Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oB_fbnprftSCq6czUybhHGCugJg.roa
File: oB_fbnprftSCq6czUybhHGCugJg.roa (raw, json)
Hash identifier: RhIMrNOMPvolbUpNS7lzpLEIOkwmp3W7UxGigFsJOZ8=
Subject key identifier: A0:1F:DF:6E:7A:6B:7E:D4:82:AB:A7:33:53:26:E1:1C:60:AE:80:98
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7C9AC7E4905860D262A4A37953465
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oB_fbnprftSCq6czUybhHGCugJg.roa
Signing time: Mon 02 Jan 2023 05:15:16 +0000
ROA not before: Mon 02 Jan 2023 05:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206895
IP address blocks: 2a0e:97c0:a10::/48 maxlen: 48
2a0e:97c0:a11::/48 maxlen: 48
2a10:cc40:15e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Feb 2023 23:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:c9:ac:7e:49:05:86:0d:26:2a:4a:37:95:34:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a01fdf6e7a6b7ed482aba7335326e11c60ae8098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:45:b3:ed:6a:64:d7:38:9c:d5:65:d7:19:92:
9f:f9:90:eb:54:4c:f5:f9:a3:b1:c7:65:f5:79:5e:
02:8c:20:c4:3d:38:df:93:fa:ba:31:06:b3:69:55:
e3:77:0d:be:d1:ce:db:ca:0d:2b:c2:6c:bd:d1:c1:
b4:73:38:1c:5f:b1:e3:ab:f6:26:45:86:8c:b9:a8:
2f:81:d8:e0:56:f3:1f:d2:2f:8c:98:39:ab:24:d5:
ea:6f:32:26:c0:64:5a:49:9a:e4:36:07:42:d0:e7:
42:71:2d:9d:5e:73:89:96:2b:05:c1:9c:af:fd:57:
82:6f:58:45:04:ce:b6:0a:23:4d:fa:a8:9c:db:ab:
80:08:8a:ae:17:cf:ce:9a:77:bf:6a:37:51:d3:89:
13:df:e7:b7:25:e2:0d:64:48:4a:4c:91:2e:26:49:
74:af:66:80:9e:7a:d4:e3:76:9c:60:13:d0:6a:9e:
f9:0d:97:9a:41:81:58:8a:ab:be:9f:4b:af:9c:8c:
4f:4e:51:99:b4:3e:b9:7b:a3:55:71:27:04:42:c8:
3a:b4:95:92:5f:8f:6a:30:c3:8f:44:b9:c2:fd:6d:
f7:af:4e:4a:4c:44:b2:16:04:3c:54:45:75:ab:8b:
d0:4d:a4:29:1f:78:21:ec:de:06:f9:29:dd:5e:f7:
87:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:1F:DF:6E:7A:6B:7E:D4:82:AB:A7:33:53:26:E1:1C:60:AE:80:98
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oB_fbnprftSCq6czUybhHGCugJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a10::/47
2a10:cc40:15e::/48
Signature Algorithm: sha256WithRSAEncryption
2a:32:ef:e2:7c:d4:0b:c3:c6:5b:22:d4:14:db:2f:0a:03:a5:
5f:ea:18:a1:ac:12:2b:69:8f:f3:4e:02:9e:a8:8b:38:e9:11:
b9:d5:94:45:6b:f6:2d:fd:3d:c1:06:cf:9a:e9:73:5f:d7:58:
76:4c:d6:43:ee:53:3f:7c:2f:3b:c4:6c:bd:2b:68:94:a7:17:
0d:ef:3f:9b:a2:eb:0c:15:0a:f8:1d:31:29:68:2d:de:f0:b6:
30:1b:ab:4e:63:cf:27:da:9f:4c:8a:77:0f:a1:81:80:54:41:
26:da:e4:99:15:71:75:89:f5:d3:cd:22:92:d4:f2:b5:8d:57:
c5:74:67:c9:53:66:f5:b2:8d:1f:56:0d:6e:6b:d6:50:f5:a2:
38:9c:3b:72:6a:8c:7b:9f:b1:b9:5b:52:39:26:5e:59:99:72:
a9:b0:1a:cf:aa:5d:38:0a:46:b1:0f:9b:6b:78:85:c9:87:8e:
28:91:27:e7:b6:38:ee:fa:e7:e5:19:b0:f4:0c:5c:b8:f9:82:
6d:45:31:f3:b7:41:f0:b8:ee:11:a6:bf:e9:73:3d:8d:1e:68:
21:d6:fc:cf:24:c5:44:12:37:55:86:39:e1:28:58:4e:bf:93:
75:e2:00:72:2e:c2:d0:f4:21:03:60:cd:38:57:e4:ff:e8:ac:
2e:4f:15:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw58msfkkFhg0mKko3lTRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDFmZGY2ZTdhNmI3ZWQ0ODJhYmE3MzM1MzI2ZTExYzYwYWU4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0Wz7Wpk1zic1WXXGZKf+ZDrVEz1
+aOxx2X1eV4CjCDEPTjfk/q6MQazaVXjdw2+0c7byg0rwmy90cG0czgcX7Hjq/Ym
RYaMuagvgdjgVvMf0i+MmDmrJNXqbzImwGRaSZrkNgdC0OdCcS2dXnOJlisFwZyv
/VeCb1hFBM62CiNN+qic26uACIquF8/Omne/ajdR04kT3+e3JeINZEhKTJEuJkl0
r2aAnnrU43acYBPQap75DZeaQYFYiqu+n0uvnIxPTlGZtD65e6NVcScEQsg6tJWS
X49qMMOPRLnC/W33r05KTESyFgQ8VEV1q4vQTaQpH3gh7N4G+SndXveHpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKAf3256a37UgqunM1Mm4RxgroCYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0JfZmJucHJmdFNDcTZjelV5YmhIR0N1Z0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAoQ
AwcAKhDMQAFeMA0GCSqGSIb3DQEBCwUAA4IBAQAqMu/ifNQLw8ZbItQU2y8KA6Vf
6hihrBIraY/zTgKeqIs46RG51ZRFa/Yt/T3BBs+a6XNf11h2TNZD7lM/fC87xGy9
K2iUpxcN7z+bousMFQr4HTEpaC3e8LYwG6tOY88n2p9MincPoYGAVEEm2uSZFXF1
ifXTzSKS1PK1jVfFdGfJU2b1so0fVg1ua9ZQ9aI4nDtyaox7n7G5W1I5Jl5ZmXKp
sBrPql04CkaxD5treIXJh44okSfntjju+uflGbD0DFy4+YJtRTHzt0HwuO4Rpr/p
cz2NHmgh1vzPJMVEEjdVhjnhKFhOv5N14gByLsLQ9CEDYM04V+T/6KwuTxX7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org