Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jDk2KSZQUOXlTlnV-S6gdXW4z1s.roa
File: jDk2KSZQUOXlTlnV-S6gdXW4z1s.roa (raw, json)
Hash identifier: LIQE/erQiYFcw3IJT2mEPa75xHHd7MOPM/BkLfa//us=
Subject key identifier: 8C:39:36:29:26:50:50:E5:E5:4E:59:D5:F9:2E:A0:75:75:B8:CF:5B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D082AD53D3A7671E6B283A69AAC99E175
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jDk2KSZQUOXlTlnV-S6gdXW4z1s.roa
Signing time: Sun 14 Jan 2024 13:30:41 +0000
ROA not before: Sun 14 Jan 2024 13:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Feb 2024 12:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:2a:d5:3d:3a:76:71:e6:b2:83:a6:9a:ac:99:e1:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 14 13:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c393629265050e5e54e59d5f92ea07575b8cf5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:e7:17:5f:f5:de:4b:27:cf:ca:40:85:18:
22:80:37:5c:5d:98:91:13:cd:cc:c1:a9:f5:84:ff:
71:04:0f:e1:77:85:34:08:03:5b:00:ea:1a:3e:99:
8f:8f:98:8b:77:34:de:7b:54:4e:31:0f:e1:48:38:
68:72:54:12:6b:b5:9a:86:96:6e:4f:67:5d:29:e9:
9d:01:9a:e3:10:2a:af:f9:76:c7:00:9c:a1:0e:51:
1a:1e:33:ef:a4:1e:c2:30:11:37:64:1a:03:08:81:
e3:32:ac:85:e2:6e:a8:75:4d:9b:c8:fc:b8:28:4b:
7c:4c:dd:a7:a9:03:ac:e3:e9:70:84:cc:17:72:43:
74:e3:93:29:ec:7d:ea:b5:f7:bc:9f:58:08:b4:4d:
77:ad:17:6c:31:bd:1f:85:3d:90:ec:4a:d3:41:98:
89:48:de:5a:c0:bc:26:78:74:fa:a6:06:60:bf:e5:
ab:f0:d5:2c:db:8e:8f:98:87:2a:bc:43:66:ee:0f:
d0:3c:41:9d:df:a1:b4:66:dc:35:87:65:78:60:5d:
40:76:ba:52:a8:91:65:73:92:17:2b:d5:da:f5:a1:
30:73:f4:8d:9d:a7:89:c3:be:90:41:22:24:2f:fc:
5e:61:cd:32:0e:50:6d:2a:ad:97:8a:bd:11:30:e0:
9f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:39:36:29:26:50:50:E5:E5:4E:59:D5:F9:2E:A0:75:75:B8:CF:5B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jDk2KSZQUOXlTlnV-S6gdXW4z1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:cf:12:05:81:94:90:0a:60:a9:69:06:fe:6a:4d:6a:4a:dd:
85:b1:ed:f1:53:0c:30:86:34:05:d5:0c:02:3e:d0:bb:6e:ef:
40:62:37:0f:7f:02:bb:64:af:d9:a3:1b:d1:b3:fa:8d:95:0b:
71:ee:a8:69:f3:51:5f:9f:f3:ca:00:2b:37:74:f4:65:ba:20:
b4:48:b2:00:c3:2b:90:a9:0c:93:3e:f8:fa:6c:e9:ba:39:54:
e5:3a:06:35:5e:1e:3e:88:c1:1e:33:1a:96:84:79:af:56:91:
dd:b6:d5:e4:c9:ad:74:5d:e8:24:87:47:19:9b:4b:8d:29:b0:
12:68:c0:d6:b9:35:2c:eb:ed:55:a1:5a:8b:6c:f2:c5:7e:c2:
5f:71:67:95:34:72:ad:a8:e0:42:a9:cc:4c:0b:d4:dc:d5:f2:
f6:19:a5:04:06:ba:6e:b4:0e:9e:53:b4:01:dc:6d:9b:be:01:
72:17:23:e1:7e:52:fc:87:4e:39:d8:53:9f:55:ad:8f:6c:9b:
5b:0e:40:48:d4:c2:ce:ae:f3:83:92:10:c8:f2:dd:d7:b3:91:
d8:a0:4d:1c:19:56:96:7f:ed:15:13:55:0e:ce:93:22:1b:d6:
30:bd:02:ce:33:31:2f:62:dc:d2:b7:95:59:52:75:a3:c2:63:
e6:fa:48:b9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0IKtU9OnZx5rKDppqsmeF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE0MTMzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzM5MzYyOTI2NTA1MGU1ZTU0ZTU5ZDVmOTJlYTA3NTc1YjhjZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtjnF1/13ksnz8pAhRgigDdcXZiR
E83Mwan1hP9xBA/hd4U0CANbAOoaPpmPj5iLdzTee1ROMQ/hSDhoclQSa7WahpZu
T2ddKemdAZrjECqv+XbHAJyhDlEaHjPvpB7CMBE3ZBoDCIHjMqyF4m6odU2byPy4
KEt8TN2nqQOs4+lwhMwXckN045Mp7H3qtfe8n1gItE13rRdsMb0fhT2Q7ErTQZiJ
SN5awLwmeHT6pgZgv+Wr8NUs246PmIcqvENm7g/QPEGd36G0Ztw1h2V4YF1AdrpS
qJFlc5IXK9Xa9aEwc/SNnaeJw76QQSIkL/xeYc0yDlBtKq2Xir0RMOCfmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIw5NikmUFDl5U5Z1fkuoHV1uM9bMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvakRrMktTWlFVT1hsVGxuVi1TNmdkWFc0ejFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQAqzxIFgZSQCmCp
aQb+ak1qSt2Fse3xUwwwhjQF1QwCPtC7bu9AYjcPfwK7ZK/ZoxvRs/qNlQtx7qhp
81Ffn/PKACs3dPRluiC0SLIAwyuQqQyTPvj6bOm6OVTlOgY1Xh4+iMEeMxqWhHmv
VpHdttXkya10Xegkh0cZm0uNKbASaMDWuTUs6+1VoVqLbPLFfsJfcWeVNHKtqOBC
qcxMC9Tc1fL2GaUEBrputA6eU7QB3G2bvgFyFyPhflL8h0452FOfVa2PbJtbDkBI
1MLOrvODkhDI8t3Xs5HYoE0cGVaWf+0VE1UOzpMiG9YwvQLOMzEvYtzSt5VZUnWj
wmPm+ki5
-----END CERTIFICATE-----
Generated at Thu Feb 8 16:50:26 2024 by rpki-client on console-ams.rpki-client.org