Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w1BGc1UxUyUKhfqt5MsGAl-rPvI.roa
File: w1BGc1UxUyUKhfqt5MsGAl-rPvI.roa (raw, json)
Hash identifier: 5+iwh6oP62nahIu6tUm2HICeiqShOTMvZpBmUipAi64=
Subject key identifier: C3:50:46:73:55:31:53:25:0A:85:FA:AD:E4:CB:06:02:5F:AB:3E:F2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7D5204483473229CFF3531573DB47
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w1BGc1UxUyUKhfqt5MsGAl-rPvI.roa
Signing time: Mon 02 Jan 2023 05:15:19 +0000
ROA not before: Mon 02 Jan 2023 05:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208679
IP address blocks: 2a0e:b107:178d::/48 maxlen: 48
2a0e:b107:178f::/48 maxlen: 48
2a0e:b107:178c::/48 maxlen: 48
2a0e:b107:178e::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:d5:20:44:83:47:32:29:cf:f3:53:15:73:db:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3504673553153250a85faade4cb06025fab3ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d8:15:9c:e2:25:46:b3:42:90:62:43:f9:5a:
21:7b:0a:a7:d2:39:49:45:cb:6d:08:8c:b8:b9:18:
cd:ba:9f:70:78:20:07:f8:c4:7c:c9:d7:cc:ae:a5:
aa:58:94:cb:fc:1c:c9:64:ec:f6:81:20:dd:d0:f4:
c3:ae:19:af:ba:ba:73:13:bc:bc:33:59:16:6d:ca:
79:33:09:07:a1:75:c1:44:48:d3:bc:40:51:c1:9f:
a7:e8:5b:3e:77:4a:1b:b4:79:d8:fc:15:c2:09:fa:
f1:83:be:bb:e4:c4:e0:0c:2a:e0:61:f2:e3:1c:71:
1d:22:b6:e6:36:42:86:76:84:28:67:0e:08:84:77:
d7:b4:1d:09:0b:93:e8:96:54:29:41:14:c3:71:1e:
eb:71:9a:5a:42:12:97:15:24:3e:8c:33:4d:90:d8:
44:93:de:bc:a2:2a:ee:80:b4:bc:41:8d:c2:35:91:
3a:a1:b1:83:42:7a:38:d6:0c:5d:43:2c:1f:b1:07:
21:88:09:db:83:d1:80:b3:47:8e:b4:95:9f:61:37:
a4:b4:47:ba:ac:33:29:6a:72:ac:ca:fb:db:62:a5:
e7:01:5f:45:e4:93:8a:8e:67:06:36:87:c7:a6:c6:
7a:ab:2b:27:e9:0e:2f:d8:a3:e8:50:c7:1f:18:af:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:50:46:73:55:31:53:25:0A:85:FA:AD:E4:CB:06:02:5F:AB:3E:F2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/w1BGc1UxUyUKhfqt5MsGAl-rPvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:178c::/46
Signature Algorithm: sha256WithRSAEncryption
84:91:ff:57:cd:6a:2c:1f:1d:72:1f:a6:d4:d3:61:52:51:c1:
76:12:b9:0d:00:15:b8:68:53:a1:8f:3b:d6:37:8e:33:1e:24:
d7:94:c2:8a:9d:26:f1:90:18:44:0b:de:81:63:fc:9a:08:0a:
eb:c5:41:b6:e7:d4:d0:c7:6b:c3:c1:ad:3f:75:ef:58:15:23:
f1:05:69:80:d2:a3:67:d1:37:98:e3:f5:34:b0:14:60:c9:8d:
ae:ea:56:36:e7:4c:04:f0:5e:4f:28:42:d7:bf:c7:b5:f4:36:
ea:7f:ab:03:55:15:79:21:c5:f3:6a:37:c9:78:06:97:bc:81:
11:51:85:4c:e0:bc:cc:94:c7:1d:54:fc:45:28:ca:70:84:b3:
1b:80:1b:74:43:5e:fa:46:fc:97:32:54:02:e3:49:31:ed:94:
e9:97:74:5b:89:8b:fd:c1:ca:a7:a4:e0:56:2b:7b:16:f9:04:
ae:ec:d2:aa:d8:87:21:f7:78:86:97:67:d5:d1:7e:1e:9c:fb:
88:06:53:05:cd:77:d2:7c:bd:54:fb:7e:21:1e:bc:87:10:b4:
c3:2d:3b:db:43:f2:16:c9:87:03:2a:ab:40:8e:5c:4d:22:1c:
eb:32:47:3c:51:6c:d0:c1:6e:be:40:b1:a8:39:0b:fe:f9:09:
79:69:a4:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw59UgRINHMinP81MVc9tHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzUwNDY3MzU1MzE1MzI1MGE4NWZhYWRlNGNiMDYwMjVmYWIzZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dgVnOIlRrNCkGJD+Vohewqn0jlJ
RcttCIy4uRjNup9weCAH+MR8ydfMrqWqWJTL/BzJZOz2gSDd0PTDrhmvurpzE7y8
M1kWbcp5MwkHoXXBREjTvEBRwZ+n6Fs+d0obtHnY/BXCCfrxg7675MTgDCrgYfLj
HHEdIrbmNkKGdoQoZw4IhHfXtB0JC5PollQpQRTDcR7rcZpaQhKXFSQ+jDNNkNhE
k968oirugLS8QY3CNZE6obGDQno41gxdQywfsQchiAnbg9GAs0eOtJWfYTektEe6
rDMpanKsyvvbYqXnAV9F5JOKjmcGNofHpsZ6qysn6Q4v2KPoUMcfGK+QowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMNQRnNVMVMlCoX6reTLBgJfqz7yMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdzFCR2MxVXhVeVVLaGZxdDVNc0dBbC1yUHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBxeM
MA0GCSqGSIb3DQEBCwUAA4IBAQCEkf9XzWosHx1yH6bU02FSUcF2ErkNABW4aFOh
jzvWN44zHiTXlMKKnSbxkBhEC96BY/yaCArrxUG259TQx2vDwa0/de9YFSPxBWmA
0qNn0TeY4/U0sBRgyY2u6lY250wE8F5PKELXv8e19Dbqf6sDVRV5IcXzajfJeAaX
vIERUYVM4LzMlMcdVPxFKMpwhLMbgBt0Q176RvyXMlQC40kx7ZTpl3RbiYv9wcqn
pOBWK3sW+QSu7NKq2Ich93iGl2fV0X4enPuIBlMFzXfSfL1U+34hHryHELTDLTvb
Q/IWyYcDKqtAjlxNIhzrMkc8UWzQwW6+QLGoOQv++Ql5aaSH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org