Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pQB_TlQRAYFTWLwDv5zekCFisRY.roa
File: pQB_TlQRAYFTWLwDv5zekCFisRY.roa (raw, json)
Hash identifier: NSjDvSsGZ8godqGAa28FbtxTf8yG1h9H5BsCSx9nbco=
Subject key identifier: A5:00:7F:4E:54:11:01:81:53:58:BC:03:BF:9C:DE:90:21:62:B1:16
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FA46F37D972907EFE0BB2049F57DA48E8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pQB_TlQRAYFTWLwDv5zekCFisRY.roa
Signing time: Thu 23 May 2024 07:51:43 +0000
ROA not before: Thu 23 May 2024 07:51:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a0e:97c0:1000::/48 maxlen: 48
2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/48 maxlen: 48
2a10:ccc0:801::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 09:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:6f:37:d9:72:90:7e:fe:0b:b2:04:9f:57:da:48:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 23 07:51:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5007f4e541101815358bc03bf9cde902162b116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a2:66:a5:94:85:b1:67:f1:13:4f:e9:d2:fb:
12:27:34:99:cb:34:7c:b4:8f:42:e6:1d:fa:52:3e:
a9:9c:9e:f9:2d:22:c9:75:32:50:ba:d5:3b:a4:9e:
79:c1:b4:78:a3:f2:6b:85:78:42:5d:8e:8b:7c:e9:
50:80:8c:80:ba:4d:32:1d:24:cc:62:2e:90:f0:c8:
81:6b:d6:3e:3a:13:fb:1d:6f:51:18:dc:7f:49:7b:
89:0a:5b:2a:19:0e:e9:c7:10:df:68:99:bc:d1:23:
e6:f4:df:97:f0:6c:d9:3e:6a:a3:19:f0:7e:65:8b:
df:95:11:73:67:3c:97:73:14:68:df:7b:81:36:22:
16:09:a1:c1:4d:86:8b:fe:50:3c:8b:61:38:06:a0:
da:70:4d:6f:25:bb:5d:11:dd:87:ca:f3:c6:ea:8b:
7e:5e:8e:78:b1:c2:32:12:71:f6:62:5c:80:9b:e8:
f4:59:7d:55:24:10:ec:50:e1:2a:02:ff:0a:49:c0:
3c:57:ea:c8:49:c3:2c:21:49:9c:11:c5:d3:d5:04:
89:77:b8:66:44:62:36:19:02:23:41:67:db:27:98:
09:0f:b2:ee:29:12:e4:f9:87:69:a6:90:e8:2a:b3:
2b:e1:d4:a0:4b:83:2e:eb:3b:ef:d3:76:33:01:72:
c4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:00:7F:4E:54:11:01:81:53:58:BC:03:BF:9C:DE:90:21:62:B1:16
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pQB_TlQRAYFTWLwDv5zekCFisRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1000::/48
2a10:2f00:187::/48
2a10:ccc0:800::/47
Signature Algorithm: sha256WithRSAEncryption
8b:f0:74:f5:46:c8:02:30:be:fa:5e:39:57:e7:3c:24:f6:e6:
a6:03:22:98:08:a2:4a:89:02:c6:d5:a4:e0:af:05:27:b3:6f:
97:cd:5d:b9:96:23:89:60:7c:18:33:53:28:97:c2:d1:7d:4e:
47:c4:29:45:10:67:f8:54:a2:b2:b1:1a:a7:b7:cd:84:73:97:
34:1a:33:8e:5a:ba:1f:a6:c8:74:16:3e:a0:70:92:df:b9:b3:
3f:4b:eb:43:85:33:37:89:3b:2a:4c:ab:61:2f:a0:66:bf:4c:
f4:06:4d:6f:ff:3e:7c:19:0e:43:57:01:f0:14:11:c4:56:2b:
a9:00:ce:ff:43:b8:38:5f:f7:fe:68:e3:f0:5b:0c:96:d3:c2:
4e:3b:3a:2d:eb:4c:d0:ff:a3:11:85:43:24:7f:74:28:ea:ab:
e9:48:0f:d8:8e:c4:c6:e8:10:77:61:83:54:fd:ac:31:5f:d2:
25:aa:c3:37:5a:4a:b9:26:57:be:5d:5a:8a:3f:d1:cb:bb:f6:
9d:66:cf:0d:b0:41:00:d3:69:c5:7c:f4:bf:bf:e9:a9:0b:82:
59:bb:02:bf:80:65:d6:5f:2a:5e:8d:1a:f9:d8:67:aa:75:75:
95:0f:70:cd:d1:24:a2:34:ef:83:17:2e:fa:30:65:ff:38:b9:
fa:cd:a7:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY+kbzfZcpB+/guyBJ9X2kjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIzMDc1MTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAwN2Y0ZTU0MTEwMTgxNTM1OGJjMDNiZjljZGU5MDIxNjJiMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qJmpZSFsWfxE0/p0vsSJzSZyzR8
tI9C5h36Uj6pnJ75LSLJdTJQutU7pJ55wbR4o/JrhXhCXY6LfOlQgIyAuk0yHSTM
Yi6Q8MiBa9Y+OhP7HW9RGNx/SXuJClsqGQ7pxxDfaJm80SPm9N+X8GzZPmqjGfB+
ZYvflRFzZzyXcxRo33uBNiIWCaHBTYaL/lA8i2E4BqDacE1vJbtdEd2HyvPG6ot+
Xo54scIyEnH2YlyAm+j0WX1VJBDsUOEqAv8KScA8V+rIScMsIUmcEcXT1QSJd7hm
RGI2GQIjQWfbJ5gJD7LuKRLk+YdpppDoKrMr4dSgS4Mu6zvv03YzAXLE5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUAf05UEQGBU1i8A7+c3pAhYrEWMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcFFCX1RsUVJBWUZUV0x3RHY1emVrQ0Zpc1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwBAA
AwcAKhAvAAGHAwcBKhDMwAgAMA0GCSqGSIb3DQEBCwUAA4IBAQCL8HT1RsgCML76
XjlX5zwk9uamAyKYCKJKiQLG1aTgrwUns2+XzV25liOJYHwYM1Mol8LRfU5HxClF
EGf4VKKysRqnt82Ec5c0GjOOWrofpsh0Fj6gcJLfubM/S+tDhTM3iTsqTKthL6Bm
v0z0Bk1v/z58GQ5DVwHwFBHEViupAM7/Q7g4X/f+aOPwWwyW08JOOzot60zQ/6MR
hUMkf3Qo6qvpSA/YjsTG6BB3YYNU/awxX9IlqsM3Wkq5Jle+XVqKP9HLu/adZs8N
sEEA02nFfPS/v+mpC4JZuwK/gGXWXypejRr52GeqdXWVD3DN0SSiNO+DFy76MGX/
OLn6zace
-----END CERTIFICATE-----