Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yXKh99N8tvb4xV8G0nWQIRlhP2o.roa
File: yXKh99N8tvb4xV8G0nWQIRlhP2o.roa (raw, json)
Hash identifier: qBpmDMOHTGikrHZgnnzuUxRbcnnnLZCXFUjkTnciymk=
Subject key identifier: C9:72:A1:F7:D3:7C:B6:F6:F8:C5:5F:06:D2:75:90:21:19:61:3F:6A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0190D1B99825B741D182FFC36BABF0014785
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yXKh99N8tvb4xV8G0nWQIRlhP2o.roa
Signing time: Sat 20 Jul 2024 19:58:39 +0000
ROA not before: Sat 20 Jul 2024 19:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216457
IP address blocks: 2a0e:b107:27a8::/45 maxlen: 48
2a10:2f00:198::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 16 Nov 2024 17:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d1:b9:98:25:b7:41:d1:82:ff:c3:6b:ab:f0:01:47:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 20 19:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c972a1f7d37cb6f6f8c55f06d275902119613f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e4:38:68:29:69:15:3e:2d:ed:50:b0:09:cc:
e3:2b:bc:c3:5c:a6:92:88:ca:c3:81:63:e4:e0:03:
7f:d5:ed:ae:8b:d8:99:56:55:fb:bd:76:8c:73:ab:
bb:8f:78:63:6e:76:fa:aa:2d:ef:d2:43:4d:6f:cb:
1c:9f:eb:d0:29:80:ed:f3:22:9f:2b:78:03:32:7b:
75:7f:6d:64:38:57:b3:b9:55:26:fc:8a:9b:6e:e0:
9e:38:28:ed:dc:2f:3c:b1:3c:dd:42:9a:a9:ca:97:
c0:45:2d:68:cc:92:71:8c:a2:33:03:6d:47:f5:8e:
73:51:2b:fd:57:f9:09:95:0a:23:ab:52:44:48:bf:
d7:5d:e7:d7:94:b1:e0:73:1e:d7:24:02:81:8e:08:
19:4c:b1:bc:a0:8c:41:a4:40:e3:ed:fd:d4:7d:6f:
0c:72:79:6a:6c:c9:9d:92:ce:f7:0d:47:ea:bf:2d:
f8:53:97:cb:36:89:c5:d5:2f:cb:d1:b8:c3:fc:85:
fe:7a:e0:48:c8:fd:0f:57:0d:89:15:12:80:9f:b0:
35:6c:a1:52:a9:8b:30:8e:8a:bf:2d:7c:d1:09:69:
a4:ae:5c:4f:c7:62:8a:a3:7e:6e:63:98:8b:00:8b:
1d:01:d0:e2:8e:7f:70:38:6d:6f:33:1d:a6:33:ea:
9a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:72:A1:F7:D3:7C:B6:F6:F8:C5:5F:06:D2:75:90:21:19:61:3F:6A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yXKh99N8tvb4xV8G0nWQIRlhP2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27a8::/45
2a10:2f00:198::/48
Signature Algorithm: sha256WithRSAEncryption
6d:69:c9:12:61:e1:b3:c3:86:06:ff:df:35:f3:fb:a2:a6:e8:
49:e8:cb:f2:91:cc:ab:92:45:10:57:29:d8:7e:d0:39:73:ec:
b3:0b:17:51:88:93:ac:37:12:f7:8f:71:b3:1a:27:cb:d2:0a:
eb:81:a3:15:6d:53:43:c7:09:cc:52:42:67:ed:7f:0a:7a:c5:
cb:8d:34:fb:50:31:f0:ca:1a:09:de:cf:48:07:b1:15:04:ef:
a9:e4:0e:ca:7a:be:74:c9:0c:0f:c7:46:4f:ce:56:83:3c:ae:
37:d1:7b:a5:cb:16:b1:54:64:d1:e2:2d:ca:7e:53:52:f8:68:
a7:d0:6d:3a:fe:e8:63:bd:d4:8c:62:d2:db:7f:be:f9:e5:f0:
84:49:af:5e:fc:e0:57:64:53:31:65:3b:a3:40:3f:3d:e9:54:
9a:15:30:06:e1:50:8a:93:86:2f:8b:7a:32:89:c8:6d:c2:f6:
a1:e3:7a:bf:f3:d9:a7:99:99:ca:17:7d:b5:ca:36:2f:5f:79:
9a:da:4f:6f:20:4c:7d:eb:3e:6f:1d:0b:ee:c6:d8:21:a1:fe:
29:aa:e3:c1:fb:1a:21:0a:4d:ed:48:c4:f1:bc:ac:b9:74:07:
a3:9a:28:f6:f8:96:31:e9:bc:0b:95:d3:dc:7c:e1:84:9c:60:
1b:3a:d8:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDRuZglt0HRgv/Da6vwAUeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzIwMTk1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTcyYTFmN2QzN2NiNmY2ZjhjNTVmMDZkMjc1OTAyMTE5NjEzZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uQ4aClpFT4t7VCwCczjK7zDXKaS
iMrDgWPk4AN/1e2ui9iZVlX7vXaMc6u7j3hjbnb6qi3v0kNNb8scn+vQKYDt8yKf
K3gDMnt1f21kOFezuVUm/IqbbuCeOCjt3C88sTzdQpqpypfARS1ozJJxjKIzA21H
9Y5zUSv9V/kJlQojq1JESL/XXefXlLHgcx7XJAKBjggZTLG8oIxBpEDj7f3UfW8M
cnlqbMmdks73DUfqvy34U5fLNonF1S/L0bjD/IX+euBIyP0PVw2JFRKAn7A1bKFS
qYswjoq/LXzRCWmkrlxPx2KKo35uY5iLAIsdAdDijn9wOG1vMx2mM+qa+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMlyoffTfLb2+MVfBtJ1kCEZYT9qMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVhLaDk5Tjh0dmI0eFY4RzBuV1FJUmxoUDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcDKg6xByeo
AwcAKhAvAAGYMA0GCSqGSIb3DQEBCwUAA4IBAQBtackSYeGzw4YG/9818/uipuhJ
6MvykcyrkkUQVynYftA5c+yzCxdRiJOsNxL3j3GzGifL0grrgaMVbVNDxwnMUkJn
7X8KesXLjTT7UDHwyhoJ3s9IB7EVBO+p5A7Ker50yQwPx0ZPzlaDPK430Xulyxax
VGTR4i3KflNS+Gin0G06/uhjvdSMYtLbf7755fCESa9e/OBXZFMxZTujQD896VSa
FTAG4VCKk4Yvi3oyichtwvah43q/89mnmZnKF321yjYvX3ma2k9vIEx96z5vHQvu
xtghof4pquPB+xohCk3tSMTxvKy5dAejmij2+JYx6bwLldPcfOGEnGAbOtis
Generated at Sat Nov 16 19:55:58 2024 by rpki-client on console-ams.rpki-client.org