:f2:51:
bd:b9:24:74:aa:c3:10:db:dd:49:89:72:2b:03:f9:00:5b:5b:
a0:a7:d5:cb:0b:c2:f5:65:be:b8:50:73:53:f9:4d:df:61:ef:
05:9e:98:44:41:c2:ce:fa:40:74:0c:5a:a1:54:ea:43:58:5e:
38:80:c6:a1:68:17:cd:d6:4c:9b:64:45:c8:fc:30:f9:a4:bf:
f8:2a:de:7e:9f:8a:eb:8c:b2:1d:b7:49:a2:ae:63:a7:1f:7c:
e8:a8:f5:09:55:6e:65:90:8f:55:de:b2:6f:50:e6:86:7a:a3:
10:ed:01:83:65:4c:f0:90:9b:30:84:2c:4e:df:86:05:55:dc:
ce:aa:6d:0e:39:e1:ae:c0:55:43:8e:9b:5e:03:e1:7a:92:f3:
58:25:94:08:de:19:bb:f0:32:0f:8b:31:e3:54:94:ef:ff:0d:
36:ef:de:b4:c7:d4:b4:e3:a6:16:8a:f1:07:93:9b:6a:a8:81:
3a:f1:2d:03:63:4a:4b:4d:fe:cb:9d:2d:a8:e0:a6:a2:d9:2b:
50:dc:9a:fe:04:85:c4:26:c1:42:59:87:d8:87:39:b0:3c:42:
ed:72:c7:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEf+bnJVnxYt9jPsnV2EqUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODA1MDAzOTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNmY2IwZjMxN2JiMzUwZDRjYzU2ZDk3NTAyYmZkYjQ2ZDM3YWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6laU7jO1IiCqqiLWGI16wzgWC32
rCVfYRo8xr5AYAqzeNLcYY7nYy16g7Ts2kdpiffRkZLPwFd1fnerZ9rgN6olXDjA
IXZSXYPmoM+UssJpZjfd/kLAB6dDJ7yYn7gl5TmyB5iJ6SAjY3sWUAQ+pwetMkdT
HgLAr3ssdDCbfBVLhta/vCWCq1X0HGdJvdygoUQPwvI5KmqeMbypaGqDF1/dcLp1
worOl5OdunyZQkNEKY/c2TpJCbjLzLH/SkfbgrktUfhKYms4xtxNjg5I6l96cSQ/
+nxoBcwExRqcaXDtOsKrnMQGBOsuGmuH9I4aWcguPcFGAWGm9tyiflvAqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIrPyw8xe7NQ1MxW2XUCv9tG03qkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaXNfTER6RjdzMURVekZiWmRRS18yMGJUZXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBx4Q
AwcAKhAvAAGHMA0GCSqGSIb3DQEBCwUAA4IBAQBSGEUg1msaw+8Exo4fOq2Z4G/9
VnyUufqP9OKF/GF+ZG368lG9uSR0qsMQ291JiXIrA/kAW1ugp9XLC8L1Zb64UHNT
+U3fYe8FnphEQcLO+kB0DFqhVOpDWF44gMahaBfN1kybZEXI/DD5pL/4Kt5+n4rr
jLIdt0mirmOnH3zoqPUJVW5lkI9V3rJvUOaGeqMQ7QGDZUzwkJswhCxO34YFVdzO
qm0OOeGuwFVDjpteA+F6kvNYJZQI3hm78DIPizHjVJTv/w027960x9S046YWivEH
k5tqqIE68S0DY0pLTf7LnS2o4Kai2StQ3Jr+BIXEJsFCWYfYhzmwPELtcscV
-----END CERTIFICATE-----
Generated at Sun Oct 20 17:47:47 2024 by rpki-client on console-fra.rpki-client.org