Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yZIgfQ4WEct73-MtKA5osePp72g.roa
File: yZIgfQ4WEct73-MtKA5osePp72g.roa (raw, json)
Hash identifier: zki9nlTpYVs6dbYfHoDX+GeUE4SfJrFAVnJFzBj6yKI=
Subject key identifier: C9:92:20:7D:0E:16:11:CB:7B:DF:E3:2D:28:0E:68:B1:E3:E9:EF:68
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E3D7CB11E5DE7092DEBBA9CF750D168B0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yZIgfQ4WEct73-MtKA5osePp72g.roa
Signing time: Thu 14 Mar 2024 15:02:45 +0000
ROA not before: Thu 14 Mar 2024 15:02:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149476
IP address blocks: 2a10:ccc3:ccc0::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Aug 2024 14:42:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:7c:b1:1e:5d:e7:09:2d:eb:ba:9c:f7:50:d1:68:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 14 15:02:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c992207d0e1611cb7bdfe32d280e68b1e3e9ef68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:c9:75:34:79:d6:6e:29:03:71:d5:68:67:
7b:c9:e3:26:63:6a:6e:b3:44:1b:62:91:86:2e:e1:
c1:c3:11:5c:98:bd:00:3a:cf:9d:4f:0a:30:dc:ce:
98:1f:8c:3d:e9:ed:9d:3e:04:7f:d0:01:42:7b:7d:
3e:8c:74:3c:00:fd:5a:7a:f4:26:fd:0c:26:f3:30:
f8:39:f8:bc:32:30:d0:e0:b8:d5:87:5b:41:84:76:
36:f3:cb:15:ab:a1:7a:32:fa:49:3c:ad:af:ea:24:
5f:43:7e:5b:f1:4d:dd:72:ce:0e:e9:af:1f:8e:4f:
a7:32:0e:4c:08:fc:95:07:fb:5b:11:b8:7f:78:33:
19:93:8f:12:e8:b1:84:fd:3f:b6:82:7c:46:44:a3:
5b:9d:d2:91:05:7d:2d:25:e9:7c:d5:c1:6f:8e:68:
5c:7a:dd:2c:e4:c2:fd:ac:c6:eb:65:09:64:21:f5:
8d:35:b5:fc:1a:db:58:63:72:3a:05:dc:dd:79:27:
f9:dd:bf:66:1b:db:58:5b:e6:43:d4:cc:00:b5:b3:
21:b6:b0:b9:e4:8e:60:f7:d1:b6:14:ea:d9:52:df:
7c:d4:09:d4:ed:68:e0:a8:a1:9d:0e:b1:36:e5:a0:
30:0e:71:aa:d2:24:5e:b2:71:75:c3:59:54:93:e9:
21:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:92:20:7D:0E:16:11:CB:7B:DF:E3:2D:28:0E:68:B1:E3:E9:EF:68
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yZIgfQ4WEct73-MtKA5osePp72g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc3:ccc0::/46
Signature Algorithm: sha256WithRSAEncryption
c7:b2:07:7b:fc:23:c7:e6:28:4e:bd:cc:5a:89:29:d5:24:78:
2b:6b:5e:ad:e4:cf:73:af:7f:85:cf:5a:e4:57:b9:a0:88:80:
04:f2:ec:12:b6:f0:78:90:c9:61:d1:be:0b:f1:32:35:c5:f5:
2c:77:d4:6a:ef:02:8c:12:6d:f6:b3:dd:de:68:ce:6d:8d:c4:
ff:e6:09:b9:e2:43:4e:0c:e8:3c:f7:b5:86:55:93:28:ff:9b:
c0:d6:0a:fd:31:1f:c4:7d:b8:9a:62:0e:ee:cb:a3:67:5c:0c:
9c:ec:12:a3:c4:20:cb:b3:f0:39:30:a1:73:60:e8:0c:2b:68:
0e:12:1a:e3:27:40:16:89:95:92:3b:8f:b5:30:19:22:cb:41:
88:1f:a0:10:ba:ad:bb:05:57:46:a6:1f:ce:56:87:d5:99:6a:
e6:c9:e2:97:33:7e:6b:2b:fc:7d:31:51:5b:d0:c9:d6:aa:78:
ea:3c:ae:98:58:32:25:54:b2:3b:0d:30:4b:cd:05:18:f3:5b:
33:38:27:03:d9:44:ba:3b:e9:a3:2a:92:48:ac:30:65:2f:bd:
0f:f3:69:5f:04:c5:1d:ae:e0:17:26:fa:d0:e5:3b:c2:a5:ac:
c8:5f:2d:7c:cd:75:82:2f:52:2c:f4:19:06:06:52:bb:dc:99:
2c:c2:c0:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY49fLEeXecJLeu6nPdQ0WiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzE0MTUwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkyMjA3ZDBlMTYxMWNiN2JkZmUzMmQyODBlNjhiMWUzZTllZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrvJdTR51m4pA3HVaGd7yeMmY2pu
s0QbYpGGLuHBwxFcmL0AOs+dTwow3M6YH4w96e2dPgR/0AFCe30+jHQ8AP1aevQm
/Qwm8zD4Ofi8MjDQ4LjVh1tBhHY288sVq6F6MvpJPK2v6iRfQ35b8U3dcs4O6a8f
jk+nMg5MCPyVB/tbEbh/eDMZk48S6LGE/T+2gnxGRKNbndKRBX0tJel81cFvjmhc
et0s5ML9rMbrZQlkIfWNNbX8GttYY3I6BdzdeSf53b9mG9tYW+ZD1MwAtbMhtrC5
5I5g99G2FOrZUt981AnU7WjgqKGdDrE25aAwDnGq0iResnF1w1lUk+khowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMmSIH0OFhHLe9/jLSgOaLHj6e9oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveVpJZ2ZRNFdFY3Q3My1NdEtBNW9zZVBwNzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKhDMw8zA
MA0GCSqGSIb3DQEBCwUAA4IBAQDHsgd7/CPH5ihOvcxaiSnVJHgra16t5M9zr3+F
z1rkV7mgiIAE8uwStvB4kMlh0b4L8TI1xfUsd9Rq7wKMEm32s93eaM5tjcT/5gm5
4kNODOg897WGVZMo/5vA1gr9MR/EfbiaYg7uy6NnXAyc7BKjxCDLs/A5MKFzYOgM
K2gOEhrjJ0AWiZWSO4+1MBkiy0GIH6AQuq27BVdGph/OVofVmWrmyeKXM35rK/x9
MVFb0MnWqnjqPK6YWDIlVLI7DTBLzQUY81szOCcD2US6O+mjKpJIrDBlL70P82lf
BMUdruAXJvrQ5TvCpazIXy18zXWCL1Is9BkGBlK73JkswsB/
-----END CERTIFICATE-----
Generated at Wed Aug 21 19:41:06 2024 by rpki-client on console-fra.rpki-client.org