Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jG_iup3fmzBT1qqY5R03MEvVsOs.roa
File: jG_iup3fmzBT1qqY5R03MEvVsOs.roa (raw, json)
Hash identifier: uhJy66UNwZpEs6uhsfJT2IidBC0Rdhw5pgYZOnOa/3g=
Subject key identifier: 8C:6F:E2:BA:9D:DF:9B:30:53:D6:AA:98:E5:1D:37:30:4B:D5:B0:EB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01904DF894A234FF828CE403E7E22BFD98D5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jG_iup3fmzBT1qqY5R03MEvVsOs.roa
Signing time: Tue 25 Jun 2024 05:57:34 +0000
ROA not before: Tue 25 Jun 2024 05:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:97c0:1000::/38 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/38 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 11:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4d:f8:94:a2:34:ff:82:8c:e4:03:e7:e2:2b:fd:98:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 25 05:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c6fe2ba9ddf9b3053d6aa98e51d37304bd5b0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:ce:ca:32:f9:d2:f2:01:3a:13:f4:d6:af:
1e:b7:38:15:d9:bb:3b:36:2c:bd:ac:8e:b2:c6:3d:
13:20:6e:82:d6:12:39:f6:c9:f2:9a:f2:49:a9:85:
55:75:0b:2a:01:7a:fa:89:74:90:8a:d4:1b:fb:2a:
3b:c5:5f:b9:32:f1:d3:9b:40:16:46:1c:ff:ec:be:
23:77:18:98:e5:aa:58:18:2e:73:0f:24:5b:aa:d7:
2a:0f:aa:2d:82:3e:b5:3c:7b:fc:b4:33:99:32:da:
25:f5:c4:31:a5:a6:94:c8:55:2c:52:55:e4:38:9a:
33:88:05:a0:3b:49:02:c5:14:c1:e5:2d:64:e8:ee:
54:91:ac:aa:d0:6f:0c:6e:c0:08:59:cd:1c:0d:24:
2c:df:71:a1:50:74:95:cd:e1:9d:4a:5c:bb:05:2f:
fe:84:dc:9c:ad:c0:5b:b3:21:78:27:f5:39:11:19:
5a:a5:4b:0c:ea:5e:9b:a1:be:26:28:6a:54:85:fd:
ec:b2:d9:ef:90:4f:d9:5a:5f:7b:06:38:0a:b3:d4:
23:6a:bb:45:df:69:78:a0:a9:97:c0:1f:71:30:8f:
9a:be:d1:f0:7a:d0:f9:10:9b:f2:7b:0e:14:01:07:
eb:79:1a:05:00:cb:46:41:ed:17:e0:14:9b:e1:11:
0b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6F:E2:BA:9D:DF:9B:30:53:D6:AA:98:E5:1D:37:30:4B:D5:B0:EB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jG_iup3fmzBT1qqY5R03MEvVsOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1000::/38
2a10:2f00:187::/48
2a10:ccc0:800::/38
Signature Algorithm: sha256WithRSAEncryption
4b:52:e1:11:33:52:c7:8b:c0:d5:f2:94:a3:78:0b:dc:0a:fe:
39:86:9d:6f:90:0d:e5:ef:9b:4d:c1:23:8f:2e:6c:55:e1:fb:
5b:df:f9:29:3d:c2:30:10:b2:72:38:a8:39:27:76:78:bf:c5:
00:6e:44:b9:cd:dd:7e:f1:77:8b:ae:01:85:9a:af:56:65:ca:
18:f2:01:f0:a1:f7:fd:a8:0f:8b:83:05:65:4b:b9:2c:30:15:
64:24:61:07:5e:33:d5:e1:00:b8:2e:c5:76:59:03:f4:d8:51:
7f:e8:05:80:77:19:d0:1d:36:5b:aa:56:56:ff:9f:89:84:6b:
03:49:12:4b:07:a4:68:1e:08:90:d3:c6:50:8e:5c:e1:60:13:
5b:88:26:8d:4b:f9:43:67:fe:58:31:42:88:68:3a:89:87:bb:
d8:04:eb:ce:0a:a7:b8:1f:8c:c1:78:23:a1:99:70:fb:78:2f:
d1:38:94:a0:a0:5e:17:81:8c:bd:de:f7:c2:02:aa:a4:04:9f:
c2:ed:06:c1:bc:05:47:5a:00:14:8a:e2:36:2f:04:e9:99:69:
87:1b:55:c1:c2:5f:93:0c:c7:20:89:0f:33:6a:23:27:31:76:
14:7d:f5:60:2d:40:05:8d:4d:2b:c8:d2:dd:53:40:2e:44:3a:
92:7d:f7:b6
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZBN+JSiNP+CjOQD5+Ir/ZjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjI1MDU1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzZmZTJiYTlkZGY5YjMwNTNkNmFhOThlNTFkMzczMDRiZDViMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjbOyjL50vIBOhP01q8etzgV2bs7
Niy9rI6yxj0TIG6C1hI59snymvJJqYVVdQsqAXr6iXSQitQb+yo7xV+5MvHTm0AW
Rhz/7L4jdxiY5apYGC5zDyRbqtcqD6otgj61PHv8tDOZMtol9cQxpaaUyFUsUlXk
OJoziAWgO0kCxRTB5S1k6O5Ukayq0G8MbsAIWc0cDSQs33GhUHSVzeGdSly7BS/+
hNycrcBbsyF4J/U5ERlapUsM6l6bob4mKGpUhf3sstnvkE/ZWl97BjgKs9QjartF
32l4oKmXwB9xMI+avtHwetD5EJvyew4UAQfreRoFAMtGQe0X4BSb4REL7QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFIxv4rqd35swU9aqmOUdNzBL1bDrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvakdfaXVwM2ZtekJUMXFxWTVSMDNNRXZWc09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYCKg6XwBAD
BwAqEC8AAYcDBgIqEMzACDANBgkqhkiG9w0BAQsFAAOCAQEAS1LhETNSx4vA1fKU
o3gL3Ar+OYadb5AN5e+bTcEjjy5sVeH7W9/5KT3CMBCycjioOSd2eL/FAG5Euc3d
fvF3i64BhZqvVmXKGPIB8KH3/agPi4MFZUu5LDAVZCRhB14z1eEAuC7FdlkD9NhR
f+gFgHcZ0B02W6pWVv+fiYRrA0kSSwekaB4IkNPGUI5c4WATW4gmjUv5Q2f+WDFC
iGg6iYe72ATrzgqnuB+MwXgjoZlw+3gv0TiUoKBeF4GMvd73wgKqpASfwu0GwbwF
R1oAFIriNi8E6ZlphxtVwcJfkwzHIIkPM2ojJzF2FH31YC1ABY1NK8jS3VNALkQ6
kn33tg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 16:30:43 2024 by rpki-client on console-ams.rpki-client.org