Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oCbsJTE4SNsfgfSyLdG_MjQRyFk.roa
File: oCbsJTE4SNsfgfSyLdG_MjQRyFk.roa (raw, json)
Hash identifier: n4Xz7rhCT5raeIoL/DBF0Np5aYAn16L9/2TYrPBTqOU=
Subject key identifier: A0:26:EC:25:31:38:48:DB:1F:81:F4:B2:2D:D1:BF:32:34:11:C8:59
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C2563201BC967B8E598778E3CF0BC64CB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oCbsJTE4SNsfgfSyLdG_MjQRyFk.roa
Signing time: Fri 01 Dec 2023 12:38:22 +0000
ROA not before: Fri 01 Dec 2023 12:38:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47157
IP address blocks: 2a0e:b107:19ff::/48 maxlen: 48
2a0e:b107:19f1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Dec 2023 13:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:63:20:1b:c9:67:b8:e5:98:77:8e:3c:f0:bc:64:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 1 12:38:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a026ec25313848db1f81f4b22dd1bf323411c859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:69:4a:66:c2:cd:c8:de:f0:a8:53:d8:f4:
d6:37:85:e5:fc:9e:bc:23:54:c0:60:6d:c2:26:d9:
56:4e:a6:ca:bd:72:0b:f3:d0:f3:be:6c:cf:33:04:
04:1d:d3:f3:6f:91:13:9f:da:bb:1e:b6:c6:a1:ba:
44:ef:88:57:ca:97:1d:a5:bd:61:64:fa:78:ab:d2:
02:ee:87:2f:07:03:27:94:22:f8:0a:1c:1b:0b:86:
04:c2:da:93:10:76:c3:bf:0a:96:e1:57:d7:64:aa:
56:20:ab:17:b9:5e:20:d8:c4:03:7a:17:81:50:ef:
15:5a:bd:c9:df:ff:2f:11:d9:4f:56:7f:5c:20:f8:
69:92:23:e9:06:1b:c0:51:36:58:e5:3e:8e:91:95:
9c:09:48:8d:3e:e2:4f:26:fa:9e:41:93:5d:29:84:
d6:6f:f0:f8:6e:78:a0:f3:ef:37:b8:45:1c:18:46:
21:00:27:0c:26:6e:d1:8e:c8:8b:35:59:e9:78:74:
d6:8b:37:7c:7f:d5:03:f4:ca:e1:23:7b:eb:51:b4:
b1:c3:89:7a:af:86:c7:ad:a6:b6:84:d7:16:08:53:
5f:79:fc:b6:e8:c2:bc:86:a9:73:28:ca:54:5b:76:
89:3d:72:12:e8:48:34:a6:ca:e2:b8:b8:ce:46:4a:
cf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:26:EC:25:31:38:48:DB:1F:81:F4:B2:2D:D1:BF:32:34:11:C8:59
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oCbsJTE4SNsfgfSyLdG_MjQRyFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19f1::/48
2a0e:b107:19ff::/48
Signature Algorithm: sha256WithRSAEncryption
a0:3c:c9:8d:2b:71:4f:99:69:0b:a0:65:dc:9d:13:a4:c6:7f:
56:4c:f8:27:c2:4b:87:60:20:2a:06:2d:de:cc:fb:38:ed:95:
97:e5:53:fd:71:15:e5:9d:00:c8:6c:32:ea:0f:55:c1:9d:2b:
89:ee:bd:ff:d2:9a:59:49:ee:c7:85:5d:e3:28:82:2d:12:9c:
22:39:19:9a:e6:80:28:6c:2b:d8:4a:a7:2f:84:a1:77:c5:f6:
81:1f:51:71:c7:5c:41:18:9e:86:c0:bb:07:bb:ba:e2:e6:2f:
64:f4:80:bb:62:b1:27:81:f8:f5:51:c6:db:0b:a7:85:51:fa:
70:39:dd:93:e5:18:c4:a4:13:fb:86:ec:66:67:0a:9d:df:5a:
28:df:91:54:f0:7e:2e:dc:13:58:2a:10:e8:1e:64:d6:e1:ba:
85:7f:c2:e1:dd:b3:f6:b2:ec:2f:76:83:a2:38:b0:92:02:c1:
c4:c6:a5:07:74:00:32:54:b4:bf:9a:04:05:c8:8c:55:71:fb:
80:ea:eb:42:7b:01:23:d0:22:21:1d:34:56:b0:b4:04:50:e6:
cc:c1:8f:e5:a1:44:7b:e7:5f:ae:5a:1d:64:04:60:73:4c:a0:
28:18:87:ea:3d:a9:df:56:8b:5c:c7:08:b2:c9:79:90:d3:c5:
92:1f:43:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwlYyAbyWe45Zh3jjzwvGTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjAxMTIzODIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI2ZWMyNTMxMzg0OGRiMWY4MWY0YjIyZGQxYmYzMjM0MTFjODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMtpSmbCzcje8KhT2PTWN4Xl/J68
I1TAYG3CJtlWTqbKvXIL89DzvmzPMwQEHdPzb5ETn9q7HrbGobpE74hXypcdpb1h
ZPp4q9IC7ocvBwMnlCL4ChwbC4YEwtqTEHbDvwqW4VfXZKpWIKsXuV4g2MQDeheB
UO8VWr3J3/8vEdlPVn9cIPhpkiPpBhvAUTZY5T6OkZWcCUiNPuJPJvqeQZNdKYTW
b/D4bnig8+83uEUcGEYhACcMJm7RjsiLNVnpeHTWizd8f9UD9MrhI3vrUbSxw4l6
r4bHraa2hNcWCFNfefy26MK8hqlzKMpUW3aJPXIS6Eg0psriuLjORkrPRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKAm7CUxOEjbH4H0si3RvzI0EchZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0Nic0pURTRTTnNmZ2ZTeUxkR19NalFSeUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBxnx
AwcAKg6xBxn/MA0GCSqGSIb3DQEBCwUAA4IBAQCgPMmNK3FPmWkLoGXcnROkxn9W
TPgnwkuHYCAqBi3ezPs47ZWX5VP9cRXlnQDIbDLqD1XBnSuJ7r3/0ppZSe7HhV3j
KIItEpwiORma5oAobCvYSqcvhKF3xfaBH1Fxx1xBGJ6GwLsHu7ri5i9k9IC7YrEn
gfj1UcbbC6eFUfpwOd2T5RjEpBP7huxmZwqd31oo35FU8H4u3BNYKhDoHmTW4bqF
f8Lh3bP2suwvdoOiOLCSAsHExqUHdAAyVLS/mgQFyIxVcfuA6utCewEj0CIhHTRW
sLQEUObMwY/loUR751+uWh1kBGBzTKAoGIfqPanfVotcxwiyyXmQ08WSH0OX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org