Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qXNeg_R3TgSVSurJs1Sp3iBXCfc.roa
File: qXNeg_R3TgSVSurJs1Sp3iBXCfc.roa (raw, json)
Hash identifier: wNkgUrKsqZY1o5wMFdIUQAnNpzmWjq0NJo0g/anLTWk=
Subject key identifier: A9:73:5E:83:F4:77:4E:04:95:4A:EA:C9:B3:54:A9:DE:20:57:09:F7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AECA6B2C1DE900DD5C6793F0CD0DC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qXNeg_R3TgSVSurJs1Sp3iBXCfc.roa
Signing time: Tue 24 Jan 2023 16:09:47 +0000
ROA not before: Tue 24 Jan 2023 16:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:b107:1788::/48 maxlen: 48
2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a48::/48 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a44::/48 maxlen: 48
2a0e:97c0:a47::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Mar 2023 22:51:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:ec:a6:b2:c1:de:90:0d:d5:c6:79:3f:0c:d0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9735e83f4774e04954aeac9b354a9de205709f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:43:70:e3:95:5f:7a:3d:40:ed:22:45:29:9e:
22:fd:cb:65:1b:10:fb:7a:67:ad:2e:3b:31:69:fa:
ec:90:cb:ff:a3:a0:4e:14:e6:ef:68:85:27:9b:47:
64:cd:07:c3:f2:73:af:6b:76:ac:32:a0:b4:09:98:
88:15:b0:74:7d:90:35:ac:7c:f5:5c:ca:c1:98:89:
b5:eb:1b:9c:6a:64:70:fc:e9:77:4a:0d:29:e6:39:
16:0b:be:fd:da:ad:74:99:bb:f2:da:fe:5f:c5:76:
b0:0c:89:ed:3a:e8:c9:a2:6b:04:2c:38:d5:22:18:
dd:4a:7e:42:39:cd:1f:d1:9f:33:28:ba:4b:61:42:
4b:b0:cd:b8:ef:20:ef:87:0b:81:c7:e2:57:18:72:
bf:0d:9f:17:12:f2:77:f4:7c:c9:bf:68:04:c1:21:
00:08:4e:c0:c8:7d:b0:9b:56:3b:5c:63:a8:aa:c7:
56:88:08:6b:b0:11:8f:b8:6b:4d:97:65:80:af:b5:
95:16:2e:a9:a1:d8:72:25:5e:ec:40:11:de:f2:cf:
79:5d:66:47:7c:73:ca:1a:c8:35:12:fe:a7:b7:18:
22:16:9c:61:e1:50:65:4e:39:a2:1e:13:09:cf:dc:
16:fc:25:14:4e:8e:1d:d9:cf:2f:58:19:dc:08:f5:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:73:5E:83:F4:77:4E:04:95:4A:EA:C9:B3:54:A9:DE:20:57:09:F7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qXNeg_R3TgSVSurJs1Sp3iBXCfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
2a0e:b107:1788::/48
Signature Algorithm: sha256WithRSAEncryption
8e:1b:e7:81:db:77:86:16:4b:bb:73:d6:8b:4e:48:ce:ec:ca:
03:cc:ab:27:9e:b6:5b:06:5e:39:37:b6:d2:52:c7:96:df:8c:
cd:a6:45:07:65:18:8a:e3:27:16:be:84:c9:b2:30:92:75:5b:
06:d8:e3:65:38:a3:b1:15:83:26:83:77:31:76:92:88:56:3e:
23:54:c0:de:21:56:20:72:84:48:2d:7c:bc:e3:93:3c:16:42:
e3:21:e6:1b:26:71:85:3e:0c:3c:c0:f0:eb:be:ef:44:06:0e:
d4:d9:ef:9a:7a:72:da:8b:82:26:cd:f3:39:17:74:79:ef:ab:
a7:1b:79:f4:6f:19:15:b3:3a:09:9b:4a:e7:d7:b2:a6:7a:2e:
d4:74:0c:67:61:81:67:63:0c:4a:91:a0:77:68:66:90:32:ff:
e6:e1:85:26:3d:7b:e7:e5:55:4c:4c:45:94:85:6f:24:27:f5:
81:8b:eb:a3:8d:d8:2f:da:0a:b3:61:66:a6:15:3c:e3:a6:a7:
69:d3:93:01:f1:2e:b5:97:f0:2a:4c:04:3a:18:e9:fd:41:f4:
a3:66:8c:11:5c:46:a6:6e:4c:d0:b7:b4:ae:5a:18:6b:d5:6f:
34:9c:5d:fd:05:91:d2:80:a7:cf:dc:74:32:c3:ce:0f:3a:49:
f3:cf:51:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiuymssHekA3Vxnk/DNDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTczNWU4M2Y0Nzc0ZTA0OTU0YWVhYzliMzU0YTlkZTIwNTcwOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUNw45Vfej1A7SJFKZ4i/ctlGxD7
emetLjsxafrskMv/o6BOFObvaIUnm0dkzQfD8nOva3asMqC0CZiIFbB0fZA1rHz1
XMrBmIm16xucamRw/Ol3Sg0p5jkWC7792q10mbvy2v5fxXawDIntOujJomsELDjV
IhjdSn5COc0f0Z8zKLpLYUJLsM247yDvhwuBx+JXGHK/DZ8XEvJ39HzJv2gEwSEA
CE7AyH2wm1Y7XGOoqsdWiAhrsBGPuGtNl2WAr7WVFi6podhyJV7sQBHe8s95XWZH
fHPKGsg1Ev6ntxgiFpxh4VBlTjmiHhMJz9wW/CUUTo4d2c8vWBncCPUKAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKlzXoP0d04ElUrqybNUqd4gVwn3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcVhOZWdfUjNUZ1NWU3VySnMxU3AzaUJYQ2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwApA
AwcAKg6xBxeIMA0GCSqGSIb3DQEBCwUAA4IBAQCOG+eB23eGFku7c9aLTkjO7MoD
zKsnnrZbBl45N7bSUseW34zNpkUHZRiK4ycWvoTJsjCSdVsG2ONlOKOxFYMmg3cx
dpKIVj4jVMDeIVYgcoRILXy845M8FkLjIeYbJnGFPgw8wPDrvu9EBg7U2e+aenLa
i4ImzfM5F3R576unG3n0bxkVszoJm0rn17Kmei7UdAxnYYFnYwxKkaB3aGaQMv/m
4YUmPXvn5VVMTEWUhW8kJ/WBi+ujjdgv2gqzYWamFTzjpqdp05MB8S61l/AqTAQ6
GOn9QfSjZowRXEambkzQt7SuWhhr1W80nF39BZHSgKfP3HQyw84POknzz1G0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:38 2024 by rpki-client on console-fra.rpki-client.org