Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qm4ffFr1L_HJhCiFfZ7wRIBhChs.roa
File: qm4ffFr1L_HJhCiFfZ7wRIBhChs.roa (raw, json)
Hash identifier: jCzUxUyBfEcGJzQX9x3w9F8lpwvrN9bP8032/Wg0+4A=
Subject key identifier: AA:6E:1F:7C:5A:F5:2F:F1:C9:84:28:85:7D:9E:F0:44:80:61:0A:1B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D88B7FF77DF0CEBCDCBD0686A1D2D9EB4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qm4ffFr1L_HJhCiFfZ7wRIBhChs.roa
Signing time: Thu 08 Feb 2024 12:36:16 +0000
ROA not before: Thu 08 Feb 2024 12:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Feb 2024 05:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:b7:ff:77:df:0c:eb:cd:cb:d0:68:6a:1d:2d:9e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 8 12:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa6e1f7c5af52ff1c98428857d9ef04480610a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:14:aa:fb:97:a2:75:b6:b8:fc:45:16:df:fc:
a8:95:52:2b:74:9c:0f:6d:b8:b5:9e:98:47:3a:90:
ba:31:b4:2d:47:da:43:86:8d:8a:52:6f:8a:9c:47:
77:a8:59:19:f3:96:d2:a0:8a:a1:fa:fb:19:ea:4e:
5e:f2:79:ea:4e:42:59:56:40:49:86:d5:34:ac:0b:
c3:b2:cc:80:21:9b:e4:a3:e6:0a:f9:c3:c4:a7:2e:
9c:54:34:d9:01:c7:04:53:86:88:87:c4:d0:a3:28:
fd:9e:f9:0c:43:79:28:7b:6f:c1:52:e0:5d:d6:a7:
27:24:9c:65:4b:0b:a7:14:74:5a:92:34:24:58:30:
bb:17:13:ba:6b:3f:9d:de:ee:e2:4a:df:cc:4b:c4:
61:47:c6:ad:20:6d:fe:6b:18:e0:6b:64:c2:00:a0:
48:89:53:ae:d4:ba:de:21:01:f8:a0:7f:0c:41:70:
36:45:d0:40:c1:b9:75:d2:ef:35:b5:61:e0:f0:1d:
e2:ea:e1:36:19:21:8e:88:2e:f3:6a:ed:52:c9:3f:
99:8d:f1:7e:69:a8:19:e6:0a:05:c7:23:05:e2:b0:
fe:63:0a:4d:1f:f4:07:f1:28:c5:93:fa:87:23:a3:
f7:f5:66:05:33:1d:34:42:a4:f5:97:46:ed:c1:d1:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6E:1F:7C:5A:F5:2F:F1:C9:84:28:85:7D:9E:F0:44:80:61:0A:1B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qm4ffFr1L_HJhCiFfZ7wRIBhChs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
2a0e:b107:1a64::/48
Signature Algorithm: sha256WithRSAEncryption
55:d9:4b:34:cc:6f:f5:4f:00:0d:a5:a9:47:33:6d:45:d4:31:
68:48:d3:d5:3d:51:fb:c2:51:ea:60:af:a6:fd:af:d7:34:4d:
da:59:80:48:44:1a:8e:c2:de:e4:d9:27:e6:d9:ee:9e:91:f8:
32:47:32:f1:9c:da:ab:a5:4c:d7:be:5b:87:48:91:e6:a6:cd:
b4:70:d3:bf:b9:e3:9e:3f:b5:eb:91:ed:1c:f3:2e:68:55:16:
6a:5e:61:cf:c3:cb:a9:e5:6b:79:c8:a1:ef:b7:98:04:d0:8f:
9a:09:25:e4:d4:50:ec:42:76:4f:52:27:ba:84:8b:92:16:9d:
28:7b:58:8d:92:ed:d0:e6:f3:e1:24:81:5c:7e:fe:a7:65:4e:
df:a2:96:3a:6e:f1:19:d7:ab:c1:15:cc:0d:03:de:9f:a1:fb:
17:ef:7b:19:e0:11:3d:26:d6:29:f1:01:cc:24:c5:eb:af:3b:
6b:83:64:9e:48:c9:9b:82:66:b6:4c:ec:51:2e:ec:87:ee:b9:
cb:92:d3:06:a8:00:ca:65:51:52:f8:00:75:68:fa:f3:bd:d3:
ed:40:4f:5b:2d:ba:39:69:16:a4:0c:41:95:44:11:e7:c1:30:
a6:69:f9:22:b5:13:71:f3:5c:fa:3c:8c:0b:3d:20:1e:fc:20:
47:eb:5f:a8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2It/933wzrzcvQaGodLZ60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA4MTIzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTZlMWY3YzVhZjUyZmYxYzk4NDI4ODU3ZDllZjA0NDgwNjEwYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBSq+5eidba4/EUW3/yolVIrdJwP
bbi1nphHOpC6MbQtR9pDho2KUm+KnEd3qFkZ85bSoIqh+vsZ6k5e8nnqTkJZVkBJ
htU0rAvDssyAIZvko+YK+cPEpy6cVDTZAccEU4aIh8TQoyj9nvkMQ3koe2/BUuBd
1qcnJJxlSwunFHRakjQkWDC7FxO6az+d3u7iSt/MS8RhR8atIG3+axjga2TCAKBI
iVOu1LreIQH4oH8MQXA2RdBAwbl10u81tWHg8B3i6uE2GSGOiC7zau1SyT+ZjfF+
aagZ5goFxyMF4rD+YwpNH/QH8SjFk/qHI6P39WYFMx00QqT1l0btwdGQdQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKpuH3xa9S/xyYQohX2e8ESAYQobMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcW00ZmZGcjFMX0hKaENpRmZaN3dSSUJoQ2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgAwcAKg6xBxpkMA0GCSqGSIb3DQEBCwUAA4IBAQBV
2Us0zG/1TwANpalHM21F1DFoSNPVPVH7wlHqYK+m/a/XNE3aWYBIRBqOwt7k2Sfm
2e6ekfgyRzLxnNqrpUzXvluHSJHmps20cNO/ueOeP7Xrke0c8y5oVRZqXmHPw8up
5Wt5yKHvt5gE0I+aCSXk1FDsQnZPUie6hIuSFp0oe1iNku3Q5vPhJIFcfv6nZU7f
opY6bvEZ16vBFcwNA96fofsX73sZ4BE9JtYp8QHMJMXrrztrg2SeSMmbgma2TOxR
LuyH7rnLktMGqADKZVFS+AB1aPrzvdPtQE9bLbo5aRakDEGVRBHnwTCmafkitRNx
81z6PIwLPSAe/CBH61+o
-----END CERTIFICATE-----
Generated at Sun Feb 11 09:07:40 2024 by rpki-client on console-fra.rpki-client.org