Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1A4XZgR8NbdqLAPLB-ByUX4n3Y.roa
File: t1A4XZgR8NbdqLAPLB-ByUX4n3Y.roa (raw, json)
Hash identifier: 6xlkfa/VSGZbCp1MfSnBmFtGDdGHlNWuCyDyRtmpBgk=
Subject key identifier: B7:50:38:5D:98:11:F0:D6:DD:A8:B0:0F:2C:1F:81:C9:45:F8:9F:76
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD27326CFE9917C7EC3D0230CA1B52
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1A4XZgR8NbdqLAPLB-ByUX4n3Y.roa
Signing time: Tue 02 Jan 2024 10:34:25 +0000
ROA not before: Tue 02 Jan 2024 10:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210659
IP address blocks: 2a0e:97c0:560::/44 maxlen: 48
2a10:cc40:130::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 31 Aug 2024 22:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:27:32:6c:fe:99:17:c7:ec:3d:02:30:ca:1b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b750385d9811f0d6dda8b00f2c1f81c945f89f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:60:80:41:2d:11:59:04:c7:5b:00:4f:db:
d3:bc:bc:ab:e9:ac:55:5b:6f:68:c9:d9:c5:c2:f1:
ca:c0:b0:d9:fd:98:07:b3:fc:87:fc:20:8f:2e:f0:
15:16:38:95:93:22:57:7e:9f:e1:d7:a2:7b:8d:97:
66:b6:60:95:8d:75:5b:5e:00:2a:f7:5d:6d:28:0b:
42:d7:b7:68:58:66:a1:03:58:2a:ba:74:be:13:ba:
0c:c8:cd:55:2c:20:de:b7:47:fe:6a:20:85:fa:28:
78:84:5c:01:eb:db:75:88:41:3f:d4:06:df:39:a8:
ad:9b:33:72:40:eb:07:15:f3:51:9e:49:5b:86:1f:
e7:45:e7:05:56:12:07:d2:db:b6:b3:ab:bd:f2:35:
2a:99:12:24:0d:58:9e:80:75:07:0b:c7:e4:52:41:
ca:80:d0:58:25:0e:01:26:6a:e6:b4:dd:ac:9c:9c:
3b:30:6e:2b:67:ad:7f:b6:9d:51:53:fd:39:3e:b3:
f0:65:3a:04:95:76:85:4e:09:c3:77:af:aa:b7:7c:
18:a2:64:59:c3:39:b9:17:de:31:5b:5f:ff:fb:a2:
43:65:4b:5f:cd:80:5e:17:32:6e:3b:77:3a:ab:46:
5c:2d:3a:36:d4:a0:33:9d:41:80:5a:ff:12:72:a1:
65:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:50:38:5D:98:11:F0:D6:DD:A8:B0:0F:2C:1F:81:C9:45:F8:9F:76
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t1A4XZgR8NbdqLAPLB-ByUX4n3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:560::/44
2a10:cc40:130::/44
Signature Algorithm: sha256WithRSAEncryption
af:04:7f:9f:16:3e:bd:99:ac:a8:c1:f8:d2:79:cc:14:a2:2e:
76:25:8d:14:51:2e:17:da:dc:49:89:4c:53:ff:7c:50:4b:50:
e1:06:73:74:83:c7:8f:b1:85:65:78:bc:95:47:d5:22:2e:2e:
eb:01:04:d0:a5:95:b2:90:51:8a:18:43:3d:ac:a6:c6:24:a8:
2f:ae:69:20:d5:1d:aa:62:a4:04:17:b0:fa:0b:d1:61:47:2e:
ab:37:a7:8f:84:30:be:8e:2b:1b:63:40:14:bb:bd:68:c1:f0:
bd:ae:cc:4a:a9:da:ea:33:fc:40:bb:78:3d:bd:ca:fa:5d:f6:
7e:c1:5d:7e:7a:70:8b:6a:b2:35:fb:09:95:9d:4b:00:dc:13:
55:e1:9c:7b:2d:64:04:b9:27:d9:57:a8:f2:36:0b:60:50:d0:
2a:e4:34:a0:9a:74:53:51:8f:c7:32:74:e2:d0:2f:d1:3c:ef:
95:27:87:5b:29:1b:8f:ba:31:00:af:f6:ad:be:9c:31:70:fc:
8c:66:d9:a8:77:32:82:91:f7:de:14:ba:a7:0d:cd:43:31:3a:
47:bb:0b:e8:fa:90:12:3f:9e:0c:fc:ae:7e:c8:4d:c9:ec:91:
53:f9:0c:59:df:8c:d6:5b:b3:b9:f7:47:5f:c6:a1:e0:5c:f7:
40:dc:30:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvScybP6ZF8fsPQIwyhtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzUwMzg1ZDk4MTFmMGQ2ZGRhOGIwMGYyYzFmODFjOTQ1Zjg5Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicFggEEtEVkEx1sAT9vTvLyr6axV
W29oydnFwvHKwLDZ/ZgHs/yH/CCPLvAVFjiVkyJXfp/h16J7jZdmtmCVjXVbXgAq
911tKAtC17doWGahA1gqunS+E7oMyM1VLCDet0f+aiCF+ih4hFwB69t1iEE/1Abf
OaitmzNyQOsHFfNRnklbhh/nRecFVhIH0tu2s6u98jUqmRIkDViegHUHC8fkUkHK
gNBYJQ4BJmrmtN2snJw7MG4rZ61/tp1RU/05PrPwZToElXaFTgnDd6+qt3wYomRZ
wzm5F94xW1//+6JDZUtfzYBeFzJuO3c6q0ZcLTo21KAznUGAWv8ScqFldQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLdQOF2YEfDW3aiwDywfgclF+J92MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdDFBNFhaZ1I4TmJkcUxBUExCLUJ5VVg0bjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAVg
AwcEKhDMQAEwMA0GCSqGSIb3DQEBCwUAA4IBAQCvBH+fFj69mayowfjSecwUoi52
JY0UUS4X2txJiUxT/3xQS1DhBnN0g8ePsYVleLyVR9UiLi7rAQTQpZWykFGKGEM9
rKbGJKgvrmkg1R2qYqQEF7D6C9FhRy6rN6ePhDC+jisbY0AUu71owfC9rsxKqdrq
M/xAu3g9vcr6XfZ+wV1+enCLarI1+wmVnUsA3BNV4Zx7LWQEuSfZV6jyNgtgUNAq
5DSgmnRTUY/HMnTi0C/RPO+VJ4dbKRuPujEAr/atvpwxcPyMZtmodzKCkffeFLqn
Dc1DMTpHuwvo+pASP54M/K5+yE3J7JFT+QxZ34zWW7O590dfxqHgXPdA3DB+
-----END CERTIFICATE-----
Generated at Sat Aug 31 23:31:07 2024 by rpki-client on console-fra.rpki-client.org