Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yv4OigrfaeyPfxcH4rly91CARfc.roa
File: yv4OigrfaeyPfxcH4rly91CARfc.roa (raw, json)
Hash identifier: NX0o9WaDrkmans5HTk13xLcfo4oa3nZ+WkqhPwMH+kc=
Subject key identifier: CA:FE:0E:8A:0A:DF:69:EC:8F:7F:17:07:E2:B9:72:F7:50:80:45:F7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BD8F2A2C0B30AF320949EB6124AA01452
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yv4OigrfaeyPfxcH4rly91CARfc.roa
Signing time: Thu 16 Nov 2023 16:24:21 +0000
ROA not before: Thu 16 Nov 2023 16:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216065
IP address blocks: 2a0e:b107:1198::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f2:a2:c0:b3:0a:f3:20:94:9e:b6:12:4a:a0:14:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 16 16:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cafe0e8a0adf69ec8f7f1707e2b972f7508045f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:29:11:5d:fb:88:bc:30:bc:30:0f:26:f5:f0:
2d:89:2c:a4:76:64:c8:4f:01:37:fb:d8:d1:b7:e0:
f7:a6:fc:a5:39:3f:0e:e1:f8:1c:88:a9:77:3b:80:
8d:d0:e7:76:87:5e:cd:41:9b:bd:9e:94:2a:86:2a:
91:bb:f6:77:be:af:b4:73:9f:b0:eb:b0:25:bc:19:
82:54:35:37:86:0a:65:42:d2:98:88:7e:f2:de:f7:
ce:78:4c:a2:d0:5e:e1:e9:38:9e:cb:5a:f5:75:cb:
c2:25:45:c3:06:0d:fc:5e:25:b2:1a:fb:9a:f6:45:
2a:ee:23:55:61:a3:89:38:7c:1b:bd:d1:8e:d5:70:
e4:14:fe:80:a6:13:33:2f:04:38:19:be:d3:20:ab:
6d:4e:db:85:62:93:31:38:27:af:d6:b3:4b:03:99:
27:25:17:5d:b1:8b:06:d8:3d:c5:c4:36:eb:95:85:
ba:97:f9:f7:8c:eb:6c:d0:c9:72:3d:2f:53:a0:c5:
d9:a7:98:47:59:c7:2d:35:eb:c9:aa:9d:b3:66:d0:
be:f1:8e:e8:16:cf:50:8b:cc:31:bd:f9:76:05:f9:
c2:13:8b:48:8f:75:4a:b4:45:cc:84:1d:8a:6a:87:
f1:dc:f5:dc:10:d1:33:27:c3:1b:c3:c0:a4:88:8f:
ae:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FE:0E:8A:0A:DF:69:EC:8F:7F:17:07:E2:B9:72:F7:50:80:45:F7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yv4OigrfaeyPfxcH4rly91CARfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1198::/45
Signature Algorithm: sha256WithRSAEncryption
ca:4f:d6:de:63:16:90:f7:77:c7:69:9a:1f:9b:b3:7f:85:bc:
36:67:71:c8:48:32:a9:20:8e:0d:34:6c:72:3c:7e:c3:63:0c:
bc:2a:84:2c:7b:07:6e:35:fe:4f:ad:a4:8f:47:f8:c9:d0:0e:
5e:0a:87:c8:bb:d8:f0:30:fb:45:52:0f:f5:d9:ed:1f:3e:1f:
89:04:a1:17:3c:6e:8e:fd:7a:8d:b4:65:e2:f9:89:97:e7:5d:
b4:bb:28:e2:67:cd:27:99:da:fd:3f:7b:0a:fd:11:4b:a5:39:
8c:4f:8c:97:27:76:10:82:f0:2a:dc:2d:c9:ac:c4:08:0d:32:
57:3a:7f:e2:91:2d:3b:0f:e7:bf:d3:31:f8:92:a1:87:d1:3c:
5b:38:40:22:5c:ca:b9:18:df:85:71:ba:81:be:9a:c5:fb:2a:
28:65:ed:06:f0:11:61:4a:a1:43:67:25:cf:a5:99:97:20:70:
b9:9d:09:a4:65:ea:22:39:c0:73:38:fb:c4:38:3e:3d:6f:fa:
d0:6b:26:6b:0e:65:71:56:02:f1:4e:34:58:4b:2d:af:82:fd:
8e:04:a3:35:ae:5a:9b:b1:81:d9:8d:0a:76:41:4f:e3:b8:fe:
fb:e3:e8:c2:85:2f:d8:85:a0:85:87:bb:68:70:35:74:0b:cc:
ba:b8:33:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvY8qLAswrzIJSethJKoBRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE2MTYyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZlMGU4YTBhZGY2OWVjOGY3ZjE3MDdlMmI5NzJmNzUwODA0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSkRXfuIvDC8MA8m9fAtiSykdmTI
TwE3+9jRt+D3pvylOT8O4fgciKl3O4CN0Od2h17NQZu9npQqhiqRu/Z3vq+0c5+w
67AlvBmCVDU3hgplQtKYiH7y3vfOeEyi0F7h6Tiey1r1dcvCJUXDBg38XiWyGvua
9kUq7iNVYaOJOHwbvdGO1XDkFP6AphMzLwQ4Gb7TIKttTtuFYpMxOCev1rNLA5kn
JRddsYsG2D3FxDbrlYW6l/n3jOts0MlyPS9ToMXZp5hHWcctNevJqp2zZtC+8Y7o
Fs9Qi8wxvfl2BfnCE4tIj3VKtEXMhB2Kaofx3PXcENEzJ8Mbw8CkiI+uowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMr+DooK32nsj38XB+K5cvdQgEX3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveXY0T2lncmZhZXlQZnhjSDRybHk5MUNBUmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xBxGY
MA0GCSqGSIb3DQEBCwUAA4IBAQDKT9beYxaQ93fHaZofm7N/hbw2Z3HISDKpII4N
NGxyPH7DYwy8KoQsewduNf5PraSPR/jJ0A5eCofIu9jwMPtFUg/12e0fPh+JBKEX
PG6O/XqNtGXi+YmX5120uyjiZ80nmdr9P3sK/RFLpTmMT4yXJ3YQgvAq3C3JrMQI
DTJXOn/ikS07D+e/0zH4kqGH0TxbOEAiXMq5GN+FcbqBvprF+yooZe0G8BFhSqFD
ZyXPpZmXIHC5nQmkZeoiOcBzOPvEOD49b/rQayZrDmVxVgLxTjRYSy2vgv2OBKM1
rlqbsYHZjQp2QU/juP774+jChS/YhaCFh7tocDV0C8y6uDMy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:40 2024 by rpki-client on console-fra.rpki-client.org