Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u3GsmA2UDQE-KjEVtxpyVw-D3PA.roa
File: u3GsmA2UDQE-KjEVtxpyVw-D3PA.roa (raw, json)
Hash identifier: JBo1ss8Q7KFRtLCGghIfUBDK/k5aBX7GUrB6eOvEI9Q=
Subject key identifier: BB:71:AC:98:0D:94:0D:01:3E:2A:31:15:B7:1A:72:57:0F:83:DC:F0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ABF101BD5CFA6FF38452E3748C82F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u3GsmA2UDQE-KjEVtxpyVw-D3PA.roa
Signing time: Tue 24 Jan 2023 16:09:36 +0000
ROA not before: Tue 24 Jan 2023 16:09:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56758
IP address blocks: 2a0e:97c0:660::/44 maxlen: 48
2a0e:b107:17a0::/44 maxlen: 48
2a10:cc40:b000::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:bf:10:1b:d5:cf:a6:ff:38:45:2e:37:48:c8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb71ac980d940d013e2a3115b71a72570f83dcf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:94:db:00:19:48:99:f1:fd:fb:e6:f0:77:67:
2c:e4:33:00:f5:0c:3e:47:c3:5e:01:03:42:2d:c9:
d8:ff:f5:5d:47:d4:43:69:96:b8:83:b8:f1:cf:b7:
96:d6:37:ed:d6:27:55:59:60:0a:fa:09:cd:23:7f:
03:55:fb:af:f2:96:2d:86:85:ce:29:db:ec:74:8c:
6b:0f:ba:6a:04:fa:a2:72:cf:b7:9d:1a:88:b4:b9:
63:fc:b7:6d:4b:e2:33:e3:30:61:c9:f3:05:c3:0b:
74:9d:82:44:6d:de:87:4f:5c:be:bb:95:7c:32:f6:
36:06:f0:17:29:ca:bc:44:3d:fb:d0:ca:09:5a:65:
99:d3:20:06:d5:a7:1c:7d:1b:d0:1e:ad:b2:30:e7:
48:a4:92:a9:25:33:bf:83:dd:c5:0e:a8:80:6c:e5:
29:e4:24:ff:51:88:b7:b6:2a:af:c3:57:37:49:77:
5d:6e:a1:cb:a7:3f:71:01:16:26:38:1a:f6:ea:84:
5d:de:c4:7d:7b:4c:03:4d:3e:bb:5f:36:fc:e2:34:
66:ac:a7:50:03:a2:55:d2:8f:08:ca:25:c7:11:c3:
03:7d:82:46:17:a1:ec:18:65:1a:41:c2:42:23:f3:
05:2a:7d:7e:6c:7b:0a:62:e4:5a:d5:75:79:6e:bc:
5d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:71:AC:98:0D:94:0D:01:3E:2A:31:15:B7:1A:72:57:0F:83:DC:F0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u3GsmA2UDQE-KjEVtxpyVw-D3PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:660::/44
2a0e:b107:17a0::/44
2a10:cc40:b000::/44
Signature Algorithm: sha256WithRSAEncryption
b8:e5:65:96:f6:b7:23:33:8b:2b:ba:ac:a2:25:cb:0e:ae:c5:
a3:79:1c:36:b4:01:f9:74:df:cc:86:c0:d1:6e:8f:fe:ef:24:
ec:a0:cd:85:ef:4d:07:c5:03:3b:5d:b9:1a:52:65:f7:01:15:
7a:24:c0:9f:59:22:44:16:d4:52:d2:cd:c4:05:b9:68:35:7d:
1f:12:89:6d:f1:63:a1:ec:0e:b8:82:4d:3c:96:9e:cc:3f:ee:
b3:05:94:cf:bc:3e:37:55:5f:08:53:72:05:c0:71:f0:57:7d:
bf:60:5f:63:91:79:77:65:6d:bb:36:c0:46:ab:10:63:3a:fd:
64:d6:fe:4a:73:ee:0f:2b:b2:58:d7:7f:ae:11:05:24:b8:d4:
73:c3:03:5b:f9:54:64:40:e5:2f:a3:fe:6a:60:78:d6:59:3c:
fa:ce:87:0d:57:d9:a0:5a:97:49:9f:f7:0e:e4:29:bd:9f:8e:
da:ae:f0:c4:f8:81:e7:d9:ea:ab:46:bc:db:f2:d6:ee:e5:1d:
ad:5b:bd:5f:45:fb:49:62:4c:49:de:e5:fb:a1:f3:70:0d:a6:
90:a7:3e:cf:b3:96:83:7e:f5:f5:c4:e2:9a:b0:87:ab:d6:75:
3c:84:b9:94:26:1c:1d:dd:42:37:80:bb:be:b4:80:38:f3:bf:
66:83:88:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXkir8QG9XPpv84RS43SMgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjcxYWM5ODBkOTQwZDAxM2UyYTMxMTViNzFhNzI1NzBmODNkY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJTbABlImfH9++bwd2cs5DMA9Qw+
R8NeAQNCLcnY//VdR9RDaZa4g7jxz7eW1jft1idVWWAK+gnNI38DVfuv8pYthoXO
KdvsdIxrD7pqBPqics+3nRqItLlj/LdtS+Iz4zBhyfMFwwt0nYJEbd6HT1y+u5V8
MvY2BvAXKcq8RD370MoJWmWZ0yAG1accfRvQHq2yMOdIpJKpJTO/g93FDqiAbOUp
5CT/UYi3tiqvw1c3SXddbqHLpz9xARYmOBr26oRd3sR9e0wDTT67Xzb84jRmrKdQ
A6JV0o8IyiXHEcMDfYJGF6HsGGUaQcJCI/MFKn1+bHsKYuRa1XV5brxdMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLtxrJgNlA0BPioxFbcaclcPg9zwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdTNHc21BMlVEUUUtS2pFVnR4cHlWdy1EM1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAZg
AwcEKg6xBxegAwcEKhDMQLAAMA0GCSqGSIb3DQEBCwUAA4IBAQC45WWW9rcjM4sr
uqyiJcsOrsWjeRw2tAH5dN/MhsDRbo/+7yTsoM2F700HxQM7XbkaUmX3ARV6JMCf
WSJEFtRS0s3EBbloNX0fEolt8WOh7A64gk08lp7MP+6zBZTPvD43VV8IU3IFwHHw
V32/YF9jkXl3ZW27NsBGqxBjOv1k1v5Kc+4PK7JY13+uEQUkuNRzwwNb+VRkQOUv
o/5qYHjWWTz6zocNV9mgWpdJn/cO5Cm9n47arvDE+IHn2eqrRrzb8tbu5R2tW71f
RftJYkxJ3uX7ofNwDaaQpz7Ps5aDfvX1xOKasIer1nU8hLmUJhwd3UI3gLu+tIA4
879mg4hc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org