Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rN3rcFGFq8ledk4u_K_GuKERAWI.roa
File: rN3rcFGFq8ledk4u_K_GuKERAWI.roa (raw, json)
Hash identifier: V3JWUNQTIdYKQMEb+MVTpIGP75kX4OCqmylu5aD9biE=
Subject key identifier: AC:DD:EB:70:51:85:AB:C9:5E:76:4E:2E:FC:AF:C6:B8:A1:11:01:62
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DE7B9B157A1C03103C88BDBFBA029B378
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rN3rcFGFq8ledk4u_K_GuKERAWI.roa
Signing time: Mon 26 Feb 2024 23:22:02 +0000
ROA not before: Mon 26 Feb 2024 23:22:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202673
IP address blocks: 2a0e:97c0:c40::/44 maxlen: 48
2a0e:97c0:f30::/44 maxlen: 48
2a0e:97c0:f30::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Feb 2024 13:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e7:b9:b1:57:a1:c0:31:03:c8:8b:db:fb:a0:29:b3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 26 23:22:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acddeb705185abc95e764e2efcafc6b8a1110162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:06:b0:61:e5:14:7c:ac:12:82:b6:cb:5c:56:
c5:37:7c:46:b1:53:bb:6f:c4:05:dd:b6:33:66:31:
c5:87:35:50:70:4b:2a:e5:d1:22:e0:01:bb:15:8b:
55:85:28:f4:00:46:be:af:50:34:a4:d1:83:ed:97:
19:0b:b7:fc:d1:d4:6d:7a:54:05:8d:da:15:aa:40:
5d:56:18:a0:c4:48:1c:1c:d3:ad:c8:70:5e:45:ca:
e6:8d:00:68:da:de:9a:6f:7a:5b:37:82:89:75:27:
84:6b:8d:7c:5a:f7:6c:c5:d3:f7:fc:8f:63:d0:56:
c2:41:df:7a:09:cc:c1:28:fc:08:76:f3:a4:33:29:
1a:98:42:b3:b4:ff:e0:13:1e:d7:d3:8e:ba:66:df:
23:bd:9f:f6:5d:0f:ca:b0:40:ef:c5:b0:d8:87:3f:
2d:4a:f2:1a:dd:03:8d:88:2e:48:0d:89:56:86:96:
21:78:3c:a2:5f:60:49:03:5f:6f:a5:25:d5:1d:1b:
b2:db:e3:ee:d6:0d:81:b4:a1:8b:a5:f2:5d:15:77:
02:7c:6c:a4:54:6e:24:70:22:b0:b9:a5:5d:16:4e:
45:a4:22:1e:40:b9:1c:23:c9:86:44:b4:fa:03:6f:
af:7e:8d:26:55:b6:3f:6c:95:23:f1:60:eb:fb:e3:
e7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DD:EB:70:51:85:AB:C9:5E:76:4E:2E:FC:AF:C6:B8:A1:11:01:62
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rN3rcFGFq8ledk4u_K_GuKERAWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c40::/44
2a0e:97c0:f30::/44
Signature Algorithm: sha256WithRSAEncryption
a1:cf:39:27:20:97:f1:a2:3d:c8:20:81:88:1c:b0:05:98:8b:
58:39:c9:75:f6:72:d7:9d:f4:34:4f:1c:96:a1:29:40:63:ea:
48:56:93:6e:1e:86:23:03:98:58:6d:ba:66:f6:ec:a6:0d:88:
45:41:84:6a:ac:8f:bd:08:d9:16:a3:3a:e9:91:6a:a7:f8:cd:
d8:86:ef:2e:92:36:bb:f5:e4:02:96:2e:5b:98:06:34:36:8b:
69:18:c7:b0:35:de:62:55:82:ea:1c:f1:d1:1d:bb:85:94:cb:
f7:79:ec:48:a4:18:3e:dd:4c:02:b6:f1:6a:72:84:3d:6b:af:
3b:8a:4d:83:e2:8b:56:46:22:92:84:69:99:c2:d3:8a:74:cf:
9b:0e:f6:24:7e:4b:1b:be:d6:ee:5f:06:8a:49:e7:a5:87:82:
10:6e:3a:b1:d7:38:0a:bd:b3:5d:cc:d2:59:01:0a:bf:70:bf:
a2:b2:64:1a:04:18:cf:f3:03:cb:93:91:e9:a6:2e:15:4b:78:
da:33:2f:ee:bd:ba:19:a5:50:c7:60:29:23:ab:ec:e1:2f:8f:
d8:e3:62:4a:c2:76:4a:6a:ee:f7:9e:02:60:f7:4a:c5:97:c7:
66:24:5c:ed:1b:f5:49:81:d6:a2:30:9c:80:f4:37:cc:94:aa:
6f:7b:d7:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3nubFXocAxA8iL2/ugKbN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjI2MjMyMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2RkZWI3MDUxODVhYmM5NWU3NjRlMmVmY2FmYzZiOGExMTEwMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAawYeUUfKwSgrbLXFbFN3xGsVO7
b8QF3bYzZjHFhzVQcEsq5dEi4AG7FYtVhSj0AEa+r1A0pNGD7ZcZC7f80dRtelQF
jdoVqkBdVhigxEgcHNOtyHBeRcrmjQBo2t6ab3pbN4KJdSeEa418WvdsxdP3/I9j
0FbCQd96CczBKPwIdvOkMykamEKztP/gEx7X0466Zt8jvZ/2XQ/KsEDvxbDYhz8t
SvIa3QONiC5IDYlWhpYheDyiX2BJA19vpSXVHRuy2+Pu1g2BtKGLpfJdFXcCfGyk
VG4kcCKwuaVdFk5FpCIeQLkcI8mGRLT6A2+vfo0mVbY/bJUj8WDr++PnvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKzd63BRhavJXnZOLvyvxrihEQFiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvck4zcmNGR0ZxOGxlZGs0dV9LX0d1S0VSQVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAxA
AwcEKg6XwA8wMA0GCSqGSIb3DQEBCwUAA4IBAQChzzknIJfxoj3IIIGIHLAFmItY
Ocl19nLXnfQ0TxyWoSlAY+pIVpNuHoYjA5hYbbpm9uymDYhFQYRqrI+9CNkWozrp
kWqn+M3Yhu8ukja79eQCli5bmAY0NotpGMewNd5iVYLqHPHRHbuFlMv3eexIpBg+
3UwCtvFqcoQ9a687ik2D4otWRiKShGmZwtOKdM+bDvYkfksbvtbuXwaKSeelh4IQ
bjqx1zgKvbNdzNJZAQq/cL+ismQaBBjP8wPLk5Hppi4VS3jaMy/uvboZpVDHYCkj
q+zhL4/Y42JKwnZKau73ngJg90rFl8dmJFztG/VJgdaiMJyA9DfMlKpve9fU
-----END CERTIFICATE-----
Generated at Wed Feb 28 17:27:42 2024 by rpki-client on console-fra.rpki-client.org