Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pq72kkjaGUng3NkaKzdrOjLqVdw.roa
File: pq72kkjaGUng3NkaKzdrOjLqVdw.roa (raw, json)
Hash identifier: rHyLurUr1POgdrFreIEP8ZOqHF0t77UV5jDH/CHyWbs=
Subject key identifier: A6:AE:F6:92:48:DA:19:49:E0:DC:D9:1A:2B:37:6B:3A:32:EA:55:DC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DA2667DB3152BA635E08DEBFA2F4E6CCE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pq72kkjaGUng3NkaKzdrOjLqVdw.roa
Signing time: Tue 13 Feb 2024 12:17:22 +0000
ROA not before: Tue 13 Feb 2024 12:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215517
IP address blocks: 2a0e:97c0:6ff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Feb 2024 08:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:66:7d:b3:15:2b:a6:35:e0:8d:eb:fa:2f:4e:6c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 13 12:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6aef69248da1949e0dcd91a2b376b3a32ea55dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:16:e1:a5:e0:d4:de:28:cc:f8:f9:ef:77:31:
93:31:b2:24:78:4f:bc:0d:f3:19:5c:5f:a3:bf:c6:
d1:f3:e3:fe:a2:a0:cd:ef:96:82:d8:a2:4a:9c:04:
51:b5:6d:f8:22:32:18:72:7a:17:ef:2f:0b:d7:3c:
ae:6a:4d:51:c5:c0:26:c8:e5:72:6b:6a:b1:58:95:
68:8f:80:94:ca:48:be:49:60:17:1a:58:68:ab:68:
82:27:1f:fa:c7:47:26:fd:4d:8b:5e:21:ca:f2:3e:
40:e9:10:d1:c9:58:78:a7:9f:26:75:2d:8e:aa:f4:
e0:7c:62:88:de:70:e6:c8:59:99:2b:5e:0b:41:09:
7e:a8:04:ef:95:d6:6f:44:f2:dc:54:e5:62:32:2d:
41:22:4f:7f:4f:90:d8:4a:d0:b8:e0:5c:35:9b:0e:
41:0f:c4:e0:9b:a7:5d:8d:e3:25:52:fa:36:a7:4a:
9b:4a:7d:0e:d2:34:2e:c9:a5:9a:6e:ff:6c:69:be:
d7:43:c5:20:68:68:67:79:ca:64:9b:43:03:eb:6a:
1b:28:56:16:88:4f:04:79:24:0f:ba:43:8b:52:ee:
17:78:62:b2:d0:28:3a:22:6b:f2:2f:a1:b4:c6:af:
a7:3d:e9:45:33:69:46:6e:36:e8:30:9d:c1:2a:44:
a0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AE:F6:92:48:DA:19:49:E0:DC:D9:1A:2B:37:6B:3A:32:EA:55:DC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pq72kkjaGUng3NkaKzdrOjLqVdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6ff::/48
Signature Algorithm: sha256WithRSAEncryption
8b:55:b2:a3:c1:f6:62:ec:01:41:22:ea:ae:e8:72:c8:aa:1e:
95:23:2c:99:5e:16:56:df:dd:aa:c8:4e:4c:87:ef:3a:8e:fd:
fa:74:42:1d:fe:63:f0:48:d3:dd:1d:da:37:90:9a:a1:b2:c6:
b8:28:05:27:60:08:fd:f4:6d:7e:f7:97:fc:71:d5:3f:3e:f7:
b4:b9:37:d4:b4:f0:94:8b:ec:38:c3:4b:3a:fa:b3:5e:d8:da:
00:44:2e:fa:8c:c5:2c:a1:24:1d:05:30:26:4c:01:95:8c:c3:
54:97:ef:df:f9:9a:91:77:6f:9a:64:40:2e:64:2e:08:2a:db:
ed:de:83:83:ff:b6:c6:97:4a:8d:8a:85:1c:b0:9e:71:ef:4a:
c4:44:20:ba:99:02:8d:d7:dd:b1:50:f1:02:ce:ff:15:30:7d:
c4:a8:29:d1:e4:7b:a9:3a:96:90:b1:9e:08:0f:27:e8:7e:48:
49:89:ab:32:49:fd:69:4a:3a:3b:90:a4:66:bb:72:5f:4b:16:
31:50:4c:ad:0c:a0:a7:49:72:b2:d1:a0:18:8f:35:8c:15:16:
ef:e4:0d:1d:02:75:d1:be:ca:3c:fb:d5:89:7f:26:1a:36:c2:
6b:6d:b7:55:ca:c6:95:42:d0:cf:e8:b9:1e:19:13:2b:ad:64:
3f:41:bd:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2iZn2zFSumNeCN6/ovTmzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjEzMTIxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFlZjY5MjQ4ZGExOTQ5ZTBkY2Q5MWEyYjM3NmIzYTMyZWE1NWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhbhpeDU3ijM+PnvdzGTMbIkeE+8
DfMZXF+jv8bR8+P+oqDN75aC2KJKnARRtW34IjIYcnoX7y8L1zyuak1RxcAmyOVy
a2qxWJVoj4CUyki+SWAXGlhoq2iCJx/6x0cm/U2LXiHK8j5A6RDRyVh4p58mdS2O
qvTgfGKI3nDmyFmZK14LQQl+qATvldZvRPLcVOViMi1BIk9/T5DYStC44Fw1mw5B
D8Tgm6ddjeMlUvo2p0qbSn0O0jQuyaWabv9sab7XQ8UgaGhnecpkm0MD62obKFYW
iE8EeSQPukOLUu4XeGKy0Cg6ImvyL6G0xq+nPelFM2lGbjboMJ3BKkSgRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKau9pJI2hlJ4NzZGis3azoy6lXcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcHE3MmtramFHVW5nM05rYUt6ZHJPakxxVmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAb/
MA0GCSqGSIb3DQEBCwUAA4IBAQCLVbKjwfZi7AFBIuqu6HLIqh6VIyyZXhZW392q
yE5Mh+86jv36dEId/mPwSNPdHdo3kJqhssa4KAUnYAj99G1+95f8cdU/Pve0uTfU
tPCUi+w4w0s6+rNe2NoARC76jMUsoSQdBTAmTAGVjMNUl+/f+ZqRd2+aZEAuZC4I
Ktvt3oOD/7bGl0qNioUcsJ5x70rERCC6mQKN192xUPECzv8VMH3EqCnR5HupOpaQ
sZ4IDyfofkhJiasySf1pSjo7kKRmu3JfSxYxUEytDKCnSXKy0aAYjzWMFRbv5A0d
AnXRvso8+9WJfyYaNsJrbbdVysaVQtDP6LkeGRMrrWQ/Qb3r
-----END CERTIFICATE-----
Generated at Wed Feb 14 12:13:19 2024 by rpki-client on console-ams.rpki-client.org