Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xlBRRGCQn-BE6kmcfMcxAs1WDuk.roa
File: xlBRRGCQn-BE6kmcfMcxAs1WDuk.roa (raw, json)
Hash identifier: aAcbJHtMW3fN6MYr0g7kLITPSnCTzAdKMWMMebG0PoQ=
Subject key identifier: C6:50:51:44:60:90:9F:E0:44:EA:49:9C:7C:C7:31:02:CD:56:0E:E9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DCBE304159D46BB2472498BB64C22F6F7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xlBRRGCQn-BE6kmcfMcxAs1WDuk.roa
Signing time: Wed 21 Feb 2024 13:37:48 +0000
ROA not before: Wed 21 Feb 2024 13:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149476
IP address blocks: 2a10:ccc3:ccc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Feb 2024 15:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:e3:04:15:9d:46:bb:24:72:49:8b:b6:4c:22:f6:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 21 13:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c650514460909fe044ea499c7cc73102cd560ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:1a:b7:99:72:63:d6:d2:d7:3f:3b:d6:6f:
d6:09:08:72:44:b3:62:e7:93:43:c3:b7:50:de:71:
5f:fd:c0:a8:ae:f1:9e:04:80:fc:ff:56:12:25:94:
4e:d6:af:7d:55:8d:6e:28:d6:20:cf:72:1a:b2:1a:
4a:01:16:5a:bd:37:aa:17:fb:53:48:97:34:a6:d1:
95:ca:20:75:ef:12:56:b1:c8:8b:e0:ae:ff:cb:f3:
f3:1e:46:5b:19:55:5f:51:c1:ca:03:00:7c:35:f5:
2b:27:88:bc:74:15:b8:1a:50:09:43:48:72:66:27:
b0:e7:90:b8:ff:1a:52:a4:fd:c4:9d:c5:29:90:60:
c6:e9:05:c2:34:bd:1e:75:72:13:db:89:3e:b9:53:
37:24:1a:fb:9d:ec:ac:62:b0:80:0c:a2:40:45:26:
90:87:15:1d:26:36:53:2a:45:86:d8:d7:45:50:e6:
cc:6e:14:4a:f9:86:a8:c6:99:e6:a3:96:19:38:83:
c1:9c:04:cc:df:d5:1d:53:f6:f9:39:57:9b:0b:40:
dc:31:fc:26:55:a7:ef:22:b9:2d:7f:ce:da:da:38:
de:3b:6e:3b:8e:60:b9:22:75:d0:30:4b:e7:42:18:
ad:aa:7e:c9:18:5a:1a:33:88:c7:39:d1:b9:05:af:
7e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:50:51:44:60:90:9F:E0:44:EA:49:9C:7C:C7:31:02:CD:56:0E:E9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xlBRRGCQn-BE6kmcfMcxAs1WDuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc6::/48
Signature Algorithm: sha256WithRSAEncryption
3d:fe:32:b8:0b:bf:0c:78:18:11:c2:47:21:ce:23:9d:e7:af:
bb:cb:6b:51:5c:1d:35:f8:9d:24:c7:ac:8c:37:32:ae:2f:5a:
ad:24:46:75:31:32:37:07:b6:08:64:34:b7:1d:1f:f1:bd:21:
21:4f:36:bf:ec:af:bb:11:02:29:c6:f0:d3:03:11:e5:b8:3c:
04:84:40:10:6e:60:3d:e0:f5:63:b8:be:d5:a8:e7:91:08:14:
f0:b9:cc:66:31:01:ca:5c:5d:ca:c9:15:07:93:7e:be:6a:9d:
05:c4:e1:76:09:c9:7d:b4:e4:b3:81:2b:07:fc:36:7d:0f:00:
58:97:7d:2a:d9:b7:84:e6:b4:38:d8:65:4a:93:c9:09:15:90:
15:83:91:3c:bd:17:b9:e2:cb:bc:74:ba:3e:7a:30:fe:e4:22:
a4:64:2c:d6:a3:ea:ff:12:86:5b:80:4d:27:75:a8:79:ff:84:
6d:fd:68:9d:e8:46:95:53:d7:1d:68:2b:30:ce:c6:fe:43:3a:
9d:4c:c8:c6:a6:1e:44:f7:d2:a5:f5:db:75:52:b5:00:fa:50:
f2:89:f3:8f:85:a9:48:d0:9d:1c:f2:e9:29:86:76:d9:20:e9:
ee:76:fb:e8:b0:6c:49:b9:c7:53:16:ad:d3:3e:dd:58:01:c2:
42:8f:dc:1a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3L4wQVnUa7JHJJi7ZMIvb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIxMTMzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjUwNTE0NDYwOTA5ZmUwNDRlYTQ5OWM3Y2M3MzEwMmNkNTYwZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC0at5lyY9bS1z871m/WCQhyRLNi
55NDw7dQ3nFf/cCorvGeBID8/1YSJZRO1q99VY1uKNYgz3IashpKARZavTeqF/tT
SJc0ptGVyiB17xJWsciL4K7/y/PzHkZbGVVfUcHKAwB8NfUrJ4i8dBW4GlAJQ0hy
Ziew55C4/xpSpP3EncUpkGDG6QXCNL0edXIT24k+uVM3JBr7neysYrCADKJARSaQ
hxUdJjZTKkWG2NdFUObMbhRK+Yaoxpnmo5YZOIPBnATM39UdU/b5OVebC0DcMfwm
VafvIrktf87a2jjeO247jmC5InXQMEvnQhitqn7JGFoaM4jHOdG5Ba9+MQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMZQUURgkJ/gROpJnHzHMQLNVg7pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGxCUlJHQ1FuLUJFNmttY2ZNY3hBczFXRHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMw8zG
MA0GCSqGSIb3DQEBCwUAA4IBAQA9/jK4C78MeBgRwkchziOd56+7y2tRXB01+J0k
x6yMNzKuL1qtJEZ1MTI3B7YIZDS3HR/xvSEhTza/7K+7EQIpxvDTAxHluDwEhEAQ
bmA94PVjuL7VqOeRCBTwucxmMQHKXF3KyRUHk36+ap0FxOF2Ccl9tOSzgSsH/DZ9
DwBYl30q2beE5rQ42GVKk8kJFZAVg5E8vRe54su8dLo+ejD+5CKkZCzWo+r/EoZb
gE0ndah5/4Rt/Wid6EaVU9cdaCswzsb+QzqdTMjGph5E99Kl9dt1UrUA+lDyifOP
halI0J0c8ukphnbZIOnudvvosGxJucdTFq3TPt1YAcJCj9wa
-----END CERTIFICATE-----
Generated at Sat Feb 24 16:38:26 2024 by rpki-client on console-fra.rpki-client.org