Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qtH2Kh4g3XAVSVqJvFXodg3_0JM.roa
File: qtH2Kh4g3XAVSVqJvFXodg3_0JM.roa (raw, json)
Hash identifier: D4wYqWS5KW6lCz82U9B24sQT1utpQ46hTw7ATUucEMQ=
Subject key identifier: AA:D1:F6:2A:1E:20:DD:70:15:49:5A:89:BC:55:E8:76:0D:FF:D0:93
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D88B7FF2C9231130A66CA958E69305B1C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qtH2Kh4g3XAVSVqJvFXodg3_0JM.roa
Signing time: Thu 08 Feb 2024 12:36:16 +0000
ROA not before: Thu 08 Feb 2024 12:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Feb 2024 05:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:b7:ff:2c:92:31:13:0a:66:ca:95:8e:69:30:5b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 8 12:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aad1f62a1e20dd7015495a89bc55e8760dffd093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bd:d2:05:ed:7c:f8:53:74:4f:89:12:1a:81:
cd:0f:ca:4d:b2:58:c8:40:d3:22:14:72:f4:3f:c3:
78:c8:f3:96:9a:d3:3b:0d:b8:c5:b8:92:69:95:00:
b1:58:ce:9e:e2:ed:76:ae:86:8f:fc:98:09:ea:c6:
b3:d8:21:94:21:1e:a6:4d:ba:aa:a0:d3:9a:72:d8:
03:75:db:f9:bf:ce:04:88:7c:44:38:f3:63:85:47:
52:e6:e3:e9:d7:99:4c:f1:1b:c0:60:b9:0c:4a:13:
aa:6b:15:5e:1b:71:54:88:88:65:89:57:18:8f:3b:
ff:f9:70:78:b1:07:ee:8a:1f:b7:9d:0a:cf:85:90:
58:4c:ad:59:77:92:6d:81:82:a9:60:b5:99:83:d0:
b5:15:db:e3:8c:e5:4b:2c:ca:9d:e5:7a:63:52:00:
02:7f:76:25:4e:ea:8a:39:4f:32:8f:61:d1:5d:19:
ff:de:fb:50:12:19:c2:07:06:9e:da:44:8c:d4:35:
ed:7c:1d:51:a2:64:e4:b9:57:49:92:0a:ae:d1:72:
14:31:c9:18:fa:8f:3d:cf:9f:b1:57:1e:01:10:b2:
4f:b3:03:47:30:23:3d:16:d6:28:af:b9:d9:dd:e1:
db:df:cd:82:13:d1:44:2f:5f:91:e7:93:37:50:75:
b0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D1:F6:2A:1E:20:DD:70:15:49:5A:89:BC:55:E8:76:0D:FF:D0:93
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qtH2Kh4g3XAVSVqJvFXodg3_0JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:b107:19a0::/48
2a0e:b107:1a64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b3:99:0b:31:c4:e1:a1:0d:05:10:85:4f:b4:6d:bf:33:6c:
b2:d4:1f:b9:b5:21:01:a2:3c:c2:db:14:fd:f9:7f:cb:57:8a:
68:43:69:33:36:a5:1b:ea:f3:92:50:ab:15:69:34:6b:4a:89:
b6:bb:4e:61:30:86:c6:93:71:86:32:ce:a1:f6:8d:cd:ff:67:
a5:f3:56:06:82:f4:ef:52:8d:15:e3:96:85:b2:ac:bc:0e:a6:
ff:b3:eb:38:23:cd:76:5d:7b:77:7f:cb:8e:e6:fe:5d:ca:70:
a8:c2:64:46:88:10:4e:24:ec:48:61:7d:ad:7e:8a:6a:1e:70:
59:eb:85:71:e0:ac:3d:f4:58:cd:b8:ac:5d:4a:a7:8a:4a:ec:
c5:d2:21:d8:34:fd:c8:97:c1:35:ea:8c:2d:a8:6f:c0:6c:ab:
5e:fb:e5:54:d1:cb:fe:5b:1f:e5:cd:45:be:3c:dc:d8:b2:59:
1e:7c:cd:7c:0c:b4:78:c6:7e:87:96:6e:ff:37:ac:da:4d:79:
fb:22:8c:22:ff:0f:ed:80:1b:66:15:84:ba:30:af:65:5c:35:
3b:13:1a:14:d7:42:29:76:47:4d:ca:45:bb:7f:6a:5a:04:68:
7b:56:7c:88:75:db:a8:6a:89:c4:67:12:2d:1e:4d:df:ba:1f:
ef:c6:f7:93
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2It/8skjETCmbKlY5pMFscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA4MTIzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQxZjYyYTFlMjBkZDcwMTU0OTVhODliYzU1ZTg3NjBkZmZkMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL3SBe18+FN0T4kSGoHND8pNsljI
QNMiFHL0P8N4yPOWmtM7DbjFuJJplQCxWM6e4u12roaP/JgJ6saz2CGUIR6mTbqq
oNOactgDddv5v84EiHxEOPNjhUdS5uPp15lM8RvAYLkMShOqaxVeG3FUiIhliVcY
jzv/+XB4sQfuih+3nQrPhZBYTK1Zd5JtgYKpYLWZg9C1FdvjjOVLLMqd5XpjUgAC
f3YlTuqKOU8yj2HRXRn/3vtQEhnCBwae2kSM1DXtfB1RomTkuVdJkgqu0XIUMckY
+o89z5+xVx4BELJPswNHMCM9FtYor7nZ3eHb382CE9FEL1+R55M3UHWwiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKrR9ioeIN1wFUlaibxV6HYN/9CTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcXRIMktoNGczWEFWU1ZxSnZGWG9kZzNfMEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6xBxmgAwcAKg6xBxpkMA0GCSqGSIb3DQEBCwUAA4IBAQCn
s5kLMcThoQ0FEIVPtG2/M2yy1B+5tSEBojzC2xT9+X/LV4poQ2kzNqUb6vOSUKsV
aTRrSom2u05hMIbGk3GGMs6h9o3N/2el81YGgvTvUo0V45aFsqy8Dqb/s+s4I812
XXt3f8uO5v5dynCowmRGiBBOJOxIYX2tfopqHnBZ64Vx4Kw99FjNuKxdSqeKSuzF
0iHYNP3Il8E16owtqG/AbKte++VU0cv+Wx/lzUW+PNzYslkefM18DLR4xn6Hlm7/
N6zaTXn7Iowi/w/tgBtmFYS6MK9lXDU7ExoU10IpdkdNykW7f2paBGh7VnyIdduo
aonEZxItHk3fuh/vxveT
-----END CERTIFICATE-----
Generated at Sun Feb 11 09:12:20 2024 by rpki-client on console-ams.rpki-client.org