Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoeEa-i9ntJ7qpX0g7Xkc1e5t_k.roa
File: uoeEa-i9ntJ7qpX0g7Xkc1e5t_k.roa (raw, json)
Hash identifier: AHiytumd7ifnJFG5jAKlpnvh2pdzxwXhGUexS61cXiU=
Subject key identifier: BA:87:84:6B:E8:BD:9E:D2:7B:AA:95:F4:83:B5:E4:73:57:B9:B7:F9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E821DBDC6A49F754125214474CCB48
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoeEa-i9ntJ7qpX0g7Xkc1e5t_k.roa
Signing time: Mon 02 Jan 2023 05:15:39 +0000
ROA not before: Mon 02 Jan 2023 05:15:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212995
IP address blocks: 2a10:2f01:2a0::/44 maxlen: 48
2a10:cc44:180::/44 maxlen: 48
2a0e:b107:b80::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:21:db:dc:6a:49:f7:54:12:52:14:47:4c:cb:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba87846be8bd9ed27baa95f483b5e47357b9b7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c8:bc:24:37:f4:47:de:55:87:0a:b6:8c:32:
a2:35:c0:3c:cd:3d:43:a0:8f:3a:5d:20:d0:9e:d6:
da:3f:ea:fe:e6:cd:6c:75:93:9a:38:f5:06:7f:35:
c5:f2:81:7d:87:08:96:d1:b7:11:bb:e5:b9:32:b4:
aa:8c:53:3d:0c:1d:da:fe:fe:f6:ec:fc:72:1e:9a:
36:57:07:d7:67:56:a4:19:f2:69:e8:e1:85:84:0e:
00:40:a8:05:34:9d:27:dd:45:4c:4b:77:25:84:56:
c2:35:84:d9:f7:73:c6:b1:30:df:3f:bb:0b:c7:b8:
fe:68:33:6f:cb:c3:a7:e4:8a:81:c3:44:f5:ae:a6:
b7:7d:43:b0:53:09:3e:6d:fe:74:56:cf:af:bc:44:
a4:aa:4c:40:04:68:f6:a1:a7:47:6f:d2:96:f2:01:
04:e7:19:74:c4:97:78:dc:cb:39:8f:5b:ed:b8:a5:
b1:a0:dc:b3:ad:20:2d:cd:d3:78:18:3b:9c:7a:e9:
22:34:83:3e:a1:0b:41:58:85:85:9e:e0:40:cc:34:
82:ee:50:3f:58:54:68:73:a2:6b:3a:57:2d:05:46:
23:1c:08:f0:67:f3:ac:02:3a:b1:2f:2f:ea:f4:22:
7a:c5:b1:2c:57:16:4d:95:e1:5a:58:b4:48:e7:70:
ed:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:87:84:6B:E8:BD:9E:D2:7B:AA:95:F4:83:B5:E4:73:57:B9:B7:F9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uoeEa-i9ntJ7qpX0g7Xkc1e5t_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:b80::/44
2a10:2f01:2a0::/44
2a10:cc44:180::/44
Signature Algorithm: sha256WithRSAEncryption
81:c3:43:c8:a9:6f:93:2e:33:b7:4b:dd:c1:9d:b8:b8:ff:61:
71:df:62:09:03:06:7a:1b:6d:31:75:7f:06:9e:d7:89:4b:f5:
a6:93:2d:7b:f5:25:4b:b8:8d:eb:9c:fc:d6:7b:e4:2d:5d:4f:
d2:dc:fe:1b:eb:c7:fb:e9:ca:a9:1a:c3:9a:b5:46:7f:f6:b2:
f4:23:90:43:c6:55:d8:b4:5c:2d:c1:4e:89:18:25:4f:9d:c5:
4a:ff:35:08:c5:b7:55:46:db:6d:db:94:5c:66:71:b7:3a:77:
3b:f7:9e:93:40:65:bd:7f:9b:be:6f:b1:53:f3:fc:52:2c:cb:
42:16:18:d3:63:5f:d5:4d:82:6c:1c:04:5e:48:f1:51:3c:34:
45:74:a9:3c:fe:39:b6:26:8b:d9:02:dc:49:aa:1a:de:40:f8:
e6:60:59:3a:33:84:76:b7:b3:19:12:90:92:15:b1:f5:4e:78:
46:2e:26:fa:0a:fc:90:55:98:60:82:df:a8:72:03:16:6b:6b:
b6:b8:92:d9:30:91:53:ed:3e:6c:37:52:db:ba:ff:65:00:12:
5e:a3:55:3b:f0:e5:2e:76:37:f4:69:bb:5c:56:e6:8f:e9:14:
5a:f0:a8:77:e0:e6:fc:15:fa:64:2a:8c:13:1f:1a:46:45:32:
f7:fd:f3:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw6CHb3GpJ91QSUhRHTMtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg3ODQ2YmU4YmQ5ZWQyN2JhYTk1ZjQ4M2I1ZTQ3MzU3YjliN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1si8JDf0R95Vhwq2jDKiNcA8zT1D
oI86XSDQntbaP+r+5s1sdZOaOPUGfzXF8oF9hwiW0bcRu+W5MrSqjFM9DB3a/v72
7PxyHpo2VwfXZ1akGfJp6OGFhA4AQKgFNJ0n3UVMS3clhFbCNYTZ93PGsTDfP7sL
x7j+aDNvy8On5IqBw0T1rqa3fUOwUwk+bf50Vs+vvESkqkxABGj2oadHb9KW8gEE
5xl0xJd43Ms5j1vtuKWxoNyzrSAtzdN4GDuceukiNIM+oQtBWIWFnuBAzDSC7lA/
WFRoc6JrOlctBUYjHAjwZ/OsAjqxLy/q9CJ6xbEsVxZNleFaWLRI53DtvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLqHhGvovZ7Se6qV9IO15HNXubf5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdW9lRWEtaTludEo3cXBYMGc3WGtjMWU1dF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBwuA
AwcEKhAvAQKgAwcEKhDMRAGAMA0GCSqGSIb3DQEBCwUAA4IBAQCBw0PIqW+TLjO3
S93Bnbi4/2Fx32IJAwZ6G20xdX8GnteJS/Wmky179SVLuI3rnPzWe+QtXU/S3P4b
68f76cqpGsOatUZ/9rL0I5BDxlXYtFwtwU6JGCVPncVK/zUIxbdVRttt25RcZnG3
Onc7956TQGW9f5u+b7FT8/xSLMtCFhjTY1/VTYJsHAReSPFRPDRFdKk8/jm2JovZ
AtxJqhreQPjmYFk6M4R2t7MZEpCSFbH1TnhGLib6CvyQVZhggt+ocgMWa2u2uJLZ
MJFT7T5sN1Lbuv9lABJeo1U78OUudjf0abtcVuaP6RRa8Kh34Ob8FfpkKowTHxpG
RTL3/fNd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org