Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kJA8SG0A4CXKl7rrNDZWaJ1YR84.roa
File: kJA8SG0A4CXKl7rrNDZWaJ1YR84.roa (raw, json)
Hash identifier: jLBb8U9pku0/vSqImRETcCzN1MXJFgYpIeI58CWDFt4=
Subject key identifier: 90:90:3C:48:6D:00:E0:25:CA:97:BA:EB:34:36:56:68:9D:58:47:CE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD41FC516A9A915DF1673127FDFC6F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kJA8SG0A4CXKl7rrNDZWaJ1YR84.roa
Signing time: Tue 02 Jan 2024 10:34:32 +0000
ROA not before: Tue 02 Jan 2024 10:34:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212196
IP address blocks: 2a0e:b107:ec0::/48 maxlen: 48
2a0e:b107:ec0::/44 maxlen: 48
2a0e:b107:ec2::/48 maxlen: 48
2a0e:b107:ecf::/48 maxlen: 48
2a0e:b107:ec1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Feb 2024 00:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:41:fc:51:6a:9a:91:5d:f1:67:31:27:fd:fc:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90903c486d00e025ca97baeb343656689d5847ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6f:2f:20:f8:7c:0e:da:51:ef:56:f4:fa:42:
60:98:30:97:ae:8f:ff:9e:4a:0e:dd:0f:2b:42:d9:
09:0c:f8:02:08:3d:ad:8f:ed:8f:41:47:b3:fa:d2:
f5:e2:97:c4:4c:13:0a:ec:39:61:d5:39:bb:be:d3:
46:01:09:84:a4:0a:82:35:da:f7:4a:dd:94:45:6b:
6c:97:00:e8:38:29:ff:3b:6c:9c:79:4b:42:84:06:
6a:9c:97:19:ad:89:61:58:82:c2:35:27:c2:87:54:
c1:63:8b:a3:5b:c7:98:67:70:3e:61:cf:b3:cc:7e:
31:0e:e0:8a:f3:d1:80:0f:80:54:3f:36:ad:2e:2d:
98:6d:58:87:57:36:d8:d3:f4:63:cf:40:81:62:9c:
7c:ca:c6:8f:88:f1:c8:8d:f5:39:31:96:61:39:34:
e2:5c:78:5f:4a:ef:66:c7:bb:3c:49:97:ce:e8:98:
93:46:ad:17:45:6a:eb:39:5c:e2:2c:4d:a5:2f:22:
f1:b9:da:f1:f8:cf:7d:ae:1a:6b:71:b2:a5:7d:ce:
ea:7f:b6:5d:6c:9d:31:89:13:76:1f:f9:7f:0e:2b:
b4:e1:6f:a9:bf:5e:35:64:40:c5:e3:7c:cd:cc:fe:
04:aa:15:2b:c2:d0:43:74:ab:a8:d8:5b:fe:86:82:
23:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:90:3C:48:6D:00:E0:25:CA:97:BA:EB:34:36:56:68:9D:58:47:CE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kJA8SG0A4CXKl7rrNDZWaJ1YR84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ec0::/44
Signature Algorithm: sha256WithRSAEncryption
8a:eb:a0:6e:33:a2:72:c5:b8:00:09:2c:79:e8:a2:c3:81:78:
7b:e2:2e:f0:45:2d:4b:65:31:47:36:99:4a:61:50:08:20:28:
d4:a2:0f:bb:85:e6:f0:a8:d4:fe:39:48:8e:77:1e:4a:ca:69:
6e:db:40:0e:99:49:7f:61:81:ac:92:af:05:54:5c:e0:b2:dd:
07:12:ab:5c:b1:5e:17:ca:db:e7:80:8e:bd:4c:8b:29:8a:a9:
19:0b:cb:14:7c:43:65:36:46:51:d0:d6:88:b7:dd:ab:66:db:
d4:b1:a4:22:3a:58:de:fa:33:b9:2d:eb:e4:83:c2:fe:97:76:
46:29:0a:03:df:48:ed:2a:cb:09:75:47:7f:f7:f3:30:3d:b0:
b8:a2:9a:35:9a:fa:44:63:08:f2:69:64:15:5e:85:f9:0e:06:
66:cc:a3:ac:92:dc:5c:67:d6:34:41:f1:d1:8e:f7:f0:f7:5f:
d6:92:d5:c4:80:48:3a:f5:20:43:14:4b:9a:28:7b:e1:27:47:
f6:13:6b:92:ca:de:73:9c:d8:65:4e:6a:a9:f9:69:b8:ca:87:
2e:80:32:c2:84:cb:e3:f3:7d:1a:11:0d:df:13:7d:78:26:b3:
6f:20:3f:c3:dd:35:63:c3:47:5a:a3:ea:2d:5b:43:87:6e:52:
06:c7:9f:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUH8UWqakV3xZzEn/fxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDkwM2M0ODZkMDBlMDI1Y2E5N2JhZWIzNDM2NTY2ODlkNTg0N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA028vIPh8DtpR71b0+kJgmDCXro//
nkoO3Q8rQtkJDPgCCD2tj+2PQUez+tL14pfETBMK7Dlh1Tm7vtNGAQmEpAqCNdr3
St2URWtslwDoOCn/O2yceUtChAZqnJcZrYlhWILCNSfCh1TBY4ujW8eYZ3A+Yc+z
zH4xDuCK89GAD4BUPzatLi2YbViHVzbY0/Rjz0CBYpx8ysaPiPHIjfU5MZZhOTTi
XHhfSu9mx7s8SZfO6JiTRq0XRWrrOVziLE2lLyLxudrx+M99rhprcbKlfc7qf7Zd
bJ0xiRN2H/l/Diu04W+pv141ZEDF43zNzP4EqhUrwtBDdKuo2Fv+hoIj/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJCQPEhtAOAlype66zQ2VmidWEfOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva0pBOFNHMEE0Q1hLbDdyck5EWldhSjFZUjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw7A
MA0GCSqGSIb3DQEBCwUAA4IBAQCK66BuM6JyxbgACSx56KLDgXh74i7wRS1LZTFH
NplKYVAIICjUog+7hebwqNT+OUiOdx5Kymlu20AOmUl/YYGskq8FVFzgst0HEqtc
sV4XytvngI69TIspiqkZC8sUfENlNkZR0NaIt92rZtvUsaQiOlje+jO5Levkg8L+
l3ZGKQoD30jtKssJdUd/9/MwPbC4opo1mvpEYwjyaWQVXoX5DgZmzKOsktxcZ9Y0
QfHRjvfw91/WktXEgEg69SBDFEuaKHvhJ0f2E2uSyt5znNhlTmqp+Wm4yocugDLC
hMvj830aEQ3fE314JrNvID/D3TVjw0dao+otW0OHblIGx5/n
-----END CERTIFICATE-----
Generated at Tue Feb 27 04:44:25 2024 by rpki-client on console-ams.rpki-client.org