Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pi3zJZsCRi4eMr1_8zblLWDk-1U.roa
File: pi3zJZsCRi4eMr1_8zblLWDk-1U.roa (raw, json)
Hash identifier: OKCEfVdlhjG8w+0AKxCtX8QptRnTOtpzPIBvKb5wTFc=
Subject key identifier: A6:2D:F3:25:9B:02:46:2E:1E:32:BD:7F:F3:36:E5:2D:60:E4:FB:55
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188818EFFD63FB20E8B81D462395DE7A75A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pi3zJZsCRi4eMr1_8zblLWDk-1U.roa
Signing time: Sat 03 Jun 2023 14:00:12 +0000
ROA not before: Sat 03 Jun 2023 14:00:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199177
IP address blocks: 2a0e:b107:2080::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:8e:ff:d6:3f:b2:0e:8b:81:d4:62:39:5d:e7:a7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 3 14:00:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a62df3259b02462e1e32bd7ff336e52d60e4fb55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:80:b4:09:8a:81:cc:d9:41:24:cc:50:9e:8c:
ce:e2:fe:db:8c:74:30:57:71:73:3d:69:2c:f0:b3:
08:85:3e:fe:6a:5d:6b:db:6b:21:7f:a1:c6:84:91:
64:90:00:dc:86:b7:be:13:8e:61:ef:f2:0a:65:9d:
75:67:90:85:04:d9:8b:ad:f2:f1:c2:ff:38:f3:cc:
c8:04:17:47:18:0e:5b:08:f1:8c:09:d7:73:d2:46:
15:f4:fd:c5:8d:c7:96:0f:3e:9c:ce:4b:8b:db:ae:
19:b0:4e:55:61:93:d9:d3:55:8c:2e:4d:d3:4d:2a:
eb:8c:c2:1c:71:85:e4:3c:36:91:75:6a:17:fa:7f:
ae:44:ce:11:a1:63:91:8e:18:51:58:35:a9:c2:c9:
2f:e3:cd:7e:c8:df:f5:22:b6:3a:d9:37:df:1c:75:
b2:08:92:b7:e2:9c:85:ae:eb:95:5c:47:7b:2d:85:
d8:ef:1d:68:4e:33:af:22:14:ba:6a:13:25:3b:95:
5a:85:4f:d7:29:b3:a6:84:fb:c4:2c:55:a3:45:60:
30:6a:22:f1:4d:f6:53:b2:00:ee:b2:bc:d0:11:ed:
1c:57:9d:18:b9:e6:21:e2:87:54:07:ee:f6:4e:30:
51:26:a3:da:76:9e:b4:2b:bb:f5:88:94:08:1d:73:
43:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:F3:25:9B:02:46:2E:1E:32:BD:7F:F3:36:E5:2D:60:E4:FB:55
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pi3zJZsCRi4eMr1_8zblLWDk-1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2080::/44
Signature Algorithm: sha256WithRSAEncryption
c6:98:6d:7c:4d:23:aa:34:4f:03:2c:84:f3:db:da:4c:6e:df:
c1:ee:81:da:93:13:12:58:63:96:f7:fb:c8:96:64:17:95:0f:
72:ba:36:13:9d:5d:af:58:99:57:f5:b9:b3:5e:59:45:d4:2c:
f1:fe:19:e3:78:4d:23:3a:1c:33:1a:11:85:f4:c6:ff:b8:a4:
9d:83:e6:8c:95:94:69:0c:43:3d:69:a2:8e:d4:a2:e2:5a:da:
f7:36:65:1f:ad:13:49:bc:d6:44:77:c9:85:a0:a0:fb:4a:75:
e7:e1:b6:ff:68:c6:70:67:7a:12:95:de:ba:63:08:96:6b:7d:
e6:27:de:9d:46:54:27:c4:cb:ee:78:e7:32:b1:22:15:02:b8:
bf:e4:14:b4:80:dd:a7:1d:78:19:e2:09:96:d3:cf:fd:10:56:
46:ac:b5:12:01:81:7f:bb:62:65:bd:6c:50:71:f6:cb:40:5c:
bc:79:c9:7e:a9:25:31:3e:53:d9:6a:11:27:bc:33:e1:09:53:
b9:2b:79:f1:50:97:05:22:9b:ec:43:9f:38:13:15:df:63:c2:
8a:95:e1:09:21:70:ea:1d:00:f6:4a:95:00:d9:12:75:ea:a8:
73:1e:7a:1d:9c:8f:0b:18:0d:85:2a:81:67:e0:23:7a:8d:e2:
08:ca:91:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYiBjv/WP7IOi4HUYjld56daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAzMTQwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJkZjMyNTliMDI0NjJlMWUzMmJkN2ZmMzM2ZTUyZDYwZTRmYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoC0CYqBzNlBJMxQnozO4v7bjHQw
V3FzPWks8LMIhT7+al1r22shf6HGhJFkkADchre+E45h7/IKZZ11Z5CFBNmLrfLx
wv8488zIBBdHGA5bCPGMCddz0kYV9P3FjceWDz6czkuL264ZsE5VYZPZ01WMLk3T
TSrrjMIccYXkPDaRdWoX+n+uRM4RoWORjhhRWDWpwskv481+yN/1IrY62TffHHWy
CJK34pyFruuVXEd7LYXY7x1oTjOvIhS6ahMlO5VahU/XKbOmhPvELFWjRWAwaiLx
TfZTsgDusrzQEe0cV50YueYh4odUB+72TjBRJqPadp60K7v1iJQIHXND+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKYt8yWbAkYuHjK9f/M25S1g5PtVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcGkzekpac0NSaTRlTXIxXzh6YmxMV0RrLTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByCA
MA0GCSqGSIb3DQEBCwUAA4IBAQDGmG18TSOqNE8DLITz29pMbt/B7oHakxMSWGOW
9/vIlmQXlQ9yujYTnV2vWJlX9bmzXllF1Czx/hnjeE0jOhwzGhGF9Mb/uKSdg+aM
lZRpDEM9aaKO1KLiWtr3NmUfrRNJvNZEd8mFoKD7SnXn4bb/aMZwZ3oSld66YwiW
a33mJ96dRlQnxMvueOcysSIVAri/5BS0gN2nHXgZ4gmW08/9EFZGrLUSAYF/u2Jl
vWxQcfbLQFy8ecl+qSUxPlPZahEnvDPhCVO5K3nxUJcFIpvsQ584ExXfY8KKleEJ
IXDqHQD2SpUA2RJ16qhzHnodnI8LGA2FKoFn4CN6jeIIypG+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org