Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tiwoB7rQvRcqjAfEORXQOTgMiLg.roa
File: tiwoB7rQvRcqjAfEORXQOTgMiLg.roa (raw, json)
Hash identifier: l6Rls+esRm+Ba3kKxi6QWuGMv3P8L8MlPDHDRwAknv8=
Subject key identifier: B6:2C:28:07:BA:D0:BD:17:2A:8C:07:C4:39:15:D0:39:38:0C:88:B8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0192FE7D102652DCF362091B6F798149D349
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tiwoB7rQvRcqjAfEORXQOTgMiLg.roa
Signing time: Tue 05 Nov 2024 22:41:01 +0000
ROA not before: Tue 05 Nov 2024 22:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214430
IP address blocks: 2a06:de02:20::/44 maxlen: 48
2a10:2f00:12c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Nov 2024 02:54:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fe:7d:10:26:52:dc:f3:62:09:1b:6f:79:81:49:d3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 5 22:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b62c2807bad0bd172a8c07c43915d039380c88b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:f1:e7:39:c6:cb:f9:b8:cb:f4:c7:95:e1:
bd:a0:7f:27:ab:a1:b0:df:6e:cd:58:76:08:8e:8a:
11:8e:28:2f:98:b1:86:bb:0a:da:75:b5:fe:5a:39:
98:23:48:a9:52:a6:33:7f:fa:b5:88:ef:7f:3b:38:
5f:57:fa:34:c5:96:27:e4:4e:41:d7:ce:d2:19:db:
0b:3f:ff:36:17:ff:22:9c:7c:e8:66:ec:eb:07:ad:
9a:ea:b1:cc:76:49:d3:b3:78:1b:fe:d5:7d:c1:7e:
96:e1:c0:a7:07:57:3d:6e:85:99:e0:53:1a:8a:fe:
d1:a2:99:fb:8f:97:ad:8d:64:3e:4d:b6:96:b1:91:
bf:1c:f1:bd:e5:96:5d:8c:8d:42:a3:f1:c7:e7:c9:
89:eb:a5:22:0b:d3:5b:fc:58:e4:f7:c5:7c:e6:ce:
2b:e2:69:33:85:3d:93:50:a7:5f:4d:17:0e:ea:ab:
4e:aa:7c:c5:b2:8c:dd:7c:d1:52:07:25:83:d8:05:
27:34:17:e4:71:9a:d3:b6:af:97:25:17:c7:4c:d7:
d2:67:9a:eb:ae:8a:23:c5:a3:e8:98:41:32:04:8d:
e4:2f:cc:d1:37:6e:e1:18:87:ac:bf:90:5d:f6:7b:
57:a4:0d:43:b1:e3:08:f7:a6:20:f2:22:e4:9e:ad:
48:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2C:28:07:BA:D0:BD:17:2A:8C:07:C4:39:15:D0:39:38:0C:88:B8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/tiwoB7rQvRcqjAfEORXQOTgMiLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:20::/44
2a10:2f00:12c::/48
Signature Algorithm: sha256WithRSAEncryption
3b:41:5e:78:0e:07:8c:fb:9b:67:22:7b:24:e4:94:d9:af:e9:
fc:f8:14:02:61:cf:5e:2d:1a:3d:c0:9e:94:a2:91:d2:2f:48:
5e:8a:bb:b1:25:04:6e:5f:38:a3:cf:d8:c7:9b:9e:0f:75:90:
9f:e2:a2:32:9b:e7:5a:89:11:7d:67:55:ce:a9:6b:cc:a2:3f:
0d:f1:83:20:68:16:2b:e7:bb:1f:54:50:85:2d:bb:a3:20:e6:
91:ba:76:20:57:6c:70:d5:b1:9d:c6:df:aa:c8:05:6b:b9:d4:
cb:52:9c:1b:5c:c6:70:e7:d7:c4:6e:53:8b:0d:f4:52:64:f8:
68:4f:0e:ec:b8:b0:e9:4a:e8:ee:20:7a:2b:cf:46:fe:1d:c7:
55:72:97:ef:7c:af:c1:a6:a6:c6:84:0a:a7:ee:d3:65:4d:54:
25:b7:82:05:58:bc:ab:63:4c:68:11:92:21:31:3b:a1:bb:28:
99:5a:3e:57:dc:0c:9c:a1:a9:7c:48:d8:a1:cb:17:8d:28:63:
d2:7a:65:4d:1a:1c:63:82:02:85:17:ca:bd:a4:d1:03:e3:ce:
f1:33:9d:07:b8:c2:23:f0:6d:ae:60:f9:c6:75:b8:07:a7:f9:
db:75:c1:4a:8c:9b:a6:e4:c7:51:19:c6:39:5b:2a:88:1f:52:
64:1b:19:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZL+fRAmUtzzYgkbb3mBSdNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTA1MjI0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjJjMjgwN2JhZDBiZDE3MmE4YzA3YzQzOTE1ZDAzOTM4MGM4OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukXx5znGy/m4y/THleG9oH8nq6Gw
327NWHYIjooRjigvmLGGuwradbX+WjmYI0ipUqYzf/q1iO9/OzhfV/o0xZYn5E5B
187SGdsLP/82F/8inHzoZuzrB62a6rHMdknTs3gb/tV9wX6W4cCnB1c9boWZ4FMa
iv7Ropn7j5etjWQ+TbaWsZG/HPG95ZZdjI1Co/HH58mJ66UiC9Nb/Fjk98V85s4r
4mkzhT2TUKdfTRcO6qtOqnzFsozdfNFSByWD2AUnNBfkcZrTtq+XJRfHTNfSZ5rr
roojxaPomEEyBI3kL8zRN27hGIesv5Bd9ntXpA1DseMI96Yg8iLknq1IKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYsKAe60L0XKowHxDkV0Dk4DIi4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdGl3b0I3clF2UmNxakFmRU9SWFFPVGdNaUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAgAg
AwcAKhAvAAEsMA0GCSqGSIb3DQEBCwUAA4IBAQA7QV54DgeM+5tnInsk5JTZr+n8
+BQCYc9eLRo9wJ6UopHSL0heiruxJQRuXzijz9jHm54PdZCf4qIym+daiRF9Z1XO
qWvMoj8N8YMgaBYr57sfVFCFLbujIOaRunYgV2xw1bGdxt+qyAVrudTLUpwbXMZw
59fEblOLDfRSZPhoTw7suLDpSujuIHorz0b+HcdVcpfvfK/BpqbGhAqn7tNlTVQl
t4IFWLyrY0xoEZIhMTuhuyiZWj5X3Aycoal8SNihyxeNKGPSemVNGhxjggKFF8q9
pNED487xM50HuMIj8G2uYPnGdbgHp/nbdcFKjJum5MdRGcY5WyqIH1JkGxkW
-----END CERTIFICATE-----
Generated at Wed Nov 6 06:16:59 2024 by rpki-client on console-ams.rpki-client.org