Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qB2nErkn6DLHPHZynJl6wGkJxto.roa
File: qB2nErkn6DLHPHZynJl6wGkJxto.roa (raw, json)
Hash identifier: JKCfHpqZS5eB6ZZEo90HB68BbQGqkS0vSDHBWLNAmmU=
Subject key identifier: A8:1D:A7:12:B9:27:E8:32:C7:3C:76:72:9C:99:7A:C0:69:09:C6:DA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DD679E3B4FF4641C15F4C7D4C24E1FA1B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qB2nErkn6DLHPHZynJl6wGkJxto.roa
Signing time: Fri 23 Feb 2024 14:58:48 +0000
ROA not before: Fri 23 Feb 2024 14:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210490
IP address blocks: 2a0e:b107:17b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 25 Feb 2024 20:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:79:e3:b4:ff:46:41:c1:5f:4c:7d:4c:24:e1:fa:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 23 14:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a81da712b927e832c73c76729c997ac06909c6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b3:7b:72:bc:e1:33:b1:6c:8d:91:2f:24:08:
0a:3b:b5:4a:f7:1a:41:bf:52:e2:7e:34:2c:36:5c:
c0:65:cd:b2:2a:7b:b9:3d:5c:7d:6d:c3:7a:e0:5b:
b4:e8:7f:84:20:8a:6b:fb:2c:34:1b:d7:f1:fa:53:
ce:35:5d:8f:7d:86:5e:79:8c:16:c2:f7:e0:f9:86:
4f:35:53:32:c4:72:b7:13:d5:85:13:78:06:41:f0:
e9:eb:81:d7:fd:23:80:5e:60:09:58:7d:4c:3e:b3:
70:a2:70:45:c5:4b:06:72:36:a1:d8:10:80:81:28:
60:20:98:d6:9b:51:44:71:25:6d:24:02:c8:b5:74:
e4:56:99:1b:ee:65:9d:d0:fa:31:43:db:74:a0:b9:
cc:62:e8:ff:ec:7e:19:3c:8b:9f:09:78:a3:39:8c:
43:50:73:e2:fd:23:98:4e:77:0f:dc:68:09:4c:4e:
f7:f6:2b:33:68:d0:04:a8:57:95:df:98:a7:55:67:
af:c5:58:d0:b7:6a:4f:9a:68:54:d1:97:d5:60:69:
e1:6f:56:04:d6:a6:60:8b:9d:18:48:6d:b1:60:68:
f1:e7:ad:d0:0b:93:d8:83:af:e8:5a:61:58:b8:c7:
fc:e8:ec:7f:32:fa:d0:a2:e9:0f:1a:ab:6f:af:14:
4e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1D:A7:12:B9:27:E8:32:C7:3C:76:72:9C:99:7A:C0:69:09:C6:DA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qB2nErkn6DLHPHZynJl6wGkJxto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:17b0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:69:d3:fb:95:ff:a8:70:b1:28:e8:f9:46:81:31:7f:f6:d3:
48:7d:00:d1:b2:10:3c:ad:25:f9:18:6c:d8:0c:b2:cf:54:7d:
ba:c2:b3:9b:31:ca:75:73:24:37:c4:9b:2a:25:97:4e:b4:ea:
75:ca:fa:90:6e:30:7b:62:c1:e6:3f:2d:1d:d9:dd:57:df:ab:
e0:9e:4a:7b:b2:4e:f7:d9:4e:45:be:f4:3f:ab:df:53:d4:ef:
87:f5:c5:a6:48:97:0f:89:d5:de:0e:71:da:be:41:dc:74:aa:
e6:59:ff:c4:65:76:92:6f:cb:04:49:41:0e:2c:ad:03:44:0b:
77:a9:b6:65:04:5a:13:1d:6b:5f:10:5e:ce:c7:27:82:8f:1a:
89:dd:3c:77:98:61:80:f9:e3:03:51:41:a7:3b:b7:7b:68:63:
07:13:cb:af:57:ef:c3:32:c7:4e:e0:8d:fa:4c:90:10:d4:77:
b6:99:e5:7e:9d:fb:bb:e0:66:4b:98:39:d8:ff:eb:3c:e9:a4:
9a:f8:64:51:4a:e5:11:38:80:fd:e2:bf:c0:92:cd:a8:f7:45:
91:4a:07:a7:21:16:ac:bc:63:ca:7c:6b:2b:2d:96:91:4b:38:
06:30:d6:c7:c3:bc:f7:6d:9b:40:4d:96:d5:7a:19:99:3a:1a:
27:bc:e8:41
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3WeeO0/0ZBwV9MfUwk4fobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIzMTQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFkYTcxMmI5MjdlODMyYzczYzc2NzI5Yzk5N2FjMDY5MDljNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbN7crzhM7FsjZEvJAgKO7VK9xpB
v1LifjQsNlzAZc2yKnu5PVx9bcN64Fu06H+EIIpr+yw0G9fx+lPONV2PfYZeeYwW
wvfg+YZPNVMyxHK3E9WFE3gGQfDp64HX/SOAXmAJWH1MPrNwonBFxUsGcjah2BCA
gShgIJjWm1FEcSVtJALItXTkVpkb7mWd0PoxQ9t0oLnMYuj/7H4ZPIufCXijOYxD
UHPi/SOYTncP3GgJTE739iszaNAEqFeV35inVWevxVjQt2pPmmhU0ZfVYGnhb1YE
1qZgi50YSG2xYGjx563QC5PYg6/oWmFYuMf86Ox/MvrQoukPGqtvrxROlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKgdpxK5J+gyxzx2cpyZesBpCcbaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcUIybkVya242RExIUEhaeW5KbDZ3R2tKeHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxew
MA0GCSqGSIb3DQEBCwUAA4IBAQC1adP7lf+ocLEo6PlGgTF/9tNIfQDRshA8rSX5
GGzYDLLPVH26wrObMcp1cyQ3xJsqJZdOtOp1yvqQbjB7YsHmPy0d2d1X36vgnkp7
sk732U5FvvQ/q99T1O+H9cWmSJcPidXeDnHavkHcdKrmWf/EZXaSb8sESUEOLK0D
RAt3qbZlBFoTHWtfEF7OxyeCjxqJ3Tx3mGGA+eMDUUGnO7d7aGMHE8uvV+/DMsdO
4I36TJAQ1He2meV+nfu74GZLmDnY/+s86aSa+GRRSuUROID94r/Aks2o90WRSgen
IRasvGPKfGsrLZaRSzgGMNbHw7z3bZtATZbVehmZOhonvOhB
-----END CERTIFICATE-----
Generated at Sun Feb 25 23:46:09 2024 by rpki-client on console-ams.rpki-client.org