Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x40CMHVMP9edn9Pr5BSdENyZJ0w.roa
File: x40CMHVMP9edn9Pr5BSdENyZJ0w.roa (raw, json)
Hash identifier: 2LTYKayQGFaWzPB/bbpY8+StL33FYtcG3jPDIcODCfs=
Subject key identifier: C7:8D:02:30:75:4C:3F:D7:9D:9F:D3:EB:E4:14:9D:10:DC:99:27:4C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187CB4530C4021D4AD802985D7F9B959635
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x40CMHVMP9edn9Pr5BSdENyZJ0w.roa
Signing time: Sat 29 Apr 2023 04:28:42 +0000
ROA not before: Sat 29 Apr 2023 04:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198924
IP address blocks: 2a0e:b107:2190::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 May 2023 02:21:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cb:45:30:c4:02:1d:4a:d8:02:98:5d:7f:9b:95:96:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 29 04:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c78d0230754c3fd79d9fd3ebe4149d10dc99274c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:66:4b:0c:b8:30:40:92:76:07:c7:2f:13:41:
d0:9b:f8:8f:c7:f6:0b:6a:84:4a:12:8e:08:69:d7:
2b:07:64:31:fd:02:a8:03:9b:26:6f:06:c6:af:ca:
8c:7f:f2:36:b6:f8:e7:70:db:a2:8e:f5:d9:42:b8:
b4:c6:10:6e:9a:f1:9c:1c:cc:60:4f:3e:e3:2b:fb:
30:7c:e7:de:92:db:e2:b5:71:33:4c:ec:e0:57:69:
f1:83:d5:9f:ec:8e:41:fb:2e:5e:00:f3:4b:ba:df:
9f:64:46:04:e1:b3:59:1b:8b:c4:78:e2:c8:8d:43:
e8:d1:f5:4e:5e:ab:c4:94:55:86:ac:52:4d:d1:ac:
29:8f:dc:67:d5:0a:28:f3:a2:14:a8:cb:28:ae:a8:
4c:59:ad:6e:28:33:3d:f7:12:80:4a:04:c7:06:10:
c0:46:20:80:05:2d:53:eb:0e:f4:6b:ba:94:79:49:
59:bb:2c:4c:f2:00:01:79:b0:70:73:9e:42:90:b2:
79:95:4c:50:b1:47:ed:45:82:8c:e4:19:af:5f:53:
3a:8b:ea:ab:90:12:6a:0e:ab:f2:97:81:96:35:25:
f7:c7:ae:f4:e9:17:69:63:ea:89:2b:28:0d:0d:6b:
8c:4b:73:7e:a7:ad:9f:c3:8a:8d:1d:c0:60:0f:ba:
d8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8D:02:30:75:4C:3F:D7:9D:9F:D3:EB:E4:14:9D:10:DC:99:27:4C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/x40CMHVMP9edn9Pr5BSdENyZJ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2190::/44
Signature Algorithm: sha256WithRSAEncryption
20:89:0a:c5:a6:dc:fb:68:0a:c1:29:80:32:fc:02:2a:6f:52:
c2:a5:a8:24:d7:bc:e6:68:d1:ce:79:06:c1:9e:e8:c4:0e:f6:
b0:6e:a8:e1:5f:54:f1:f3:85:29:c9:6a:89:2d:1d:53:81:e5:
ae:32:1b:d8:d7:30:3f:15:fa:98:33:56:72:7e:8b:f1:6e:dd:
cd:5d:46:95:7f:da:4c:04:8e:14:04:14:73:31:fd:a6:e0:af:
e6:e2:fb:d1:c1:2f:4e:20:ef:75:b6:ad:70:f4:c5:04:ab:ef:
df:47:43:1a:5c:d8:44:32:bd:0d:e1:4e:ae:91:26:8d:82:3d:
f1:11:17:f3:8f:50:56:26:28:87:86:0e:34:16:4b:62:9a:8d:
71:74:28:fb:7b:6a:c8:cd:0d:9a:90:0c:3e:a4:b2:04:e8:51:
c3:37:d8:4b:6b:b1:18:dc:14:38:61:d5:f5:7c:bb:33:0f:9f:
82:76:00:b1:d9:fb:ba:ba:ea:30:21:b8:7b:97:62:c8:af:6f:
9d:cc:3b:6d:44:fc:12:a1:e0:78:1c:13:25:f7:28:1b:3d:f7:
f0:91:8e:ee:c2:e3:28:e6:81:95:da:21:4e:a0:74:9d:8b:e8:
bf:d5:cc:a1:a4:37:97:22:e0:6b:c5:5b:dc:e8:a1:5e:80:fd:
75:a0:ee:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfLRTDEAh1K2AKYXX+blZY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI5MDQyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhkMDIzMDc1NGMzZmQ3OWQ5ZmQzZWJlNDE0OWQxMGRjOTkyNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGZLDLgwQJJ2B8cvE0HQm/iPx/YL
aoRKEo4IadcrB2Qx/QKoA5smbwbGr8qMf/I2tvjncNuijvXZQri0xhBumvGcHMxg
Tz7jK/swfOfektvitXEzTOzgV2nxg9Wf7I5B+y5eAPNLut+fZEYE4bNZG4vEeOLI
jUPo0fVOXqvElFWGrFJN0awpj9xn1Qoo86IUqMsorqhMWa1uKDM99xKASgTHBhDA
RiCABS1T6w70a7qUeUlZuyxM8gABebBwc55CkLJ5lUxQsUftRYKM5BmvX1M6i+qr
kBJqDqvyl4GWNSX3x6706RdpY+qJKygNDWuMS3N+p62fw4qNHcBgD7rYcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMeNAjB1TD/XnZ/T6+QUnRDcmSdMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveDQwQ01IVk1QOWVkbjlQcjVCU2RFTnlaSjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAgiQrFptz7aArBKYAy/AIqb1LCpagk17zmaNHO
eQbBnujEDvawbqjhX1Tx84UpyWqJLR1TgeWuMhvY1zA/FfqYM1Zyfovxbt3NXUaV
f9pMBI4UBBRzMf2m4K/m4vvRwS9OIO91tq1w9MUEq+/fR0MaXNhEMr0N4U6ukSaN
gj3xERfzj1BWJiiHhg40Fktimo1xdCj7e2rIzQ2akAw+pLIE6FHDN9hLa7EY3BQ4
YdX1fLszD5+CdgCx2fu6uuowIbh7l2LIr2+dzDttRPwSoeB4HBMl9ygbPffwkY7u
wuMo5oGV2iFOoHSdi+i/1cyhpDeXIuBrxVvc6KFegP11oO7D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org