Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j60NKN4my8yDc6xYMGuHuS49Q6g.roa
File: j60NKN4my8yDc6xYMGuHuS49Q6g.roa (raw, json)
Hash identifier: FLC/qsG44NDsEfjoYjeaYwJlj2EWxM6tNsAH9Wh2Mxo=
Subject key identifier: 8F:AD:0D:28:DE:26:CB:CC:83:73:AC:58:30:6B:87:B9:2E:3D:43:A8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521DC928FA135CBFF31604B80A0B774
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j60NKN4my8yDc6xYMGuHuS49Q6g.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 2a10:cc40:230::/48 maxlen: 48
2a10:cc40:231::/48 maxlen: 48
2a10:cc40:233::/48 maxlen: 48
2a10:cc40:234::/48 maxlen: 48
2a10:cc40:235::/48 maxlen: 48
2a10:cc40:236::/48 maxlen: 48
2a10:cc40:237::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 15:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:dc:92:8f:a1:35:cb:ff:31:60:4b:80:a0:b7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fad0d28de26cbcc8373ac58306b87b92e3d43a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b4:4b:a4:59:28:dc:db:14:2a:74:72:64:79:
5d:5d:e1:11:b8:ca:eb:fe:5b:9c:4f:d3:b2:bc:dc:
b6:68:bd:af:a7:1d:3e:d3:71:be:12:af:2a:21:1d:
2d:a3:e9:68:45:dd:43:3e:58:72:99:90:20:16:5a:
19:5c:a0:43:3f:f6:19:d8:f3:9e:f0:ff:91:af:7e:
c6:6d:a7:49:af:46:34:e2:cf:7f:0a:11:57:a4:ff:
8b:57:ad:ee:aa:e6:87:9b:72:67:3c:90:94:17:97:
7b:87:d2:f3:d1:df:93:96:ff:1c:91:2c:03:8d:40:
af:4d:62:51:3d:92:57:c9:bf:d2:e6:65:4d:7e:81:
b8:15:cf:a2:7a:06:1a:00:21:9a:bd:a6:e4:5a:ba:
42:5a:1f:4f:46:7c:dc:d2:1f:92:ce:ff:d1:37:6e:
d8:04:8c:ff:6f:f1:19:0f:a7:06:d9:cf:f4:c2:a6:
3f:f6:4b:16:f6:b0:4c:cc:11:eb:a3:a3:62:91:9a:
f5:5d:f8:93:f8:f4:7d:2e:fb:dc:25:26:8a:3e:67:
f6:c4:e2:37:5c:73:ed:94:fa:ad:40:e2:3b:e0:f2:
ae:1e:a0:4c:c0:90:bb:d4:74:33:1d:23:b2:4a:07:
f6:37:53:f6:61:b5:09:fd:d5:ec:47:ed:ae:f7:c3:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:AD:0D:28:DE:26:CB:CC:83:73:AC:58:30:6B:87:B9:2E:3D:43:A8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j60NKN4my8yDc6xYMGuHuS49Q6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:230::/47
2a10:cc40:233::-2a10:cc40:237:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:69:de:91:60:c9:ac:43:a5:7d:ba:ac:fc:1b:38:6c:5b:7d:
b6:67:3c:d1:12:67:cd:01:2a:95:ae:67:f2:c3:1f:ae:b8:6a:
84:b5:65:42:83:f6:e0:63:01:a3:0a:6a:66:f1:40:d7:02:99:
ca:c1:9a:b0:1d:ed:79:5d:0e:a8:43:84:67:49:dd:b3:d8:ba:
75:1a:27:3a:4b:29:3f:e5:9d:9e:bd:c9:1c:94:44:12:46:d7:
59:9e:7d:dc:ed:f4:8b:54:a2:0f:6f:0f:18:29:cf:8f:33:40:
8d:09:5a:f9:f6:74:de:af:73:ac:8f:13:bf:ae:4c:1d:49:bd:
d0:b6:7f:bf:0f:75:08:eb:b5:d2:8a:70:52:ef:30:62:e3:e0:
8f:5a:c4:64:d3:28:22:f8:5a:2c:ab:f1:5e:93:d0:b8:f6:1b:
57:10:76:e1:bd:0d:15:de:ff:fb:83:2d:0f:a6:44:bf:6a:47:
84:b4:8b:eb:42:0c:80:18:ce:c3:f6:d3:ce:2f:5b:ff:54:f1:
6f:0c:ed:7a:f8:8b:61:5c:a5:f9:93:6d:bf:30:0f:1b:eb:6d:
68:1b:72:47:b2:12:28:b8:66:74:ec:5b:ed:66:09:11:f2:2c:
b9:cb:86:29:b6:d9:b0:91:9a:93:40:ed:67:bb:5c:c3:c1:f2:
00:a8:b1:5d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIdySj6E1y/8xYEuAoLd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmFkMGQyOGRlMjZjYmNjODM3M2FjNTgzMDZiODdiOTJlM2Q0M2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rRLpFko3NsUKnRyZHldXeERuMrr
/lucT9OyvNy2aL2vpx0+03G+Eq8qIR0to+loRd1DPlhymZAgFloZXKBDP/YZ2POe
8P+Rr37GbadJr0Y04s9/ChFXpP+LV63uquaHm3JnPJCUF5d7h9Lz0d+Tlv8ckSwD
jUCvTWJRPZJXyb/S5mVNfoG4Fc+iegYaACGavabkWrpCWh9PRnzc0h+Szv/RN27Y
BIz/b/EZD6cG2c/0wqY/9ksW9rBMzBHro6NikZr1XfiT+PR9LvvcJSaKPmf2xOI3
XHPtlPqtQOI74PKuHqBMwJC71HQzHSOySgf2N1P2YbUJ/dXsR+2u98OtkQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI+tDSjeJsvMg3OsWDBrh7kuPUOoMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvajYwTktONG15OHlEYzZ4WU1HdUh1UzQ5UTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKhDMQAIw
MBIDBwAqEMxAAjMDBwMqEMxAAjAwDQYJKoZIhvcNAQELBQADggEBAJJp3pFgyaxD
pX26rPwbOGxbfbZnPNESZ80BKpWuZ/LDH664aoS1ZUKD9uBjAaMKambxQNcCmcrB
mrAd7XldDqhDhGdJ3bPYunUaJzpLKT/lnZ69yRyURBJG11mefdzt9ItUog9vDxgp
z48zQI0JWvn2dN6vc6yPE7+uTB1JvdC2f78PdQjrtdKKcFLvMGLj4I9axGTTKCL4
Wiyr8V6T0Lj2G1cQduG9DRXe//uDLQ+mRL9qR4S0i+tCDIAYzsP2084vW/9U8W8M
7Xr4i2FcpfmTbb8wDxvrbWgbckeyEii4ZnTsW+1mCRHyLLnLhim22bCRmpNA7We7
XMPB8gCosV0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:07:24 2025 by rpki-client