Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sJP0H1SLmUo-ezGU8ngFI0_9Dqw.roa
File: sJP0H1SLmUo-ezGU8ngFI0_9Dqw.roa (raw, json)
Hash identifier: yD+aXXeD0M+KtNek09CdNGrSw8Bqfbl8/b9NlsXNojo=
Subject key identifier: B0:93:F4:1F:54:8B:99:4A:3E:7B:31:94:F2:78:05:23:4F:FD:0E:AC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DEFDE21F896DB436A43035052F6E962A5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sJP0H1SLmUo-ezGU8ngFI0_9Dqw.roa
Signing time: Wed 28 Feb 2024 13:18:48 +0000
ROA not before: Wed 28 Feb 2024 13:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202673
IP address blocks: 2a0e:97c0:c40::/44 maxlen: 48
2a0e:97c0:f30::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 20:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:de:21:f8:96:db:43:6a:43:03:50:52:f6:e9:62:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 28 13:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b093f41f548b994a3e7b3194f27805234ffd0eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:52:0b:25:f4:de:66:e5:b6:b0:e6:98:5c:
42:69:7a:89:bb:d2:f4:d6:13:dd:60:ca:34:88:d1:
6f:e5:16:fa:43:5d:ca:65:72:a2:cb:b9:db:f1:50:
25:c1:79:93:ed:24:3a:61:2e:9b:e4:bf:b0:d6:6f:
4d:e6:f6:f8:15:6a:6b:93:8c:fc:e4:be:eb:3a:fc:
a8:4e:a1:a8:b3:c6:e5:99:49:fd:0d:b7:cb:01:6b:
88:d8:18:c6:25:c4:71:ff:80:eb:e2:6b:11:63:73:
56:87:6e:5a:9a:2d:9f:3a:aa:4f:26:d2:d2:e1:58:
a3:08:f1:f2:be:81:bb:1b:0a:b6:7f:d0:88:43:f9:
75:9b:b1:09:cc:85:e9:05:90:d6:06:ed:79:68:5a:
07:ed:61:de:5a:ae:86:75:35:c4:8a:61:05:81:10:
e5:54:77:ee:68:73:42:44:9a:63:8c:2a:f5:56:ab:
b6:83:65:e6:f0:fa:2d:96:f1:6d:01:d6:cb:f4:c8:
35:fc:8c:69:a6:fe:8a:3f:9d:ab:7d:b5:1a:de:56:
46:3d:c2:e7:fd:64:ef:41:15:67:8a:2f:03:53:ad:
4b:a7:25:2b:26:e2:20:64:36:21:5c:e6:20:f4:70:
86:9f:c5:0a:7f:03:1c:2c:6d:af:f8:9c:85:51:cc:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:93:F4:1F:54:8B:99:4A:3E:7B:31:94:F2:78:05:23:4F:FD:0E:AC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sJP0H1SLmUo-ezGU8ngFI0_9Dqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c40::/44
2a0e:97c0:f30::/44
Signature Algorithm: sha256WithRSAEncryption
03:5e:8a:9b:fa:29:8c:04:54:0e:0c:08:d9:8c:3c:e1:ba:ac:
1c:6d:8e:b6:d3:ec:46:05:b8:5d:66:ac:f6:64:98:b4:78:9f:
e1:6a:25:fb:92:02:90:e4:f0:5c:8d:b7:fa:60:83:7e:da:75:
46:34:2b:1e:b8:7a:9a:6a:d0:7b:39:e0:37:e0:58:b0:f4:7a:
a2:54:d1:cd:ba:e8:ca:b0:09:65:05:b6:20:45:51:7c:f8:1c:
9d:97:69:8e:4b:ad:9f:f6:56:31:34:9d:74:1c:55:8c:ca:e0:
c0:ae:50:6e:72:94:51:a4:a0:b6:d7:37:e0:9d:bd:9a:ba:87:
9e:ed:f0:b5:ba:94:1d:17:21:ca:f5:53:e8:07:63:dc:c7:d6:
13:d2:b7:e7:33:ff:1c:26:88:b2:e4:e1:86:a6:c2:4c:b0:f8:
7b:8d:26:94:a2:a4:85:1d:d7:87:0b:ef:f2:15:97:96:51:fa:
41:ea:24:1f:b7:21:b8:35:2c:b4:47:cf:60:65:75:9f:9e:2b:
af:67:07:59:0c:3b:61:17:1d:f3:00:c0:45:41:aa:2c:4e:3f:
d3:58:8b:75:2e:6a:a1:eb:b0:73:dd:f4:ce:8a:35:93:54:c8:
8c:4d:29:91:e6:b0:fe:c4:94:12:56:d3:e9:03:65:d1:10:0d:
a5:a8:bc:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3v3iH4lttDakMDUFL26WKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjI4MTMxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkzZjQxZjU0OGI5OTRhM2U3YjMxOTRmMjc4MDUyMzRmZmQwZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6hSCyX03mbltrDmmFxCaXqJu9L0
1hPdYMo0iNFv5Rb6Q13KZXKiy7nb8VAlwXmT7SQ6YS6b5L+w1m9N5vb4FWprk4z8
5L7rOvyoTqGos8blmUn9DbfLAWuI2BjGJcRx/4Dr4msRY3NWh25ami2fOqpPJtLS
4VijCPHyvoG7Gwq2f9CIQ/l1m7EJzIXpBZDWBu15aFoH7WHeWq6GdTXEimEFgRDl
VHfuaHNCRJpjjCr1Vqu2g2Xm8PotlvFtAdbL9Mg1/Ixppv6KP52rfbUa3lZGPcLn
/WTvQRVnii8DU61LpyUrJuIgZDYhXOYg9HCGn8UKfwMcLG2v+JyFUcw6/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCT9B9Ui5lKPnsxlPJ4BSNP/Q6sMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc0pQMEgxU0xtVW8tZXpHVThuZ0ZJMF85RHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAxA
AwcEKg6XwA8wMA0GCSqGSIb3DQEBCwUAA4IBAQADXoqb+imMBFQODAjZjDzhuqwc
bY620+xGBbhdZqz2ZJi0eJ/haiX7kgKQ5PBcjbf6YIN+2nVGNCseuHqaatB7OeA3
4Fiw9HqiVNHNuujKsAllBbYgRVF8+Bydl2mOS62f9lYxNJ10HFWMyuDArlBucpRR
pKC21zfgnb2auoee7fC1upQdFyHK9VPoB2Pcx9YT0rfnM/8cJoiy5OGGpsJMsPh7
jSaUoqSFHdeHC+/yFZeWUfpB6iQftyG4NSy0R89gZXWfniuvZwdZDDthFx3zAMBF
QaosTj/TWIt1Lmqh67Bz3fTOijWTVMiMTSmR5rD+xJQSVtPpA2XREA2lqLyw
-----END CERTIFICATE-----
Generated at Fri Mar 1 23:06:58 2024 by rpki-client on console-ams.rpki-client.org