Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lfJBTcROL8FIN_CxaMuAKXNld0Y.roa
File: lfJBTcROL8FIN_CxaMuAKXNld0Y.roa (raw, json)
Hash identifier: 2bztCWhzbdu2lhxbTitDlB0zI6D68uCzsLEGzB9FYY4=
Subject key identifier: 95:F2:41:4D:C4:4E:2F:C1:48:37:F0:B1:68:CB:80:29:73:65:77:46
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0354D80BA6FB31BFB9E824624219
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lfJBTcROL8FIN_CxaMuAKXNld0Y.roa
Signing time: Tue 02 Jan 2024 10:34:16 +0000
ROA not before: Tue 02 Jan 2024 10:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2a0e:97c0:470::/48 maxlen: 48
2a0e:97c0:471::/48 maxlen: 48
2a0e:97c0:3ea::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Jun 2024 17:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:03:54:d8:0b:a6:fb:31:bf:b9:e8:24:62:42:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95f2414dc44e2fc14837f0b168cb802973657746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d4:01:72:c4:2c:c6:d1:09:93:77:a2:8c:8f:
c8:40:ca:7f:3a:40:04:cf:c8:1c:be:3c:de:8f:72:
b5:78:7d:f9:70:77:23:34:e6:90:c0:28:6a:fd:42:
a8:f8:64:ac:25:88:de:3d:e8:53:8d:aa:33:05:0d:
9d:da:29:28:70:b5:c8:d6:76:a0:2e:7f:03:34:01:
e7:59:a8:c9:d6:3b:07:d5:33:f0:b7:38:9b:6b:0f:
41:64:49:60:71:7b:aa:5a:72:f5:84:71:1e:00:ee:
50:96:86:51:89:9b:23:59:30:ae:d5:ad:10:81:42:
cc:d0:8c:f0:f7:eb:2c:ca:2d:c0:8c:ae:d3:88:22:
ec:d3:25:51:0e:74:89:92:05:ce:5c:fa:dd:32:f5:
93:a3:2f:38:06:23:c0:44:ff:7e:72:0d:09:18:ae:
91:6f:bd:fa:8c:df:5d:b3:7f:0d:38:f8:17:06:76:
26:45:90:76:66:5c:e4:99:bc:e0:48:d5:36:29:03:
d1:13:0a:e4:80:17:2d:d4:7b:e9:0b:78:ba:d4:d6:
0d:4c:d2:0a:17:dc:7b:5a:9f:ec:24:7d:f6:cd:a2:
05:c7:4d:5b:7e:45:04:97:62:34:14:c8:4b:b8:05:
ab:65:a2:2c:74:d5:a6:17:08:70:fa:ab:31:0b:b3:
0b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F2:41:4D:C4:4E:2F:C1:48:37:F0:B1:68:CB:80:29:73:65:77:46
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lfJBTcROL8FIN_CxaMuAKXNld0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3ea::/48
2a0e:97c0:470::/47
Signature Algorithm: sha256WithRSAEncryption
b3:e9:93:11:79:1e:b4:05:17:f0:c5:5b:39:ee:bd:3c:d9:45:
73:eb:c0:48:bb:4c:c3:06:73:79:7f:4b:d0:8f:76:a3:4f:76:
05:0c:e4:45:d5:0d:c6:61:f5:ac:0e:8e:1a:20:46:2c:c7:67:
53:70:ff:ca:9d:7f:f3:e5:41:ce:6f:2d:e8:6c:4b:57:f0:f0:
6e:ed:6d:f5:f0:4f:d4:f6:f9:c8:70:59:ad:0f:b5:21:28:fc:
84:25:67:1a:bf:8e:49:6e:83:55:d1:af:c8:5c:ac:d3:9d:3c:
fc:cc:a5:cc:b7:84:f8:76:24:e5:48:82:46:c1:cb:b4:1a:52:
2a:af:43:e7:e7:3c:44:57:ec:cd:6f:26:4d:41:3b:10:c9:85:
80:f8:bc:92:d2:42:83:4b:64:19:fc:b5:dd:15:06:2b:6d:6b:
66:f1:2e:1e:16:6a:71:89:92:ca:49:9e:03:c3:77:e6:c7:d6:
d8:0a:74:90:de:23:bc:fa:39:f2:c1:f4:4e:9d:68:aa:56:29:
31:4b:a6:8a:74:ab:14:47:1b:75:8d:7b:9d:36:3f:94:00:8b:
c9:d7:c1:07:7a:2c:93:82:7b:a1:e2:9c:1b:12:b5:bf:d4:d8:
17:cf:1a:7e:03:24:d4:ec:5d:e4:03:78:6a:fa:24:07:06:ef:
a6:14:5b:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvQNU2Aum+zG/uegkYkIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYyNDE0ZGM0NGUyZmMxNDgzN2YwYjE2OGNiODAyOTczNjU3NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstQBcsQsxtEJk3eijI/IQMp/OkAE
z8gcvjzej3K1eH35cHcjNOaQwChq/UKo+GSsJYjePehTjaozBQ2d2ikocLXI1nag
Ln8DNAHnWajJ1jsH1TPwtzibaw9BZElgcXuqWnL1hHEeAO5QloZRiZsjWTCu1a0Q
gULM0Izw9+ssyi3AjK7TiCLs0yVRDnSJkgXOXPrdMvWToy84BiPARP9+cg0JGK6R
b736jN9ds38NOPgXBnYmRZB2ZlzkmbzgSNU2KQPREwrkgBct1HvpC3i61NYNTNIK
F9x7Wp/sJH32zaIFx01bfkUEl2I0FMhLuAWrZaIsdNWmFwhw+qsxC7MLbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJXyQU3ETi/BSDfwsWjLgClzZXdGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbGZKQlRjUk9MOEZJTl9DeGFNdUFLWE5sZDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAPq
AwcBKg6XwARwMA0GCSqGSIb3DQEBCwUAA4IBAQCz6ZMReR60BRfwxVs57r082UVz
68BIu0zDBnN5f0vQj3ajT3YFDORF1Q3GYfWsDo4aIEYsx2dTcP/KnX/z5UHOby3o
bEtX8PBu7W318E/U9vnIcFmtD7UhKPyEJWcav45JboNV0a/IXKzTnTz8zKXMt4T4
diTlSIJGwcu0GlIqr0Pn5zxEV+zNbyZNQTsQyYWA+LyS0kKDS2QZ/LXdFQYrbWtm
8S4eFmpxiZLKSZ4Dw3fmx9bYCnSQ3iO8+jnywfROnWiqVikxS6aKdKsURxt1jXud
Nj+UAIvJ18EHeiyTgnuh4pwbErW/1NgXzxp+AyTU7F3kA3hq+iQHBu+mFFsz
-----END CERTIFICATE-----
Generated at Thu Jun 20 20:41:17 2024 by rpki-client on console-fra.rpki-client.org