Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8KOkXNCSb8eO9PE_BJnPM8HNlw.roa
File: s8KOkXNCSb8eO9PE_BJnPM8HNlw.roa (raw, json)
Hash identifier: /TlAJ4fLiWRbeGBsndR5NvMqRYbMOQRfqBFpMb6e9eE=
Subject key identifier: B3:C2:8E:91:73:42:49:BF:1E:3B:D3:C4:FC:12:67:3C:CF:07:36:5C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942447E72C0E91C9EDB7355EB896D1FED1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8KOkXNCSb8eO9PE_BJnPM8HNlw.roa
Signing time: Wed 01 Jan 2025 23:51:19 +0000
ROA not before: Wed 01 Jan 2025 23:51:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:de01:140::/44 maxlen: 48
2a06:de01:141::/48 maxlen: 48
2a06:de01:142::/48 maxlen: 48
2a06:de01:143::/48 maxlen: 48
2a06:de01:144::/48 maxlen: 48
2a06:de01:145::/48 maxlen: 48
2a06:de03:3690::/48 maxlen: 48
2a06:de03:3691::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:47:e7:2c:0e:91:c9:ed:b7:35:5e:b8:96:d1:fe:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 1 23:51:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c28e91734249bf1e3bd3c4fc12673ccf07365c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e5:59:c3:46:8d:47:7e:97:35:89:ee:84:a3:
55:24:8c:68:09:11:a9:39:e1:a6:e2:07:91:64:af:
8a:0d:4a:c4:70:ed:6e:c0:40:0c:4d:50:bc:5a:d8:
e3:19:69:99:23:e5:ae:7f:5d:f2:2f:9a:07:a1:a4:
a5:03:e5:61:70:77:ec:a0:11:55:0f:1f:ae:ab:6c:
ee:1e:21:9e:87:17:61:b1:56:9b:1b:a6:c2:98:78:
73:6c:b3:e6:fe:c9:08:e0:64:18:9a:a6:f9:59:22:
69:ed:df:3c:2a:62:6b:13:79:c5:1f:b0:97:01:db:
d5:ee:01:89:01:64:4d:08:12:19:90:b8:74:82:03:
db:ed:dd:0c:5c:b1:85:87:d3:ff:b1:f8:4a:6d:70:
4a:64:7b:88:5f:c4:a5:8f:16:a7:34:43:af:7f:26:
57:20:eb:27:34:fa:4c:52:23:18:63:df:28:b5:57:
cf:af:1f:d6:bd:7f:7b:a1:fe:1e:d8:35:e6:d7:61:
c5:ce:14:c5:cd:63:8a:0f:56:3d:6a:d5:3a:f6:e6:
99:0b:f6:2c:59:8a:74:f3:50:5d:e0:73:46:b6:83:
7a:6c:fe:7a:65:5b:42:9f:d2:f0:4d:d7:ae:88:1b:
cf:c5:e9:e8:f3:01:4e:b3:5f:4a:50:e4:3b:d5:81:
31:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C2:8E:91:73:42:49:BF:1E:3B:D3:C4:FC:12:67:3C:CF:07:36:5C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/s8KOkXNCSb8eO9PE_BJnPM8HNlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:140::/44
2a06:de03:3690::/47
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
63:dd:77:cc:79:54:a1:c3:f4:5f:d1:52:65:37:8f:eb:c9:41:
e0:f6:40:b9:78:05:a6:c1:f8:67:6a:46:db:cb:9f:31:a4:90:
e2:00:f7:f2:e0:ee:aa:85:67:5f:47:4b:36:cb:b4:a3:dc:02:
59:2b:4d:95:a1:49:e1:36:79:74:8b:28:8e:03:25:ce:a8:6d:
7d:33:6d:8b:8c:c8:55:9e:61:1b:71:ab:af:ec:b1:09:8d:57:
16:ec:ba:cd:7b:10:88:b8:fa:21:98:49:0e:d5:26:56:ca:d1:
b5:08:f6:c9:39:77:72:5b:aa:60:bc:2f:c6:01:3d:1d:e7:32:
8c:b8:92:4c:04:63:7d:82:d1:0e:5e:b6:19:6f:46:5b:03:48:
cd:26:fc:ba:f4:f2:7f:e7:4c:c7:bc:d5:ce:69:f3:43:b6:f1:
0a:ef:f0:9b:e3:47:09:a4:c0:94:97:65:9d:46:24:48:5b:d3:
65:fe:75:cf:54:a1:29:dc:71:ed:0b:65:73:53:9e:5b:38:26:
0d:80:4d:fc:9c:20:ef:26:1b:34:4a:c9:bb:f1:9f:e4:cd:f5:
19:e8:57:bb:40:72:f1:bc:2a:8f:4c:57:d0:9b:b9:f0:a0:c9:
d2:70:51:61:c5:39:cf:6f:66:58:79:c8:7b:8a:25:13:cc:23:
b2:5b:33:01
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZQkR+csDpHJ7bc1XriW0f7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAxMjM1MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MyOGU5MTczNDI0OWJmMWUzYmQzYzRmYzEyNjczY2NmMDczNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeVZw0aNR36XNYnuhKNVJIxoCRGp
OeGm4geRZK+KDUrEcO1uwEAMTVC8WtjjGWmZI+Wuf13yL5oHoaSlA+VhcHfsoBFV
Dx+uq2zuHiGehxdhsVabG6bCmHhzbLPm/skI4GQYmqb5WSJp7d88KmJrE3nFH7CX
AdvV7gGJAWRNCBIZkLh0ggPb7d0MXLGFh9P/sfhKbXBKZHuIX8SljxanNEOvfyZX
IOsnNPpMUiMYY98otVfPrx/WvX97of4e2DXm12HFzhTFzWOKD1Y9atU69uaZC/Ys
WYp081Bd4HNGtoN6bP56ZVtCn9LwTdeuiBvPxeno8wFOs19KUOQ71YEx2QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFLPCjpFzQkm/HjvTxPwSZzzPBzZcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvczhLT2tYTkNTYjhlTzlQRV9CSm5QTThITmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wewQCAAIwdQMHBCoG3gEB
QAMHASoG3gM2kAMGACoMO4f/AwcAKg6XwAdQMBIDBwAqDpfAB5EDBwAqDpfAB5ID
BwAqDrEHCfQDBwAqDrEHCfYDBwAqDrEHDfIDBwAqDrEHGHADBwAqDrEHG54DBwAq
DrEHJ4sDBgIqEMzHkDANBgkqhkiG9w0BAQsFAAOCAQEAY913zHlUocP0X9FSZTeP
68lB4PZAuXgFpsH4Z2pG28ufMaSQ4gD38uDuqoVnX0dLNsu0o9wCWStNlaFJ4TZ5
dIsojgMlzqhtfTNti4zIVZ5hG3Grr+yxCY1XFuy6zXsQiLj6IZhJDtUmVsrRtQj2
yTl3cluqYLwvxgE9HecyjLiSTARjfYLRDl62GW9GWwNIzSb8uvTyf+dMx7zVzmnz
Q7bxCu/wm+NHCaTAlJdlnUYkSFvTZf51z1ShKdxx7Qtlc1OeWzgmDYBN/Jwg7yYb
NErJu/Gf5M31GehXu0By8bwqj0xX0Ju58KDJ0nBRYcU5z29mWHnIe4olE8wjslsz
AQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:40:52 2025 by rpki-client