Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j2R0gZbpvwBnXXBKUALErDcvWpU.roa
File: j2R0gZbpvwBnXXBKUALErDcvWpU.roa (raw, json)
Hash identifier: RFSEDTCXH4RqE9gK9cAj13RR1IPkOF+stss5IudWyvs=
Subject key identifier: 8F:64:74:81:96:E9:BF:00:67:5D:70:4A:50:02:C4:AC:37:2F:5A:95
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A12EF9543529CE75827D14BC6D3C4F19A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j2R0gZbpvwBnXXBKUALErDcvWpU.roa
Signing time: Sun 20 Aug 2023 12:33:25 +0000
ROA not before: Sun 20 Aug 2023 12:33:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211358
IP address blocks: 2a0e:b107:12d8::/48 maxlen: 48
2a0e:b107:12d5::/48 maxlen: 48
2a0e:b107:12d2::/48 maxlen: 48
2a0e:b107:12d7::/48 maxlen: 48
2a0e:b107:12d4::/48 maxlen: 48
2a0e:b107:12d9::/48 maxlen: 48
2a0e:b107:12d1::/48 maxlen: 48
2a0e:b107:12d6::/48 maxlen: 48
2a0e:b107:12d3::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:12:ef:95:43:52:9c:e7:58:27:d1:4b:c6:d3:c4:f1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 20 12:33:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f64748196e9bf00675d704a5002c4ac372f5a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:be:cb:55:3d:3a:ee:78:0c:94:65:df:2f:
3e:98:cb:2d:5e:bc:96:00:96:2e:d0:25:40:01:d5:
d5:e3:1a:1b:47:3d:43:26:d6:3b:e3:fd:7e:73:4c:
1d:0d:1c:1f:9b:a2:ea:69:cd:ce:90:dd:bd:f8:cb:
da:33:f1:89:23:e2:7d:2b:d1:22:ee:3f:e0:da:6f:
79:de:4a:65:ec:7b:cf:5e:cd:44:0a:e4:da:1a:75:
eb:5c:48:ab:e5:64:6c:d5:29:71:15:6f:de:e9:14:
f6:5f:53:8c:25:d6:c4:9d:76:74:e9:72:30:1c:37:
c2:9c:7e:53:6b:54:aa:fa:bc:f3:20:57:cb:7b:36:
5e:a5:0c:2c:71:16:d2:ed:97:ff:d4:7f:d9:ea:03:
7d:bb:4c:49:ea:f4:3c:37:c1:30:c4:2b:be:e6:4a:
88:b0:24:51:91:04:d9:dd:31:70:3c:5a:97:87:a6:
63:d3:e3:2f:ec:a8:db:e7:2b:4b:0e:bc:63:78:aa:
5c:3e:49:ea:94:1a:00:60:56:1a:af:19:1a:5d:80:
48:a4:aa:50:d3:ce:a3:1c:a1:cd:42:57:81:3d:44:
38:30:e6:22:4a:57:e6:6f:d3:c7:f3:1c:4a:70:06:
12:53:b3:9c:52:01:9d:b3:96:f7:45:08:f5:bd:12:
9f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:64:74:81:96:E9:BF:00:67:5D:70:4A:50:02:C4:AC:37:2F:5A:95
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j2R0gZbpvwBnXXBKUALErDcvWpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d1::-2a0e:b107:12d9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2d:c0:98:b0:86:52:1b:9b:b1:05:8c:59:6a:84:79:c7:ff:c2:
b2:31:57:07:52:14:68:76:86:8e:7c:e4:09:a2:86:d4:3f:5f:
35:58:91:de:49:0d:48:32:b5:3f:5c:bf:e6:ce:ed:6e:72:4f:
60:69:1b:0b:bc:36:80:26:f0:4f:00:73:08:1d:c1:51:18:d6:
18:08:b7:ec:19:f5:9a:3f:32:1f:8a:0d:23:c9:0d:d9:10:60:
91:70:1d:f8:2d:77:66:b0:3a:13:b9:a8:cc:09:b1:30:df:19:
e5:36:9c:00:06:e3:ce:30:c5:8d:ec:4a:31:f2:27:d3:52:82:
f1:c3:14:17:39:c9:c3:c3:ee:ae:63:99:8c:d6:1e:49:be:a8:
ca:11:b7:51:7d:f7:de:8a:a6:76:7c:b2:7a:91:0c:44:18:9d:
ad:7c:6b:e7:02:b6:cc:cd:e9:dd:a5:2d:ea:c4:04:b0:45:01:
c3:d0:13:41:9d:67:e4:6c:e2:ed:25:cb:48:aa:9a:0f:83:9a:
f0:45:cc:a2:c7:e5:cb:5e:89:55:a6:18:58:a9:cf:44:d6:7b:
e4:b9:c8:39:55:56:28:31:4f:29:16:91:b1:85:8f:16:07:fa:
10:31:4a:e6:65:b0:15:0f:d0:13:02:47:11:cc:9a:66:0e:48:
f7:de:b6:36
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYoS75VDUpznWCfRS8bTxPGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODIwMTIzMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY0NzQ4MTk2ZTliZjAwNjc1ZDcwNGE1MDAyYzRhYzM3MmY1YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+6+y1U9Ou54DJRl3y8+mMstXryW
AJYu0CVAAdXV4xobRz1DJtY74/1+c0wdDRwfm6Lqac3OkN29+MvaM/GJI+J9K9Ei
7j/g2m953kpl7HvPXs1ECuTaGnXrXEir5WRs1SlxFW/e6RT2X1OMJdbEnXZ06XIw
HDfCnH5Ta1Sq+rzzIFfLezZepQwscRbS7Zf/1H/Z6gN9u0xJ6vQ8N8EwxCu+5kqI
sCRRkQTZ3TFwPFqXh6Zj0+Mv7Kjb5ytLDrxjeKpcPknqlBoAYFYarxkaXYBIpKpQ
086jHKHNQleBPUQ4MOYiSlfmb9PH8xxKcAYSU7OcUgGds5b3RQj1vRKfLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI9kdIGW6b8AZ11wSlACxKw3L1qVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvajJSMGdaYnB2d0JuWFhCS1VBTEVyRGN2V3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
EtEDBwEqDrEHEtgwDQYJKoZIhvcNAQELBQADggEBAC3AmLCGUhubsQWMWWqEecf/
wrIxVwdSFGh2ho585AmihtQ/XzVYkd5JDUgytT9cv+bO7W5yT2BpGwu8NoAm8E8A
cwgdwVEY1hgIt+wZ9Zo/Mh+KDSPJDdkQYJFwHfgtd2awOhO5qMwJsTDfGeU2nAAG
484wxY3sSjHyJ9NSgvHDFBc5ycPD7q5jmYzWHkm+qMoRt1F9996KpnZ8snqRDEQY
na18a+cCtszN6d2lLerEBLBFAcPQE0GdZ+Rs4u0ly0iqmg+DmvBFzKLH5cteiVWm
GFipz0TWe+S5yDlVVigxTykWkbGFjxYH+hAxSuZlsBUP0BMCRxHMmmYOSPfetjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org