Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xE3GF84VPng6e8vAyHsCdWfgXWE.roa
File: xE3GF84VPng6e8vAyHsCdWfgXWE.roa (raw, json)
Hash identifier: zBbe9NaJYZjE7BbVaAeqnAfWX+nrC9DJa6qGe8pPHa0=
Subject key identifier: C4:4D:C6:17:CE:15:3E:78:3A:7B:CB:C0:C8:7B:02:75:67:E0:5D:61
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01905055BEBAF5371F80A171A6F4ACE2E53D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xE3GF84VPng6e8vAyHsCdWfgXWE.roa
Signing time: Tue 25 Jun 2024 16:58:34 +0000
ROA not before: Tue 25 Jun 2024 16:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 2a10:cc40:233::/48 maxlen: 48
2a10:cc40:234::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 16:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:50:55:be:ba:f5:37:1f:80:a1:71:a6:f4:ac:e2:e5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 25 16:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c44dc617ce153e783a7bcbc0c87b027567e05d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:fe:af:c3:3e:4d:5b:65:74:e2:63:a9:04:
4e:f4:2c:aa:a8:44:e2:30:8c:94:0e:89:57:5b:ce:
50:08:02:f7:ce:fd:5f:b6:1e:d4:0f:a0:25:34:51:
c0:bb:41:d6:72:df:ea:cf:37:4d:af:27:5e:1a:ac:
2d:41:e1:d6:f8:9a:7a:fd:fd:73:11:f4:3e:ae:3d:
ea:98:58:da:6f:85:20:f8:be:c4:2f:49:16:f1:91:
6e:d8:28:ee:0a:e6:b3:bf:02:7f:02:4e:30:e7:1b:
52:e6:34:82:73:c0:ae:6a:b8:1b:5d:12:c3:5b:c6:
4d:a5:20:df:cd:29:6f:12:b8:17:c1:0b:c4:2a:3b:
d9:73:5c:25:f1:5d:90:5c:07:08:3b:bc:f6:f0:39:
cf:82:ae:0f:8f:05:e5:c3:f5:67:a2:e6:5d:55:51:
dd:f5:2e:e8:f8:9b:65:96:f1:0a:1a:80:f4:00:d1:
28:c0:1c:0b:cf:e0:5b:1f:55:6c:df:ce:f4:42:53:
56:e7:f2:89:02:96:70:1a:83:39:04:a6:bc:d2:38:
20:fb:6f:a0:19:3f:82:9c:41:c5:80:a7:22:88:3c:
53:f9:18:ae:d3:1a:ad:53:6c:31:d0:9f:b3:87:34:
33:ec:61:2c:24:c5:94:14:55:a5:6e:fc:d2:8f:5e:
7f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4D:C6:17:CE:15:3E:78:3A:7B:CB:C0:C8:7B:02:75:67:E0:5D:61
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xE3GF84VPng6e8vAyHsCdWfgXWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:233::-2a10:cc40:234:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
62:62:1f:cc:1b:64:03:38:c0:f0:8e:9e:0d:d4:b8:39:8f:ba:
07:05:33:36:e3:44:11:3c:b8:d9:52:2e:44:bd:50:f1:31:34:
b7:db:58:1b:be:71:f0:8f:7f:b1:8f:0c:1f:dc:b0:f5:68:04:
42:77:99:89:b5:da:07:e3:8e:bf:7a:24:18:ab:ed:16:5c:2f:
4d:55:eb:f3:30:ac:5a:6b:58:a9:f9:4b:5c:35:e3:a8:e3:4e:
66:1e:3f:f3:37:7d:48:0a:36:c4:d0:94:c6:12:61:ce:7d:3f:
0c:10:6c:e2:05:c8:d7:83:78:f3:3f:ce:0b:40:83:dd:cc:19:
0a:14:f1:41:a1:51:08:a9:bf:6c:c9:75:11:e6:c8:56:1b:cd:
c1:f3:dc:01:07:24:d2:e7:16:0d:9a:f5:e4:f4:87:bb:65:b8:
35:ab:b1:49:a2:55:d1:aa:4b:b9:30:4a:48:f8:f3:73:1c:45:
5d:fb:87:2e:9b:56:37:c4:aa:d0:fc:07:16:55:75:31:f5:22:
1f:10:1a:00:8b:3b:85:dc:01:70:96:10:cc:08:ac:a8:fe:a6:
b4:13:28:4c:96:14:75:9c:30:5c:a4:58:06:b0:84:22:19:05:
aa:d5:77:08:1c:1c:e6:c2:05:38:93:05:58:1e:9b:84:06:d0:
61:99:28:6e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZBQVb669TcfgKFxpvSs4uU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjI1MTY1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRkYzYxN2NlMTUzZTc4M2E3YmNiYzBjODdiMDI3NTY3ZTA1ZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrf+r8M+TVtldOJjqQRO9CyqqETi
MIyUDolXW85QCAL3zv1fth7UD6AlNFHAu0HWct/qzzdNrydeGqwtQeHW+Jp6/f1z
EfQ+rj3qmFjab4Ug+L7EL0kW8ZFu2CjuCuazvwJ/Ak4w5xtS5jSCc8CuargbXRLD
W8ZNpSDfzSlvErgXwQvEKjvZc1wl8V2QXAcIO7z28DnPgq4PjwXlw/VnouZdVVHd
9S7o+JtllvEKGoD0ANEowBwLz+BbH1Vs3870QlNW5/KJApZwGoM5BKa80jgg+2+g
GT+CnEHFgKciiDxT+Riu0xqtU2wx0J+zhzQz7GEsJMWUFFWlbvzSj15/qQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMRNxhfOFT54OnvLwMh7AnVn4F1hMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveEUzR0Y4NFZQbmc2ZTh2QXlIc0NkV2ZnWFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEMxA
AjMDBwAqEMxAAjQwDQYJKoZIhvcNAQELBQADggEBAGJiH8wbZAM4wPCOng3UuDmP
ugcFMzbjRBE8uNlSLkS9UPExNLfbWBu+cfCPf7GPDB/csPVoBEJ3mYm12gfjjr96
JBir7RZcL01V6/MwrFprWKn5S1w146jjTmYeP/M3fUgKNsTQlMYSYc59PwwQbOIF
yNeDePM/zgtAg93MGQoU8UGhUQipv2zJdRHmyFYbzcHz3AEHJNLnFg2a9eT0h7tl
uDWrsUmiVdGqS7kwSkj483McRV37hy6bVjfEqtD8BxZVdTH1Ih8QGgCLO4XcAXCW
EMwIrKj+prQTKEyWFHWcMFykWAawhCIZBarVdwgcHObCBTiTBVgem4QG0GGZKG4=
-----END CERTIFICATE-----
Generated at Wed Sep 25 19:03:24 2024 by rpki-client on console-fra.rpki-client.org