Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uU3kTbuWnprkpqRL2oc3nzjlBq4.roa
File: uU3kTbuWnprkpqRL2oc3nzjlBq4.roa (raw, json)
Hash identifier: KKj/UdhMsTh5mad1DFtrzBrnkoimaE8Wd8e9G+F64W4=
Subject key identifier: B9:4D:E4:4D:BB:96:9E:9A:E4:A6:A4:4B:DA:87:37:9F:38:E5:06:AE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189EE1940130BCEA1C599E32FB0CF58E70E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uU3kTbuWnprkpqRL2oc3nzjlBq4.roa
Signing time: Sun 13 Aug 2023 08:52:59 +0000
ROA not before: Sun 13 Aug 2023 08:52:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34927
IP address blocks: 2a10:ccc3:ccca::/47 maxlen: 48
2a10:ccc3:ccc1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 Nov 2023 11:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ee:19:40:13:0b:ce:a1:c5:99:e3:2f:b0:cf:58:e7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 13 08:52:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b94de44dbb969e9ae4a6a44bda87379f38e506ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fc:ad:f0:64:07:bc:70:7e:e0:91:89:8c:8a:
71:91:07:23:f6:87:90:b2:89:f0:4e:f9:51:ab:aa:
17:af:8f:4d:4d:08:6f:b5:be:ba:ba:62:5b:79:a7:
3a:98:ae:d1:02:d8:86:91:8a:31:c5:8d:54:5c:f3:
d1:2e:9d:4b:77:bb:ba:20:b4:5f:dc:ca:23:7e:d8:
76:8d:49:10:7e:9f:0e:37:00:06:fc:ae:64:e3:9e:
08:b8:1a:4f:5b:f8:2c:e7:02:48:77:c0:cd:af:1d:
4a:07:fa:c8:6e:0f:fc:64:36:c3:43:f4:30:11:1b:
09:7b:18:de:87:e9:fd:7c:d0:a6:f2:4d:a1:61:86:
04:fc:58:c7:ae:5f:f9:1e:4b:a8:d6:f1:2f:6e:89:
1f:5a:54:91:60:d6:93:c8:6b:43:34:bc:5e:78:cf:
e4:43:13:6b:c7:64:5d:b8:3e:94:74:27:be:2b:ec:
ea:6b:44:cd:86:2e:cf:2a:70:00:83:ab:51:77:c5:
ca:c6:01:8d:24:8f:f1:85:70:31:ec:10:60:23:77:
78:3f:53:73:99:f1:f5:4a:41:1d:9e:76:13:a3:c0:
e6:2b:80:68:2b:69:d3:b2:c8:f2:22:17:b3:af:b3:
15:03:94:bd:72:6c:d0:29:94:8e:6a:bd:48:6c:6f:
7f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4D:E4:4D:BB:96:9E:9A:E4:A6:A4:4B:DA:87:37:9F:38:E5:06:AE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uU3kTbuWnprkpqRL2oc3nzjlBq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc1::/48
2a10:ccc3:ccca::/47
Signature Algorithm: sha256WithRSAEncryption
b5:8b:08:66:e0:20:53:bf:cf:24:7e:a2:e8:0f:e2:87:1e:bd:
41:70:a0:7b:c1:6a:b5:40:41:35:d1:68:b9:62:b3:58:8f:fa:
be:62:60:fa:7c:7a:4f:51:b9:ad:eb:cd:7f:46:3c:63:65:e4:
52:04:5a:bc:00:e5:82:7c:a3:ec:fb:29:d4:68:58:93:cb:c5:
c7:fb:52:92:d5:95:60:92:72:80:72:1d:0c:3b:2a:55:fe:4a:
3f:f8:33:27:6a:6b:90:be:f2:4e:df:6d:32:9c:4b:0e:40:20:
d1:ba:45:44:aa:08:e9:e2:81:50:99:75:be:a1:1f:3c:ca:86:
88:d8:a2:73:4a:a1:4d:ff:fa:9c:a7:e4:e4:df:f9:20:c1:49:
71:14:dd:d4:8f:93:e0:ea:cb:be:cf:6a:33:cd:51:0f:a4:65:
da:56:13:23:54:c7:99:de:8b:7a:c9:d4:df:80:70:2f:84:b6:
b6:de:13:89:2a:30:db:88:e7:9d:37:cb:a5:f6:a5:ee:48:c0:
90:e7:ac:b0:92:9b:17:b8:16:38:fa:cc:46:0f:f7:bf:86:a5:
d3:a9:bf:44:35:47:ea:4a:1a:fd:39:d6:dc:85:e2:fa:e8:fe:
71:d7:01:51:55:da:5a:95:95:e5:f2:38:23:10:f5:c4:af:5e:
ce:43:ed:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnuGUATC86hxZnjL7DPWOcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODEzMDg1MjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRkZTQ0ZGJiOTY5ZTlhZTRhNmE0NGJkYTg3Mzc5ZjM4ZTUwNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPyt8GQHvHB+4JGJjIpxkQcj9oeQ
sonwTvlRq6oXr49NTQhvtb66umJbeac6mK7RAtiGkYoxxY1UXPPRLp1Ld7u6ILRf
3Mojfth2jUkQfp8ONwAG/K5k454IuBpPW/gs5wJId8DNrx1KB/rIbg/8ZDbDQ/Qw
ERsJexjeh+n9fNCm8k2hYYYE/FjHrl/5Hkuo1vEvbokfWlSRYNaTyGtDNLxeeM/k
QxNrx2RduD6UdCe+K+zqa0TNhi7PKnAAg6tRd8XKxgGNJI/xhXAx7BBgI3d4P1Nz
mfH1SkEdnnYTo8DmK4BoK2nTssjyIhezr7MVA5S9cmzQKZSOar1IbG9/8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLlN5E27lp6a5KakS9qHN5845QauMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdVUza1RidVducHJrcHFSTDJvYzNuempsQnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhDMw8zB
AwcBKhDMw8zKMA0GCSqGSIb3DQEBCwUAA4IBAQC1iwhm4CBTv88kfqLoD+KHHr1B
cKB7wWq1QEE10Wi5YrNYj/q+YmD6fHpPUbmt681/RjxjZeRSBFq8AOWCfKPs+ynU
aFiTy8XH+1KS1ZVgknKAch0MOypV/ko/+DMnamuQvvJO320ynEsOQCDRukVEqgjp
4oFQmXW+oR88yoaI2KJzSqFN//qcp+Tk3/kgwUlxFN3Uj5Pg6su+z2ozzVEPpGXa
VhMjVMeZ3ot6ydTfgHAvhLa23hOJKjDbiOedN8ul9qXuSMCQ56ywkpsXuBY4+sxG
D/e/hqXTqb9ENUfqShr9OdbcheL66P5x1wFRVdpalZXl8jgjEPXEr17OQ+2Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:39 2024 by rpki-client on console-fra.rpki-client.org