Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xBWuMboK-UfQEql2o9lnOLaCz60.roa
File: xBWuMboK-UfQEql2o9lnOLaCz60.roa (raw, json)
Hash identifier: rUj+u/fbOBhmEeyJoZ+la0lYPZxmgmonvDd82LAKTCs=
Subject key identifier: C4:15:AE:31:BA:0A:F9:47:D0:12:A9:76:A3:D9:67:38:B6:82:CF:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01906EF6FE5AEACF17F1CDBFA0383F23C2D4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xBWuMboK-UfQEql2o9lnOLaCz60.roa
Signing time: Mon 01 Jul 2024 15:43:19 +0000
ROA not before: Mon 01 Jul 2024 15:43:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214645
IP address blocks: 2a0e:97c0:3b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 03 Aug 2024 11:38:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:f6:fe:5a:ea:cf:17:f1:cd:bf:a0:38:3f:23:c2:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 1 15:43:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c415ae31ba0af947d012a976a3d96738b682cfad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:16:33:c9:ce:a3:62:7b:3a:ca:11:c3:ad:
da:50:1a:e9:8e:fb:31:53:b1:85:8f:99:d3:71:a9:
62:3a:ca:42:3b:10:40:64:13:f9:4f:fa:7e:b5:ea:
36:69:81:b5:ff:62:b8:04:a8:62:8a:9e:7f:5b:15:
5e:5a:e9:be:8e:47:9a:70:58:65:6b:82:28:ea:26:
f3:9a:d7:b0:5b:75:08:b7:b6:60:12:a6:eb:35:bb:
b3:99:3c:b7:d7:e9:c4:5d:f9:26:fa:64:53:b9:b7:
09:2d:3c:6e:30:4e:83:42:b9:ac:cd:7c:67:3d:70:
73:f4:3d:46:6f:23:d6:32:ff:ce:9c:8e:72:80:a2:
d8:16:c6:aa:e1:28:f9:df:e0:7f:66:e2:5c:45:6e:
78:49:91:46:02:49:b4:a3:91:68:df:df:90:6b:8a:
ee:1b:56:32:51:bf:c3:21:64:45:c1:2d:ee:d0:28:
40:50:b2:15:87:e7:d5:64:d5:0b:31:50:ff:e4:bf:
96:62:75:0c:b1:7d:a1:52:0c:0a:2d:46:cb:09:4f:
07:11:6f:b3:67:5f:fa:22:0c:b1:26:8b:39:68:02:
cf:86:a7:dc:e0:db:e2:e5:ff:24:e9:2d:6e:c2:5b:
31:ac:29:d0:ba:09:90:64:3c:a4:f2:f6:cc:58:87:
77:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:15:AE:31:BA:0A:F9:47:D0:12:A9:76:A3:D9:67:38:B6:82:CF:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xBWuMboK-UfQEql2o9lnOLaCz60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3b0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:bb:d8:01:8d:91:4e:fe:fb:5e:62:08:83:6c:bf:46:0d:1d:
5d:ba:4f:44:6e:1f:ba:94:b1:2e:2e:7c:2c:31:d6:7e:b8:f5:
bf:90:bd:2d:0e:a6:7c:2d:c1:0a:a7:10:b7:69:11:70:e8:47:
b7:9b:3c:7e:b9:5f:de:fd:13:04:a1:90:14:30:01:39:35:67:
50:49:bd:3f:ec:1a:24:bc:66:1c:85:1d:83:4c:44:8f:6e:de:
5c:5f:f6:2f:43:05:ae:21:35:b3:20:a3:ec:fe:a9:d8:78:20:
f9:8e:3e:79:fb:4d:9a:57:04:50:18:12:33:69:7f:44:67:fd:
c8:95:cf:ab:58:10:b0:27:bd:27:2c:8a:49:be:9d:12:48:78:
b4:56:17:83:f6:81:84:a0:06:3c:69:44:a4:c2:09:0b:83:ba:
27:18:55:49:6b:b7:72:33:38:d0:d9:82:15:9c:b2:a8:d6:3e:
cb:67:e8:79:09:a1:89:4d:74:94:e3:60:07:c1:ea:78:f5:df:
35:9a:48:e7:86:47:47:4c:32:cd:69:53:08:17:0d:5d:31:6d:
f0:a8:ba:00:87:86:62:7d:05:bc:01:bd:54:e0:4f:6a:04:68:
39:76:9a:d3:f5:3b:ca:3e:62:da:81:c6:c5:dd:e8:ef:8b:98:
de:cd:81:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZBu9v5a6s8X8c2/oDg/I8LUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzAxMTU0MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE1YWUzMWJhMGFmOTQ3ZDAxMmE5NzZhM2Q5NjczOGI2ODJjZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFcWM8nOo2J7OsoRw63aUBrpjvsx
U7GFj5nTcaliOspCOxBAZBP5T/p+teo2aYG1/2K4BKhiip5/WxVeWum+jkeacFhl
a4Io6ibzmtewW3UIt7ZgEqbrNbuzmTy31+nEXfkm+mRTubcJLTxuME6DQrmszXxn
PXBz9D1GbyPWMv/OnI5ygKLYFsaq4Sj53+B/ZuJcRW54SZFGAkm0o5Fo39+Qa4ru
G1YyUb/DIWRFwS3u0ChAULIVh+fVZNULMVD/5L+WYnUMsX2hUgwKLUbLCU8HEW+z
Z1/6IgyxJos5aALPhqfc4Nvi5f8k6S1uwlsxrCnQugmQZDyk8vbMWId3BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMQVrjG6CvlH0BKpdqPZZzi2gs+tMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveEJXdU1ib0stVWZRRXFsMm85bG5PTGFDejYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAOw
MA0GCSqGSIb3DQEBCwUAA4IBAQCNu9gBjZFO/vteYgiDbL9GDR1duk9Ebh+6lLEu
LnwsMdZ+uPW/kL0tDqZ8LcEKpxC3aRFw6Ee3mzx+uV/e/RMEoZAUMAE5NWdQSb0/
7BokvGYchR2DTESPbt5cX/YvQwWuITWzIKPs/qnYeCD5jj55+02aVwRQGBIzaX9E
Z/3Ilc+rWBCwJ70nLIpJvp0SSHi0VheD9oGEoAY8aUSkwgkLg7onGFVJa7dyMzjQ
2YIVnLKo1j7LZ+h5CaGJTXSU42AHwep49d81mkjnhkdHTDLNaVMIFw1dMW3wqLoA
h4ZifQW8Ab1U4E9qBGg5dprT9TvKPmLagcbF3ejvi5jezYFA
-----END CERTIFICATE-----
Generated at Sat Aug 3 13:29:01 2024 by rpki-client on console-fra.rpki-client.org