Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qlPXwkL37mHtl7wcZ3MuslC5rhM.roa
File: qlPXwkL37mHtl7wcZ3MuslC5rhM.roa (raw, json)
Hash identifier: k48P2PBIZD8EjqwAMiRNltHK/etyMZxjNawEXa7OUY0=
Subject key identifier: AA:53:D7:C2:42:F7:EE:61:ED:97:BC:1C:67:73:2E:B2:50:B9:AE:13
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CF8E5883DAA6C9685B458799A00961414
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qlPXwkL37mHtl7wcZ3MuslC5rhM.roa
Signing time: Thu 11 Jan 2024 14:20:41 +0000
ROA not before: Thu 11 Jan 2024 14:20:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205977
IP address blocks: 2a0e:b107:760::/48 maxlen: 48
2a0e:b107:765::/48 maxlen: 48
2a10:2f00:120::/48 maxlen: 48
2a0e:b107:764::/48 maxlen: 48
2a0e:b107:769::/48 maxlen: 48
2a0e:b107:768::/45 maxlen: 48
2a0e:b107:763::/48 maxlen: 48
2a0e:b107:768::/48 maxlen: 48
2a0e:b107:760::/44 maxlen: 48
2a0e:b107:762::/48 maxlen: 48
2a0e:b107:767::/48 maxlen: 48
2a0e:b107:761::/48 maxlen: 48
2a0e:b107:766::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 15:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:e5:88:3d:aa:6c:96:85:b4:58:79:9a:00:96:14:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 11 14:20:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa53d7c242f7ee61ed97bc1c67732eb250b9ae13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:69:74:a2:2c:5b:10:2d:44:8a:d2:e6:8f:26:
2e:06:c0:30:f1:51:43:5b:43:5f:3b:66:28:10:e3:
53:3c:6c:53:9e:5a:b0:22:02:1f:5a:98:3b:c9:a7:
9f:d0:f8:7f:a0:2a:70:23:ea:9e:79:43:1d:27:f3:
97:67:f4:0c:1f:38:f8:d1:37:7b:31:73:c7:86:e1:
b8:79:e3:4a:f0:bb:54:fe:61:97:78:90:dd:a3:3a:
00:2b:38:d0:cf:66:8d:ef:f4:af:be:3c:fe:73:98:
0e:70:7d:d0:8d:54:fb:98:30:bf:6b:75:8f:50:e7:
c5:b4:b0:53:91:ab:cf:f6:79:7b:73:bb:dc:8e:62:
2a:93:fb:6f:d0:da:67:b3:0c:a5:26:91:b1:d6:1b:
a6:69:d1:79:8f:b0:3a:b5:0e:88:ae:73:12:9e:fe:
5e:c8:c6:84:16:af:44:77:8c:98:4c:8b:b9:d5:6a:
1e:e5:ae:88:ee:41:d0:25:6e:84:b7:11:e7:0b:89:
27:6e:0e:94:fc:1c:ed:67:6f:02:17:6b:5b:57:14:
0f:18:b9:6a:33:09:fb:e8:69:64:d9:b6:97:7d:0f:
50:ce:ce:35:73:95:4a:19:bc:41:78:73:8a:3b:5b:
cd:a4:76:2b:f6:14:97:de:23:9a:f6:c4:99:2f:b9:
c8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:53:D7:C2:42:F7:EE:61:ED:97:BC:1C:67:73:2E:B2:50:B9:AE:13
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qlPXwkL37mHtl7wcZ3MuslC5rhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:760::/44
2a10:2f00:120::/48
Signature Algorithm: sha256WithRSAEncryption
c4:ae:b2:ab:82:d8:55:cd:41:0a:9d:00:30:0f:25:bc:ff:8c:
4e:36:34:a4:83:65:aa:45:84:69:96:0a:f7:37:71:ac:a1:36:
2d:1a:c5:c9:2f:d8:c7:e7:20:ba:fc:80:57:68:03:20:28:cf:
fd:11:b6:0a:a7:aa:e3:86:63:82:cf:c9:4d:1c:be:8a:95:e8:
35:b1:a3:98:ff:5f:78:2a:99:69:b7:bc:ab:e8:bd:0f:84:cd:
c9:da:86:b9:6b:43:c7:3a:47:d0:83:75:3c:fd:71:a5:c7:38:
6a:11:e3:31:ae:92:09:8d:83:42:fc:a8:a0:3a:1c:49:bf:c8:
ed:1a:c3:81:be:64:55:62:9f:9a:ce:f5:3a:63:93:d8:0d:42:
50:bb:43:e2:de:7b:65:ee:bc:ec:06:d9:99:ef:23:98:16:12:
e0:1f:a1:7f:1a:af:3b:0e:ca:43:c4:58:41:7f:46:d9:a2:6c:
ec:ed:2a:2e:74:36:99:1e:30:bc:a4:83:ea:f4:e7:ee:0d:39:
30:8f:f5:09:08:be:f3:5c:50:c4:0d:04:56:5c:15:6b:7d:2f:
c4:3d:6c:d5:03:55:78:e0:f3:09:1f:70:c2:67:a7:51:f3:2a:
cc:22:4a:e8:17:11:03:a1:3f:80:82:94:db:04:c0:39:2f:d8:
70:90:a3:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz45Yg9qmyWhbRYeZoAlhQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTExMTQyMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTUzZDdjMjQyZjdlZTYxZWQ5N2JjMWM2NzczMmViMjUwYjlhZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2l0oixbEC1EitLmjyYuBsAw8VFD
W0NfO2YoEONTPGxTnlqwIgIfWpg7yaef0Ph/oCpwI+qeeUMdJ/OXZ/QMHzj40Td7
MXPHhuG4eeNK8LtU/mGXeJDdozoAKzjQz2aN7/Svvjz+c5gOcH3QjVT7mDC/a3WP
UOfFtLBTkavP9nl7c7vcjmIqk/tv0NpnswylJpGx1humadF5j7A6tQ6IrnMSnv5e
yMaEFq9Ed4yYTIu51Woe5a6I7kHQJW6EtxHnC4knbg6U/BztZ28CF2tbVxQPGLlq
Mwn76Glk2baXfQ9Qzs41c5VKGbxBeHOKO1vNpHYr9hSX3iOa9sSZL7nIawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKpT18JC9+5h7Ze8HGdzLrJQua4TMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcWxQWHdrTDM3bUh0bDd3Y1ozTXVzbEM1cmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwdg
AwcAKhAvAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQDErrKrgthVzUEKnQAwDyW8/4xO
NjSkg2WqRYRplgr3N3GsoTYtGsXJL9jH5yC6/IBXaAMgKM/9EbYKp6rjhmOCz8lN
HL6Kleg1saOY/194Kplpt7yr6L0PhM3J2oa5a0PHOkfQg3U8/XGlxzhqEeMxrpIJ
jYNC/KigOhxJv8jtGsOBvmRVYp+azvU6Y5PYDUJQu0Pi3ntl7rzsBtmZ7yOYFhLg
H6F/Gq87DspDxFhBf0bZomzs7SoudDaZHjC8pIPq9OfuDTkwj/UJCL7zXFDEDQRW
XBVrfS/EPWzVA1V44PMJH3DCZ6dR8yrMIkroFxEDoT+AgpTbBMA5L9hwkKO8
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:11:03 2024 by rpki-client on console-ams.rpki-client.org