Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lGp1W2MiXMQX7uRzmtJ1jDXTaa0.roa
File: lGp1W2MiXMQX7uRzmtJ1jDXTaa0.roa (raw, json)
Hash identifier: pKMN/FBIFrkIKwH5E9ET+l/5LrTeEqbUlecf5wj1yVw=
Subject key identifier: 94:6A:75:5B:63:22:5C:C4:17:EE:E4:73:9A:D2:75:8C:35:D3:69:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BF311A5459885B87B19012A552169758E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lGp1W2MiXMQX7uRzmtJ1jDXTaa0.roa
Signing time: Tue 21 Nov 2023 18:08:21 +0000
ROA not before: Tue 21 Nov 2023 18:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212332
IP address blocks: 2a0e:b107:27b0::/47 maxlen: 48
2a0e:b107:27b2::/47 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Dec 2023 23:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f3:11:a5:45:98:85:b8:7b:19:01:2a:55:21:69:75:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 21 18:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=946a755b63225cc417eee4739ad2758c35d369ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:66:a7:39:6e:b7:39:a7:ae:90:9e:20:7c:3e:
d4:81:f4:d6:74:af:1d:93:a1:c4:9c:2d:97:dc:a9:
4f:f5:53:86:cb:e7:b1:d6:58:fa:15:93:f4:80:2a:
d8:ee:a9:02:08:a1:43:f4:5d:c9:eb:d3:09:c7:31:
4e:44:6f:e0:18:a3:4e:a2:3a:06:58:df:d4:20:fa:
cf:02:6f:87:ee:6f:7f:31:1e:41:9a:7a:fe:a6:e8:
82:a8:0b:95:0f:b0:33:8c:15:b0:a9:22:dc:8f:a5:
4f:11:76:e3:88:b3:74:5e:a2:17:35:a1:03:2d:ce:
a6:6d:e7:42:b5:89:e7:db:28:e4:52:62:e6:a3:71:
10:a5:cb:93:3b:14:82:b8:7e:16:29:11:3e:a9:a8:
8d:c2:22:b9:fb:77:bd:b1:9b:1b:5a:dd:4b:05:d8:
fa:75:37:ee:dd:15:b2:0d:5d:76:da:ca:67:d6:1f:
f9:55:1b:87:6f:f4:e0:94:41:c5:47:72:b6:d1:7d:
c6:a4:35:fa:1e:9f:42:11:c6:91:2f:be:e9:db:6f:
9e:30:cc:b7:08:f6:f8:d7:59:8a:ae:7f:dd:ef:12:
91:74:b0:24:9b:ca:a6:2d:7a:1d:df:f2:3f:37:d1:
bf:b2:1f:89:ac:75:62:1f:57:18:a6:a4:ea:23:74:
17:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6A:75:5B:63:22:5C:C4:17:EE:E4:73:9A:D2:75:8C:35:D3:69:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lGp1W2MiXMQX7uRzmtJ1jDXTaa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27b0::/46
Signature Algorithm: sha256WithRSAEncryption
7d:19:bf:8d:24:60:fc:4f:ab:76:eb:d5:d1:48:03:ea:be:04:
f3:37:d2:55:f7:5b:f9:5b:ac:4b:30:69:a9:df:26:96:c9:0f:
74:e6:63:35:e9:8c:4e:71:6f:28:c9:89:5b:2b:b2:ed:a4:7a:
96:8e:52:6c:36:97:08:75:5a:b5:9e:24:de:12:1a:d4:28:6a:
4a:4c:32:9e:be:8f:a8:71:e7:a2:17:a7:7d:03:32:07:19:ca:
f1:26:10:0c:90:79:9f:b7:bc:bc:88:18:fe:33:ca:d2:ed:61:
92:87:d1:3e:37:cc:0b:6e:26:cb:cd:cd:3e:7b:0a:74:4f:4a:
9e:c5:fc:97:1e:e1:b6:4d:ec:5f:86:ae:6b:c4:74:6b:c7:fd:
44:3c:02:5d:40:9e:fc:27:ef:d5:4a:c2:bd:2c:59:99:09:f7:
61:f7:ef:ca:dd:4f:57:30:d9:2d:8e:5b:39:71:5e:d4:f4:e3:
fb:cc:c3:97:81:ea:4a:5e:82:ab:39:d1:dd:a1:03:a3:20:04:
70:03:77:8f:3a:10:b5:a2:ed:5e:c7:6a:4d:b8:36:92:d7:8c:
4f:e4:0a:6e:24:b6:cd:dd:4d:cc:81:ac:7f:b2:1a:d9:71:07:
8a:a4:b1:c9:50:c0:7b:be:ee:e0:4a:cc:e5:7c:16:b1:d4:38:
b3:fb:28:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvzEaVFmIW4exkBKlUhaXWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIxMTgwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZhNzU1YjYzMjI1Y2M0MTdlZWU0NzM5YWQyNzU4YzM1ZDM2OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmanOW63OaeukJ4gfD7UgfTWdK8d
k6HEnC2X3KlP9VOGy+ex1lj6FZP0gCrY7qkCCKFD9F3J69MJxzFORG/gGKNOojoG
WN/UIPrPAm+H7m9/MR5Bmnr+puiCqAuVD7AzjBWwqSLcj6VPEXbjiLN0XqIXNaED
Lc6mbedCtYnn2yjkUmLmo3EQpcuTOxSCuH4WKRE+qaiNwiK5+3e9sZsbWt1LBdj6
dTfu3RWyDV122spn1h/5VRuHb/TglEHFR3K20X3GpDX6Hp9CEcaRL77p22+eMMy3
CPb411mKrn/d7xKRdLAkm8qmLXod3/I/N9G/sh+JrHViH1cYpqTqI3QXUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJRqdVtjIlzEF+7kc5rSdYw102mtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbEdwMVcyTWlYTVFYN3VSem10SjFqRFhUYWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xByew
MA0GCSqGSIb3DQEBCwUAA4IBAQB9Gb+NJGD8T6t269XRSAPqvgTzN9JV91v5W6xL
MGmp3yaWyQ905mM16YxOcW8oyYlbK7LtpHqWjlJsNpcIdVq1niTeEhrUKGpKTDKe
vo+oceeiF6d9AzIHGcrxJhAMkHmft7y8iBj+M8rS7WGSh9E+N8wLbibLzc0+ewp0
T0qexfyXHuG2Texfhq5rxHRrx/1EPAJdQJ78J+/VSsK9LFmZCfdh9+/K3U9XMNkt
jls5cV7U9OP7zMOXgepKXoKrOdHdoQOjIARwA3ePOhC1ou1ex2pNuDaS14xP5Apu
JLbN3U3Mgax/shrZcQeKpLHJUMB7vu7gSszlfBax1Diz+yiX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:37 2024 by rpki-client on console-fra.rpki-client.org