Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xvin7ZZGmA8VuCP-MqRu51F0CBc.roa
File: xvin7ZZGmA8VuCP-MqRu51F0CBc.roa (raw, json)
Hash identifier: PVVpmal0PKfi00V6X3SIJpoorGuGBX0PcCaieiNZi9Q=
Subject key identifier: C6:F8:A7:ED:96:46:98:0F:15:B8:23:FE:32:A4:6E:E7:51:74:08:17
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D73DAD323099B41AA80B158E4F9F214BC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xvin7ZZGmA8VuCP-MqRu51F0CBc.roa
Signing time: Sun 04 Feb 2024 11:22:17 +0000
ROA not before: Sun 04 Feb 2024 11:22:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215669
IP address blocks: 2a06:de01:110::/44 maxlen: 48
2a0e:97c0:8b0::/44 maxlen: 48
2a0e:97c0:8b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:da:d3:23:09:9b:41:aa:80:b1:58:e4:f9:f2:14:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 4 11:22:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6f8a7ed9646980f15b823fe32a46ee751740817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:52:0b:73:c3:1e:8a:06:cf:c5:05:21:d0:
38:86:1d:a9:a2:33:6c:27:a3:c2:e6:dc:bc:69:d9:
e6:94:67:a8:bc:38:6d:a6:30:e2:4d:92:b5:8e:b1:
6c:42:cf:9c:45:ca:af:8a:9f:dd:1a:9a:92:7e:73:
8d:13:4b:13:96:9d:da:f2:1c:ad:2d:d8:75:d5:b6:
66:b7:c8:e2:f7:c1:2f:f8:03:61:74:e2:8e:20:87:
54:da:a0:e0:c5:8b:95:12:c1:a2:97:ba:df:79:d1:
80:c8:7f:44:a6:5d:3e:61:00:6d:7e:11:9e:3d:8d:
9d:a8:3a:ed:43:70:05:90:36:69:7c:1d:08:78:e2:
4b:78:be:94:95:22:d0:0e:fc:4d:a7:8a:8b:0d:f6:
5c:b4:1d:2c:9c:9e:a3:48:dd:08:2d:b3:7c:aa:5a:
ca:20:4c:a1:c1:f1:48:0f:58:1a:72:ae:7f:cd:c1:
59:9d:a1:e4:53:14:2e:c1:a7:31:d0:e8:db:0e:4a:
63:84:62:74:64:2e:f9:91:8a:42:46:6c:43:31:30:
9f:b7:0b:86:82:da:80:55:6c:25:bf:f9:d8:eb:1e:
8d:0b:41:1d:ca:5d:22:4e:f9:62:a1:42:38:02:ee:
e0:1b:9d:6a:30:ce:eb:7c:82:88:a2:e4:3e:50:0c:
61:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F8:A7:ED:96:46:98:0F:15:B8:23:FE:32:A4:6E:E7:51:74:08:17
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xvin7ZZGmA8VuCP-MqRu51F0CBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:110::/44
2a0e:97c0:8b0::/44
Signature Algorithm: sha256WithRSAEncryption
03:ad:1c:5a:d3:47:b3:a7:80:09:83:cd:84:0b:9c:ab:c0:b7:
b1:98:a8:9b:84:b0:b8:f6:ae:12:31:14:68:e3:5c:8e:08:2a:
99:93:32:9f:dd:c7:a4:59:07:27:59:eb:da:4e:38:81:d4:9a:
ec:10:0c:e9:e0:3e:83:a6:c7:8e:2b:b5:04:c2:0c:be:91:f3:
bd:93:89:03:d2:72:78:f5:a2:c1:73:50:43:30:4c:88:5d:35:
c7:b9:54:42:89:a0:2b:e4:3f:38:50:b1:f5:1e:fe:06:8f:75:
a1:59:7f:2d:47:16:51:b1:e2:1a:2d:39:07:ce:5d:48:ec:29:
85:cb:1f:7f:33:91:53:fe:c4:0f:4a:6a:14:16:13:2d:39:58:
d2:0a:d9:d5:f1:37:5b:c6:77:ef:73:a4:a3:fb:c0:92:23:f9:
c6:12:aa:ef:43:ee:fe:00:47:53:6f:d8:0f:97:2c:76:41:15:
9c:2a:38:43:8f:18:77:ce:1f:07:bf:d8:9f:c1:f1:0d:ec:8c:
f0:67:c4:c1:cf:ad:50:98:82:d1:f0:96:8a:52:65:de:d2:47:
e6:e9:c2:ee:09:2f:c3:bb:cd:e3:72:eb:8f:d9:71:85:40:ab:
26:4d:7b:8a:86:2f:e4:8c:5d:ba:87:19:fe:ae:2f:6a:a5:84:
46:34:a9:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1z2tMjCZtBqoCxWOT58hS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjA0MTEyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmY4YTdlZDk2NDY5ODBmMTViODIzZmUzMmE0NmVlNzUxNzQwODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7hSC3PDHooGz8UFIdA4hh2pojNs
J6PC5ty8adnmlGeovDhtpjDiTZK1jrFsQs+cRcqvip/dGpqSfnONE0sTlp3a8hyt
Ldh11bZmt8ji98Ev+ANhdOKOIIdU2qDgxYuVEsGil7rfedGAyH9Epl0+YQBtfhGe
PY2dqDrtQ3AFkDZpfB0IeOJLeL6UlSLQDvxNp4qLDfZctB0snJ6jSN0ILbN8qlrK
IEyhwfFID1gacq5/zcFZnaHkUxQuwacx0OjbDkpjhGJ0ZC75kYpCRmxDMTCftwuG
gtqAVWwlv/nY6x6NC0Edyl0iTvlioUI4Au7gG51qMM7rfIKIouQ+UAxhvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMb4p+2WRpgPFbgj/jKkbudRdAgXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveHZpbjdaWkdtQThWdUNQLU1xUnU1MUYwQ0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAQEQ
AwcEKg6XwAiwMA0GCSqGSIb3DQEBCwUAA4IBAQADrRxa00ezp4AJg82EC5yrwLex
mKibhLC49q4SMRRo41yOCCqZkzKf3cekWQcnWevaTjiB1JrsEAzp4D6DpseOK7UE
wgy+kfO9k4kD0nJ49aLBc1BDMEyIXTXHuVRCiaAr5D84ULH1Hv4Gj3WhWX8tRxZR
seIaLTkHzl1I7CmFyx9/M5FT/sQPSmoUFhMtOVjSCtnV8Tdbxnfvc6Sj+8CSI/nG
EqrvQ+7+AEdTb9gPlyx2QRWcKjhDjxh3zh8Hv9ifwfEN7IzwZ8TBz61QmILR8JaK
UmXe0kfm6cLuCS/Du83jcuuP2XGFQKsmTXuKhi/kjF26hxn+ri9qpYRGNKn5
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:37:58 2024 by rpki-client on console-fra.rpki-client.org