Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vC3yp77alDCnT5nEE2Z_EihROGE.roa
File: vC3yp77alDCnT5nEE2Z_EihROGE.roa (raw, json)
Hash identifier: p6zlOTown/PCSOTogEEHU8pe1fd7d277rDk+yTYfhvg=
Subject key identifier: BC:2D:F2:A7:BE:DA:94:30:A7:4F:99:C4:13:66:7F:12:28:51:38:61
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B82329B1CCC21988A4DC1C95194B68E04
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vC3yp77alDCnT5nEE2Z_EihROGE.roa
Signing time: Mon 30 Oct 2023 20:07:16 +0000
ROA not before: Mon 30 Oct 2023 20:07:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 2a0e:97c0:a80::/44 maxlen: 48
2a0e:97c0:300::/44 maxlen: 48
2a0e:97c0:650::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:32:9b:1c:cc:21:98:8a:4d:c1:c9:51:94:b6:8e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 30 20:07:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc2df2a7beda9430a74f99c413667f1228513861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4f:65:5c:82:eb:f2:1a:c7:4c:11:69:32:a3:
a9:6b:98:d9:5b:85:e3:ca:1e:49:49:72:5d:a3:9b:
0b:ad:64:57:55:db:d7:73:89:f2:2d:48:aa:1b:8d:
02:07:2d:ad:db:46:c6:42:0a:ef:d5:40:70:71:cf:
15:97:18:0d:14:80:22:c3:5c:99:ec:51:62:dd:61:
5b:5c:6e:1e:60:67:17:be:71:1e:f0:c7:32:a3:af:
8b:b4:36:e2:28:b7:e5:00:d6:f9:f1:95:1b:e2:de:
08:f2:b1:7a:fb:58:34:97:01:f4:ab:92:2a:a7:19:
78:1d:8c:58:6a:1a:e6:12:33:d5:45:e1:d0:e0:ae:
1b:ee:a1:91:27:4d:e6:b9:62:66:6a:93:29:7c:53:
1f:4d:11:28:43:e1:3e:ae:a7:ad:56:39:29:43:e9:
70:05:b6:4b:13:e8:a4:9c:27:72:be:a4:46:27:c5:
33:3b:98:b1:53:11:78:4b:46:7b:10:9c:17:a8:e6:
32:05:de:df:31:a7:50:d4:2f:1b:91:ca:6b:b6:1e:
c9:6a:f3:e2:b2:5f:59:e6:69:be:d4:df:06:16:e6:
95:13:32:64:23:6d:d5:b5:67:ad:7c:ba:e0:e5:59:
e8:4a:6a:b8:b4:4c:de:63:e0:85:08:12:41:7f:eb:
fa:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2D:F2:A7:BE:DA:94:30:A7:4F:99:C4:13:66:7F:12:28:51:38:61
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vC3yp77alDCnT5nEE2Z_EihROGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:650::/44
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
4b:1a:14:38:cd:b6:0c:ee:55:da:c3:da:68:a0:d4:62:6b:c9:
0d:04:48:9a:21:2d:9c:60:a9:a4:31:f4:5e:74:27:b3:35:00:
38:5b:56:66:b2:2e:6a:22:57:4d:78:85:e7:c1:df:d2:c4:d1:
03:d5:56:8d:df:59:43:9d:be:71:31:90:7f:58:ff:39:4b:c8:
8e:6a:d4:cd:ff:1a:3e:47:0a:9b:81:88:66:cb:e2:fe:19:b9:
0d:10:95:28:09:88:a3:1e:cb:db:cf:41:87:b8:73:82:c1:5a:
af:c8:a5:9b:f6:0a:a3:51:03:5b:74:2e:35:92:c3:82:38:fb:
a6:01:8f:6c:20:fa:89:19:f1:b1:a4:74:e8:9d:16:e3:cd:54:
e3:bf:cb:99:e5:36:2c:cc:5c:b2:39:f5:58:8c:90:57:1d:7f:
04:ce:ec:89:a5:0e:f0:d7:36:36:d4:43:e9:3e:ae:15:5f:ed:
d8:63:82:13:f3:2a:37:0e:21:6d:25:13:bb:7a:b3:66:1b:b9:
91:c3:8b:2e:cc:75:14:0b:87:3a:4a:1b:e0:86:fa:e8:65:c8:
27:47:9e:f9:f7:35:e9:35:a6:03:05:02:2a:d0:3d:ee:fe:59:
68:1b:d7:bb:f7:16:f4:92:c5:da:e9:16:c4:d5:53:34:73:44:
35:10:72:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuCMpsczCGYik3ByVGUto4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDMwMjAwNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzJkZjJhN2JlZGE5NDMwYTc0Zjk5YzQxMzY2N2YxMjI4NTEzODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv09lXILr8hrHTBFpMqOpa5jZW4Xj
yh5JSXJdo5sLrWRXVdvXc4nyLUiqG40CBy2t20bGQgrv1UBwcc8VlxgNFIAiw1yZ
7FFi3WFbXG4eYGcXvnEe8Mcyo6+LtDbiKLflANb58ZUb4t4I8rF6+1g0lwH0q5Iq
pxl4HYxYahrmEjPVReHQ4K4b7qGRJ03muWJmapMpfFMfTREoQ+E+rqetVjkpQ+lw
BbZLE+iknCdyvqRGJ8UzO5ixUxF4S0Z7EJwXqOYyBd7fMadQ1C8bkcprth7JavPi
sl9Z5mm+1N8GFuaVEzJkI23VtWetfLrg5VnoSmq4tEzeY+CFCBJBf+v6zwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLwt8qe+2pQwp0+ZxBNmfxIoUThhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdkMzeXA3N2FsRENuVDVuRUUyWl9FaWhST0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAMA
AwcEKg6XwAZQAwcEKg6XwAqAMA0GCSqGSIb3DQEBCwUAA4IBAQBLGhQ4zbYM7lXa
w9pooNRia8kNBEiaIS2cYKmkMfRedCezNQA4W1Zmsi5qIldNeIXnwd/SxNED1VaN
31lDnb5xMZB/WP85S8iOatTN/xo+RwqbgYhmy+L+GbkNEJUoCYijHsvbz0GHuHOC
wVqvyKWb9gqjUQNbdC41ksOCOPumAY9sIPqJGfGxpHTonRbjzVTjv8uZ5TYszFyy
OfVYjJBXHX8EzuyJpQ7w1zY21EPpPq4VX+3YY4IT8yo3DiFtJRO7erNmG7mRw4su
zHUUC4c6ShvghvroZcgnR5759zXpNaYDBQIq0D3u/lloG9e79xb0ksXa6RbE1VM0
c0Q1EHL/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org