Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xNOOAUwbkMMtOwXUUHxgSVXZKeA.roa
File: xNOOAUwbkMMtOwXUUHxgSVXZKeA.roa (raw, json)
Hash identifier: Ws9C5ARgJku29Mnvp2EC2UfTocJNLcBwWQ1d1zwHjpY=
Subject key identifier: C4:D3:8E:01:4C:1B:90:C3:2D:3B:05:D4:50:7C:60:49:55:D9:29:E0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01922A0CB8716CA34D951CD6C4F82F6251D5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xNOOAUwbkMMtOwXUUHxgSVXZKeA.roa
Signing time: Wed 25 Sep 2024 16:38:49 +0000
ROA not before: Wed 25 Sep 2024 16:38:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 2a10:cc40:233::/48 maxlen: 48
2a10:cc40:234::/48 maxlen: 48
2a10:cc40:235::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Oct 2024 18:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:0c:b8:71:6c:a3:4d:95:1c:d6:c4:f8:2f:62:51:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 25 16:38:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4d38e014c1b90c32d3b05d4507c604955d929e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:36:f8:da:02:42:31:31:ef:c3:ef:30:3f:1c:
41:f7:46:d5:2e:69:0f:d9:00:16:ba:e0:33:52:11:
98:86:37:6c:4f:82:66:a1:9d:09:e9:7a:b5:0d:4f:
6b:18:a1:86:72:d3:43:6d:39:72:40:2a:66:f4:23:
52:e4:33:88:6b:78:2b:35:a1:a8:cc:08:d7:b6:46:
04:a2:0c:24:d0:63:29:62:0b:78:da:1b:0d:82:23:
c0:06:e9:51:49:74:e8:79:b9:d6:f9:62:46:fc:d0:
14:67:a2:48:57:10:82:65:fc:25:ac:4a:06:21:57:
9d:91:29:a2:dc:7d:69:d6:e9:db:55:26:42:16:82:
e3:55:77:b3:66:cb:d4:f0:26:9e:2a:cf:73:9b:ae:
cf:b4:9e:a0:2c:ca:e6:75:a7:cd:42:ec:0c:ba:c0:
e0:9c:be:bf:4b:cf:44:4e:33:f6:d7:04:10:00:f5:
cd:2f:f5:f4:9d:61:0c:96:8e:67:6e:03:ce:7e:c8:
fa:8b:53:f2:d5:f4:bd:34:ca:fb:37:c1:b8:af:47:
b9:a8:75:3d:38:61:e4:30:41:66:c9:9d:bc:af:35:
6f:e1:a1:db:05:c7:0b:3f:54:4c:3d:c1:38:06:13:
42:6a:3b:0f:c2:b1:68:9c:59:02:b8:c4:b9:f3:9c:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D3:8E:01:4C:1B:90:C3:2D:3B:05:D4:50:7C:60:49:55:D9:29:E0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xNOOAUwbkMMtOwXUUHxgSVXZKeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:233::-2a10:cc40:235:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:14:5c:86:15:ef:66:45:ee:ff:25:ca:ba:09:c8:78:c9:1c:
8c:64:4a:23:f2:e5:8d:a9:84:57:ee:e5:12:0f:59:a3:1a:92:
80:0a:62:9a:e4:48:a5:d9:a7:19:1f:e4:30:94:a0:c2:5c:90:
99:73:58:86:68:76:b3:2b:67:b9:a5:b4:b1:28:ff:f1:39:35:
d4:4e:6e:fb:d1:e7:21:6b:cd:7d:fa:46:57:a5:c0:15:bf:5e:
34:2a:8c:2a:68:f8:0c:4a:e7:42:14:1d:2a:47:81:ad:7a:4c:
37:c3:09:3d:a5:5a:69:eb:15:2c:3b:77:71:49:f9:6b:88:be:
d8:13:b9:1f:cd:1d:50:15:69:e7:d7:55:a2:bc:10:ff:43:60:
5b:56:5a:9a:70:2c:6b:a2:91:af:bf:d0:5e:e0:cb:35:e3:fb:
8a:ee:51:8b:f8:d1:fb:ac:5c:4f:6e:73:f1:c6:bf:28:82:6a:
e0:59:f2:e9:6f:58:82:2c:99:2e:8b:01:42:63:4c:4c:ab:74:
d5:c4:ec:98:53:69:89:3f:93:80:83:5d:b8:e8:09:5c:5b:80:
a3:2f:91:1f:0f:83:7c:f2:45:a3:fd:6a:cd:cf:94:7e:7e:11:
b8:b8:2b:69:15:c0:24:97:bb:81:e1:68:97:fb:b5:78:7d:21:
5f:3d:7a:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIqDLhxbKNNlRzWxPgvYlHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTI1MTYzODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQzOGUwMTRjMWI5MGMzMmQzYjA1ZDQ1MDdjNjA0OTU1ZDkyOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zb42gJCMTHvw+8wPxxB90bVLmkP
2QAWuuAzUhGYhjdsT4JmoZ0J6Xq1DU9rGKGGctNDbTlyQCpm9CNS5DOIa3grNaGo
zAjXtkYEogwk0GMpYgt42hsNgiPABulRSXToebnW+WJG/NAUZ6JIVxCCZfwlrEoG
IVedkSmi3H1p1unbVSZCFoLjVXezZsvU8CaeKs9zm67PtJ6gLMrmdafNQuwMusDg
nL6/S89ETjP21wQQAPXNL/X0nWEMlo5nbgPOfsj6i1Py1fS9NMr7N8G4r0e5qHU9
OGHkMEFmyZ28rzVv4aHbBccLP1RMPcE4BhNCajsPwrFonFkCuMS585zlaQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMTTjgFMG5DDLTsF1FB8YElV2SngMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveE5PT0FVd2JrTU10T3dYVVVIeGdTVlhaS2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEMxA
AjMDBwEqEMxAAjQwDQYJKoZIhvcNAQELBQADggEBAG0UXIYV72ZF7v8lyroJyHjJ
HIxkSiPy5Y2phFfu5RIPWaMakoAKYprkSKXZpxkf5DCUoMJckJlzWIZodrMrZ7ml
tLEo//E5NdRObvvR5yFrzX36RlelwBW/XjQqjCpo+AxK50IUHSpHga16TDfDCT2l
WmnrFSw7d3FJ+WuIvtgTuR/NHVAVaefXVaK8EP9DYFtWWppwLGuika+/0F7gyzXj
+4ruUYv40fusXE9uc/HGvyiCauBZ8ulvWIIsmS6LAUJjTEyrdNXE7JhTaYk/k4CD
XbjoCVxbgKMvkR8Pg3zyRaP9as3PlH5+Ebi4K2kVwCSXu4HhaJf7tXh9IV89emc=
-----END CERTIFICATE-----
Generated at Tue Oct 1 19:51:34 2024 by rpki-client on console-ams.rpki-client.org