Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mZY86afTY4Irn0asKBjzPDJXXbk.roa
File: mZY86afTY4Irn0asKBjzPDJXXbk.roa (raw, json)
Hash identifier: 9n5fGUsM9pIGjzzXC3A89RfEs4BfaIf/bgrDCH/5DLM=
Subject key identifier: 99:96:3C:E9:A7:D3:63:82:2B:9F:46:AC:28:18:F3:3C:32:57:5D:B9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01860886BD3617BF9AE811E018D9872137D3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mZY86afTY4Irn0asKBjzPDJXXbk.roa
Signing time: Tue 31 Jan 2023 15:51:33 +0000
ROA not before: Tue 31 Jan 2023 15:51:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:660::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:900::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Feb 2023 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:86:bd:36:17:bf:9a:e8:11:e0:18:d9:87:21:37:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 31 15:51:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99963ce9a7d363822b9f46ac2818f33c32575db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f0:09:1b:83:96:19:fb:4a:23:5f:fe:ad:27:
e9:64:df:c7:f6:17:85:85:c7:18:1b:3e:1b:ab:7a:
8c:f8:fc:90:a5:b7:0c:6e:54:4c:39:27:25:6d:97:
42:70:77:92:6a:36:4b:62:e3:59:fa:1e:04:fe:b0:
02:fb:3a:cf:a5:c7:f6:74:b0:79:5f:2f:dd:26:cf:
e6:02:64:04:b6:fa:07:2e:56:8f:cb:e3:4d:54:e7:
43:79:a8:47:99:36:5b:71:f5:ee:dc:f5:8b:da:70:
b6:bd:a0:7f:98:d2:5a:5a:44:9d:59:07:26:b1:ad:
fc:87:f9:1f:e7:3c:87:46:bd:ee:64:89:cf:51:0d:
6d:8e:c0:bc:74:78:0a:87:b9:d1:66:40:42:37:69:
d8:28:3b:54:c2:c1:43:cb:6e:19:50:4d:59:77:a3:
95:18:3f:93:27:62:d2:79:25:e9:49:16:30:0b:3e:
7c:da:20:51:54:1b:94:6e:c9:7b:9c:9c:b0:e1:ff:
38:6f:4e:b7:51:8c:59:72:08:81:56:38:45:fe:f9:
b8:20:57:0c:1b:e7:8a:fc:a7:cc:37:45:7b:a7:95:
de:87:0e:37:7a:aa:18:94:9e:6f:17:f6:96:03:7f:
32:3e:73:cb:cc:d3:54:74:b3:54:2c:c5:0a:40:7a:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:96:3C:E9:A7:D3:63:82:2B:9F:46:AC:28:18:F3:3C:32:57:5D:B9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mZY86afTY4Irn0asKBjzPDJXXbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:600::/44
2a0e:b107:660::/44
2a0e:b107:800::/44
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
6a:4f:47:86:9d:05:eb:fb:1f:66:6b:7d:04:95:ec:87:cf:c4:
87:2a:67:fa:83:fc:12:35:f7:61:c9:91:13:3f:8e:cb:23:3b:
f3:d3:3d:b6:99:32:69:5f:6c:31:2e:59:10:c6:af:4b:d0:5f:
46:08:15:51:44:06:54:01:9f:76:7f:3c:e6:cd:19:19:ec:fe:
b5:d0:49:09:89:d4:a7:51:b1:88:8b:8d:41:74:4c:92:cb:5b:
64:aa:8b:6d:09:ed:49:f3:42:77:11:3a:63:61:1c:5b:d7:af:
a1:25:5b:51:33:56:7c:6b:be:fb:81:77:59:5b:35:4a:4a:6a:
4f:69:89:60:e6:f7:55:9d:4b:49:83:76:cb:9e:15:30:f3:15:
91:34:98:1a:21:8d:d6:ea:43:68:c1:b9:79:e2:d7:ce:80:f0:
40:ed:15:d0:ce:bb:ba:a5:27:b2:d3:38:2a:1e:63:b2:df:a5:
6f:e1:ab:84:06:0f:ec:dd:01:5c:6f:ba:cf:9a:50:5c:f1:79:
b1:bb:94:37:0c:48:9b:24:1a:95:e7:02:ca:f9:e9:e3:e3:7c:
2e:9b:90:81:e8:ab:8b:6d:b2:7f:ab:a7:77:4b:0b:12:a6:9f:
01:db:f7:18:cf:ea:f7:84:44:b2:6f:50:31:a0:e6:12:82:1f:
3a:81:e6:30
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYYIhr02F7+a6BHgGNmHITfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTMxMTU1MTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk2M2NlOWE3ZDM2MzgyMmI5ZjQ2YWMyODE4ZjMzYzMyNTc1ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPAJG4OWGftKI1/+rSfpZN/H9heF
hccYGz4bq3qM+PyQpbcMblRMOSclbZdCcHeSajZLYuNZ+h4E/rAC+zrPpcf2dLB5
Xy/dJs/mAmQEtvoHLlaPy+NNVOdDeahHmTZbcfXu3PWL2nC2vaB/mNJaWkSdWQcm
sa38h/kf5zyHRr3uZInPUQ1tjsC8dHgKh7nRZkBCN2nYKDtUwsFDy24ZUE1Zd6OV
GD+TJ2LSeSXpSRYwCz582iBRVBuUbsl7nJyw4f84b063UYxZcgiBVjhF/vm4IFcM
G+eK/KfMN0V7p5Xehw43eqoYlJ5vF/aWA38yPnPLzNNUdLNULMUKQHo2VQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJmWPOmn02OCK59GrCgY8zwyV125MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbVpZODZhZlRZNElybjBhc0tCanpQREpYWGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcEKg6xBwYA
AwcEKg6xBwZgAwcEKg6xBwgAAwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEB
CwUAA4IBAQBqT0eGnQXr+x9ma30EleyHz8SHKmf6g/wSNfdhyZETP47LIzvz0z22
mTJpX2wxLlkQxq9L0F9GCBVRRAZUAZ92fzzmzRkZ7P610EkJidSnUbGIi41BdEyS
y1tkqottCe1J80J3ETpjYRxb16+hJVtRM1Z8a777gXdZWzVKSmpPaYlg5vdVnUtJ
g3bLnhUw8xWRNJgaIY3W6kNowbl54tfOgPBA7RXQzru6pSey0zgqHmOy36Vv4auE
Bg/s3QFcb7rPmlBc8Xmxu5Q3DEibJBqV5wLK+enj43wum5CB6KuLbbJ/q6d3SwsS
pp8B2/cYz+r3hESyb1AxoOYSgh86geYw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org