Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lDBZirKwH5URkdPO18g4P8CqL_U.roa
File: lDBZirKwH5URkdPO18g4P8CqL_U.roa (raw, json)
Hash identifier: G7N5719TM3+sWxbHty32s7hAQD6oFQQ3HTxbyLJTLSE=
Subject key identifier: 94:30:59:8A:B2:B0:1F:95:11:91:D3:CE:D7:C8:38:3F:C0:AA:2F:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01898BF5C6B4B98B49471DE719B39BCE1209
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lDBZirKwH5URkdPO18g4P8CqL_U.roa
Signing time: Tue 25 Jul 2023 07:31:27 +0000
ROA not before: Tue 25 Jul 2023 07:31:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140961
IP address blocks: 2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8b:f5:c6:b4:b9:8b:49:47:1d:e7:19:b3:9b:ce:12:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 25 07:31:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9430598ab2b01f951191d3ced7c8383fc0aa2ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c3:e4:17:e9:ae:f4:e8:ef:8d:87:85:31:5f:
6a:67:d2:ab:1a:84:19:1a:72:54:69:b5:f1:44:18:
64:fd:08:e9:78:8e:f8:2f:f3:11:47:2e:d7:5c:78:
d9:c2:ae:bd:f9:5d:94:f0:c4:bc:46:bf:3b:c5:70:
e4:7a:fd:03:46:79:6f:d4:49:00:01:1c:91:ca:cf:
60:af:15:39:e4:09:c5:da:16:dc:76:0f:71:a2:54:
c9:42:44:3a:5a:58:70:44:4d:49:77:47:04:02:e2:
0f:51:9d:00:04:d7:27:a2:ef:97:fb:df:d1:a4:d5:
87:f3:65:7a:a3:74:a7:19:41:6c:94:f5:6c:27:ae:
72:b6:b8:28:a9:9e:11:da:32:4d:89:82:67:dd:1e:
06:4d:f1:21:81:4c:50:d2:63:e1:0e:ca:7a:a5:79:
64:ec:80:b3:b0:0c:01:a3:93:b1:4a:9e:d3:06:51:
01:c4:16:b3:0d:5d:fd:19:c5:76:5f:c2:30:17:33:
a5:68:3d:0c:b1:83:b5:3e:e7:54:cc:01:1d:0b:ce:
06:3a:0d:01:96:3a:21:08:15:17:42:50:f0:e7:66:
f4:11:2f:dd:6f:b6:ea:3c:ef:89:f0:fd:af:84:df:
6d:ef:1b:30:0d:b4:88:b2:7b:7c:f0:93:a0:ab:f3:
51:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:30:59:8A:B2:B0:1F:95:11:91:D3:CE:D7:C8:38:3F:C0:AA:2F:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lDBZirKwH5URkdPO18g4P8CqL_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2220::/44
Signature Algorithm: sha256WithRSAEncryption
87:f5:e7:b8:66:cb:27:a6:b0:76:de:2a:6b:a5:90:c8:1b:28:
f1:7d:9e:12:67:d9:ae:9d:36:96:82:9b:d4:02:e9:bb:6c:f3:
09:45:b1:17:30:74:c1:9d:32:c9:5a:96:ea:69:ba:46:63:20:
cb:12:70:4a:1e:05:59:c2:eb:2a:0b:5c:8d:ea:b2:8c:12:22:
f6:47:d2:0d:4c:7f:5c:66:72:6e:c0:93:68:68:e5:9e:0c:24:
01:ba:5c:f6:b9:8f:e8:97:8e:1e:72:1c:89:0b:1d:44:d1:75:
6f:61:24:2a:0e:10:af:d6:24:0f:99:eb:c4:2a:66:8e:8d:df:
ed:f0:fe:81:bc:2f:82:85:f5:c8:e6:b3:3b:6b:30:2a:88:78:
c8:e8:d9:fb:22:76:e4:9d:95:e7:34:2c:85:95:87:c7:0b:61:
28:e7:58:24:fd:1a:63:18:bb:82:3d:a3:c0:51:f9:98:04:65:
e2:0b:73:47:9b:f9:25:13:8a:aa:05:34:de:9e:45:db:1b:c6:
4e:7e:8f:8b:76:b8:7c:af:93:e6:4e:ee:2c:4f:bf:78:be:00:
a0:7a:68:3a:cb:ce:de:88:56:fc:8f:4f:7a:b5:7d:19:fe:6b:
0b:8b:91:d7:3b:74:ec:21:58:b1:10:7b:ba:4c:88:a6:ea:07:
53:1c:b6:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmL9ca0uYtJRx3nGbObzhIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI1MDczMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMwNTk4YWIyYjAxZjk1MTE5MWQzY2VkN2M4MzgzZmMwYWEyZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8PkF+mu9OjvjYeFMV9qZ9KrGoQZ
GnJUabXxRBhk/QjpeI74L/MRRy7XXHjZwq69+V2U8MS8Rr87xXDkev0DRnlv1EkA
ARyRys9grxU55AnF2hbcdg9xolTJQkQ6WlhwRE1Jd0cEAuIPUZ0ABNcnou+X+9/R
pNWH82V6o3SnGUFslPVsJ65ytrgoqZ4R2jJNiYJn3R4GTfEhgUxQ0mPhDsp6pXlk
7ICzsAwBo5OxSp7TBlEBxBazDV39GcV2X8IwFzOlaD0MsYO1PudUzAEdC84GOg0B
ljohCBUXQlDw52b0ES/db7bqPO+J8P2vhN9t7xswDbSIsnt88JOgq/NRWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJQwWYqysB+VEZHTztfIOD/Aqi/1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbERCWmlyS3dINVVSa2RQTzE4ZzRQOENxTF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCH9ee4ZssnprB23iprpZDIGyjxfZ4SZ9munTaW
gpvUAum7bPMJRbEXMHTBnTLJWpbqabpGYyDLEnBKHgVZwusqC1yN6rKMEiL2R9IN
TH9cZnJuwJNoaOWeDCQBulz2uY/ol44echyJCx1E0XVvYSQqDhCv1iQPmevEKmaO
jd/t8P6BvC+ChfXI5rM7azAqiHjI6Nn7InbknZXnNCyFlYfHC2Eo51gk/RpjGLuC
PaPAUfmYBGXiC3NHm/klE4qqBTTenkXbG8ZOfo+Ldrh8r5PmTu4sT794vgCgemg6
y87eiFb8j096tX0Z/msLi5HXO3TsIVixEHu6TIim6gdTHLYe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org