Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ka3YJA3ZVC8MuqIxLSsB6mYy1Dg.roa
File: ka3YJA3ZVC8MuqIxLSsB6mYy1Dg.roa (raw, json)
Hash identifier: ygSEf6FYgL7CRWUngd+OCRritKDmKC544+znjY7+PAw=
Subject key identifier: 91:AD:D8:24:0D:D9:54:2F:0C:BA:A2:31:2D:2B:01:EA:66:32:D4:38
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD02E1D1B71A52A0DE13F427DC7A88
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ka3YJA3ZVC8MuqIxLSsB6mYy1Dg.roa
Signing time: Tue 02 Jan 2024 10:34:16 +0000
ROA not before: Tue 02 Jan 2024 10:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203442
IP address blocks: 2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 31 Aug 2024 22:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:02:e1:d1:b7:1a:52:a0:de:13:f4:27:dc:7a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91add8240dd9542f0cbaa2312d2b01ea6632d438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:84:53:60:39:72:1c:4f:f5:62:93:a6:51:a5:
b8:fc:c2:b8:1c:b4:cc:ec:e0:31:a2:e6:8e:b1:a1:
5a:a1:f9:5d:17:82:39:73:84:e8:62:f0:e0:2f:ac:
ef:8c:1d:bd:6c:3d:03:b2:56:f3:02:a0:3f:84:53:
cb:00:f9:58:88:28:7e:57:e7:9e:3a:2c:0e:a7:07:
4d:d9:b7:31:90:cf:e6:f9:e8:ab:85:a4:19:fa:5e:
e7:f6:71:c4:6b:99:4c:4a:62:1e:f5:0f:62:1c:68:
95:eb:08:19:64:9e:e7:b3:2f:1d:3d:3d:69:7a:cc:
1d:0a:d0:4f:8f:e2:f3:5c:14:8e:e9:bb:9d:e5:3c:
71:cd:54:ea:fa:71:bb:20:e2:87:3f:98:98:5f:fd:
96:e9:53:79:e3:a9:80:f2:6d:4b:c3:20:e9:95:f6:
80:59:da:ba:80:6d:bf:f4:62:42:24:db:ad:3f:93:
12:0f:ae:6c:ab:ff:ca:74:87:8f:08:57:9e:4d:fc:
56:f0:48:0d:fd:f4:cd:a8:d3:e6:42:9e:98:71:6d:
94:b0:04:1b:ce:1d:5e:09:31:7c:1b:dc:cc:91:4b:
57:58:be:50:7e:96:33:a5:55:ae:98:da:db:f7:aa:
47:82:d0:19:eb:03:55:6b:12:f9:34:12:bc:62:2c:
e7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AD:D8:24:0D:D9:54:2F:0C:BA:A2:31:2D:2B:01:EA:66:32:D4:38
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ka3YJA3ZVC8MuqIxLSsB6mYy1Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
7d:44:d5:fd:9b:8c:66:3a:42:7b:60:90:61:d0:4d:f7:03:f6:
ae:52:2e:e9:dc:73:11:2c:d2:48:c8:63:01:97:35:f6:48:1b:
77:fa:aa:aa:79:dd:9c:d2:6a:25:ce:8e:fc:98:b2:3a:65:e7:
06:c7:bc:5d:02:38:ae:40:d3:8a:bf:4b:a7:d9:06:f1:9a:f3:
8f:54:69:8f:41:0d:78:82:d4:6b:b0:f3:11:5a:13:70:32:f6:
03:1d:a2:b6:0c:aa:82:92:e1:d7:7a:af:16:f1:cd:f4:42:6d:
72:f4:46:7d:32:a7:86:93:5e:8c:29:78:25:8e:8d:e5:4c:80:
7a:9a:1a:1e:26:52:54:87:b1:42:90:26:4a:9b:3f:ad:0c:ff:
1d:fb:04:c1:4f:7d:87:5b:4d:e6:6c:95:54:62:39:fc:a5:e3:
61:a8:b9:9f:05:0d:6f:73:da:20:84:4b:be:ee:db:e0:78:5f:
bd:f0:3f:62:4e:f1:4d:2f:dc:b7:f4:68:c4:0e:62:e1:4e:b8:
b4:d4:f6:61:6f:30:5b:9e:66:f8:81:78:86:46:35:38:91:d1:
11:28:da:66:52:16:00:25:12:92:e0:71:80:27:9e:38:d5:a6:
6f:cf:0e:1c:18:be:01:b0:35:23:5c:99:51:a0:c9:12:f8:00:
99:9f:58:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQLh0bcaUqDeE/Qn3HqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWFkZDgyNDBkZDk1NDJmMGNiYWEyMzEyZDJiMDFlYTY2MzJkNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4RTYDlyHE/1YpOmUaW4/MK4HLTM
7OAxouaOsaFaofldF4I5c4ToYvDgL6zvjB29bD0DslbzAqA/hFPLAPlYiCh+V+ee
OiwOpwdN2bcxkM/m+eirhaQZ+l7n9nHEa5lMSmIe9Q9iHGiV6wgZZJ7nsy8dPT1p
eswdCtBPj+LzXBSO6bud5TxxzVTq+nG7IOKHP5iYX/2W6VN546mA8m1LwyDplfaA
Wdq6gG2/9GJCJNutP5MSD65sq//KdIePCFeeTfxW8EgN/fTNqNPmQp6YcW2UsAQb
zh1eCTF8G9zMkUtXWL5QfpYzpVWumNrb96pHgtAZ6wNVaxL5NBK8YiznrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJGt2CQN2VQvDLqiMS0rAepmMtQ4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva2EzWUpBM1pWQzhNdXFJeExTc0I2bVl5MURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAvA
MA0GCSqGSIb3DQEBCwUAA4IBAQB9RNX9m4xmOkJ7YJBh0E33A/auUi7p3HMRLNJI
yGMBlzX2SBt3+qqqed2c0molzo78mLI6ZecGx7xdAjiuQNOKv0un2QbxmvOPVGmP
QQ14gtRrsPMRWhNwMvYDHaK2DKqCkuHXeq8W8c30Qm1y9EZ9MqeGk16MKXgljo3l
TIB6mhoeJlJUh7FCkCZKmz+tDP8d+wTBT32HW03mbJVUYjn8peNhqLmfBQ1vc9og
hEu+7tvgeF+98D9iTvFNL9y39GjEDmLhTri01PZhbzBbnmb4gXiGRjU4kdERKNpm
UhYAJRKS4HGAJ5441aZvzw4cGL4BsDUjXJlRoMkS+ACZn1gm
-----END CERTIFICATE-----
Generated at Sat Aug 31 23:31:07 2024 by rpki-client on console-fra.rpki-client.org