Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/osnXp_sD01II_b8IWuOKok0T7V4.roa
File: osnXp_sD01II_b8IWuOKok0T7V4.roa (raw, json)
Hash identifier: /8TEGsww44SzhlwUwKLwQlK1KPmss7Iozr0hEIhcwQc=
Subject key identifier: A2:C9:D7:A7:FB:03:D3:52:08:FD:BF:08:5A:E3:8A:A2:4D:13:ED:5E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCC1F9B0DAB7CE76B631B1019A175E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/osnXp_sD01II_b8IWuOKok0T7V4.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 14 Jan 2024 13:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c1:f9:b0:da:b7:ce:76:b6:31:b1:01:9a:17:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2c9d7a7fb03d35208fdbf085ae38aa24d13ed5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2a:ff:80:bb:fb:6f:7d:cb:64:33:ca:9c:1b:
a9:d0:c2:75:71:b3:5f:67:d5:d8:34:65:4e:63:a2:
76:60:4d:5f:e9:fb:9d:d5:28:f1:8f:3f:9e:bf:5b:
9e:f8:f0:2d:b7:05:73:f8:f7:87:f0:f6:ac:92:93:
42:a7:f0:71:b9:23:a2:7f:43:1f:bf:43:d2:c2:2d:
47:2d:75:ae:84:d3:02:20:bd:bb:80:46:b4:a2:57:
40:ea:dc:4c:bc:54:0f:63:62:fb:4d:e0:a2:85:31:
be:ae:88:31:a4:08:85:6a:a1:a7:ee:c6:a5:db:bc:
bf:13:be:e2:33:43:4f:5b:02:35:5d:d3:c0:0d:99:
36:c6:72:7e:e9:5f:0b:bd:a8:2f:96:0c:69:4b:06:
e6:1b:97:b3:3a:0d:aa:bc:f3:44:51:ce:d0:da:fa:
21:ac:d8:26:12:b2:1f:6b:54:a5:0c:24:ab:99:d9:
bb:f7:67:ae:d0:1c:e7:eb:95:93:03:0e:5b:fe:13:
30:79:6f:03:23:9a:14:48:8c:0f:c3:29:e6:76:50:
47:fb:2c:93:27:05:1d:e2:32:25:ef:53:9e:d7:39:
8b:48:de:1f:cd:a8:8f:17:e7:ac:db:4b:7c:d3:d4:
bc:75:8e:8d:80:d7:e4:b2:73:6c:98:02:44:89:69:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C9:D7:A7:FB:03:D3:52:08:FD:BF:08:5A:E3:8A:A2:4D:13:ED:5E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/osnXp_sD01II_b8IWuOKok0T7V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:b107:19a0::/48
Signature Algorithm: sha256WithRSAEncryption
84:41:c1:b3:5f:94:b0:f8:df:a7:b5:1e:5d:55:cc:a7:d0:a0:
a9:67:79:ae:9a:80:df:a0:80:1c:ee:ae:93:07:60:91:60:7e:
02:93:3e:d3:82:68:40:76:9f:18:a6:27:6d:51:7f:30:12:e8:
7d:3e:d0:62:2c:8a:ec:38:32:ab:76:74:d6:14:82:47:58:ea:
41:ba:fe:5b:33:5a:b6:90:11:44:64:da:bc:36:03:0e:18:93:
b3:6b:19:4f:cf:2f:f4:41:7f:7c:68:fc:07:4b:16:2b:64:18:
c8:36:9b:fb:72:a2:9a:da:d5:59:ac:5a:68:34:9a:7d:de:6a:
2e:1b:9b:ad:6a:96:75:5b:7e:14:87:ae:a9:24:52:ac:2a:86:
56:d9:f2:36:ec:2e:50:3f:fc:69:e6:d0:c5:42:7c:fc:7f:91:
23:21:6a:e6:4e:be:de:24:56:7d:f8:78:72:ab:54:90:c8:ac:
82:d4:5c:e2:b3:62:1f:fe:52:57:af:05:42:20:a9:be:76:0b:
ca:14:d0:f4:b6:4a:e1:6c:8a:ac:25:3e:d7:7e:3c:e2:a7:12:
e8:b9:80:30:fc:aa:be:e8:1a:9a:52:56:e6:48:5b:a0:87:06:
2b:70:61:b6:c8:55:c9:1c:0d:0f:e8:88:a6:49:07:9e:17:6d:
cd:f1:ae:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvMH5sNq3zna2MbEBmhdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmM5ZDdhN2ZiMDNkMzUyMDhmZGJmMDg1YWUzOGFhMjRkMTNlZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSr/gLv7b33LZDPKnBup0MJ1cbNf
Z9XYNGVOY6J2YE1f6fud1Sjxjz+ev1ue+PAttwVz+PeH8PaskpNCp/BxuSOif0Mf
v0PSwi1HLXWuhNMCIL27gEa0oldA6txMvFQPY2L7TeCihTG+rogxpAiFaqGn7sal
27y/E77iM0NPWwI1XdPADZk2xnJ+6V8LvagvlgxpSwbmG5ezOg2qvPNEUc7Q2voh
rNgmErIfa1SlDCSrmdm792eu0Bzn65WTAw5b/hMweW8DI5oUSIwPwynmdlBH+yyT
JwUd4jIl71Oe1zmLSN4fzaiPF+es20t809S8dY6NgNfksnNsmAJEiWk4cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKLJ16f7A9NSCP2/CFrjiqJNE+1eMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb3NuWHBfc0QwMUlJX2I4SVd1T0tvazBUN1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgbeAAAQ
AwcAKg6xBxmgMA0GCSqGSIb3DQEBCwUAA4IBAQCEQcGzX5Sw+N+ntR5dVcyn0KCp
Z3mumoDfoIAc7q6TB2CRYH4Ckz7TgmhAdp8YpidtUX8wEuh9PtBiLIrsODKrdnTW
FIJHWOpBuv5bM1q2kBFEZNq8NgMOGJOzaxlPzy/0QX98aPwHSxYrZBjINpv7cqKa
2tVZrFpoNJp93mouG5utapZ1W34Uh66pJFKsKoZW2fI27C5QP/xp5tDFQnz8f5Ej
IWrmTr7eJFZ9+Hhyq1SQyKyC1Fzis2If/lJXrwVCIKm+dgvKFND0tkrhbIqsJT7X
fjzipxLouYAw/Kq+6BqaUlbmSFughwYrcGG2yFXJHA0P6IimSQeeF23N8a6S
-----END CERTIFICATE-----
Generated at Sun Jan 14 16:40:28 2024 by rpki-client on console-fra.rpki-client.org