Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zNGAknApKNKiUmpQrCICy00afXQ.roa
File: zNGAknApKNKiUmpQrCICy00afXQ.roa (raw, json)
Hash identifier: 8aN4CGtNO9LcVAMGQjBp7tuoxf2oFkOITiYDdSI407M=
Subject key identifier: CC:D1:80:92:70:29:28:D2:A2:52:6A:50:AC:22:02:CB:4D:1A:7D:74
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019103FFC8C2493C561B15D170045345C67C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zNGAknApKNKiUmpQrCICy00afXQ.roa
Signing time: Tue 30 Jul 2024 14:16:20 +0000
ROA not before: Tue 30 Jul 2024 14:16:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149977
IP address blocks: 2a0f:e404:105::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Aug 2024 10:27:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:ff:c8:c2:49:3c:56:1b:15:d1:70:04:53:45:c6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 30 14:16:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd18092702928d2a2526a50ac2202cb4d1a7d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:0f:c7:85:04:cb:0d:72:f2:7f:af:74:18:
4a:1b:61:b0:9e:57:be:05:91:79:6f:36:15:42:2b:
46:e3:bf:c2:fb:d7:b4:c0:03:98:69:a1:f3:c4:1b:
ed:e5:9d:9c:aa:c4:94:82:52:ab:b2:79:52:26:c3:
b0:b4:30:46:fa:6d:7c:26:e8:3c:fa:46:b4:30:1e:
b9:d2:9e:c9:f0:c8:32:45:c7:71:84:19:33:6b:f3:
57:2e:75:d3:6f:fc:04:69:9e:c5:2f:20:b8:12:fc:
e2:d6:1a:25:2d:24:47:3c:17:aa:80:cf:bd:95:ea:
54:d9:d3:4c:81:ef:ed:c9:a6:98:67:24:66:b8:b3:
29:4b:af:19:cb:46:ab:98:e4:7d:20:d6:96:d3:63:
2f:ac:07:50:7f:f2:85:0c:0f:1a:12:50:14:5f:87:
4d:b8:a9:90:9e:f2:e8:d6:c6:58:c2:6f:89:fa:5a:
5b:91:91:ef:13:e1:78:92:60:08:a9:a4:9f:92:2c:
82:69:68:5b:c7:8b:d3:19:09:a0:4b:ca:15:2c:79:
40:d8:22:3b:b3:ba:35:b0:10:ba:df:51:07:99:32:
0f:89:b0:9b:d1:d3:5e:6b:06:37:9d:aa:c3:f1:ea:
8a:b6:b2:c7:07:dc:ec:37:89:37:31:c6:e3:34:b8:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D1:80:92:70:29:28:D2:A2:52:6A:50:AC:22:02:CB:4D:1A:7D:74
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zNGAknApKNKiUmpQrCICy00afXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e404:105::/48
Signature Algorithm: sha256WithRSAEncryption
22:cb:d2:f2:e5:17:c5:8a:08:dd:ec:9a:be:d8:bd:47:89:b9:
22:91:25:7f:e6:72:4d:90:84:1f:08:45:15:4f:43:a7:e8:89:
a7:ba:96:ad:fe:a2:c2:4c:72:ea:64:b1:5d:59:3d:66:0d:28:
52:a6:6a:9d:8b:c1:41:dd:3a:fe:91:3a:b6:14:8b:f4:4c:95:
09:df:f5:ba:6a:ed:2e:b9:b1:08:fd:c9:ae:23:29:24:ff:29:
78:92:05:15:65:27:d6:16:8f:8b:9a:3f:88:38:d7:de:5d:16:
ea:7d:be:78:3f:cf:e4:b8:a8:1e:2e:73:ed:53:d5:53:c2:2d:
0c:d3:5c:c4:3b:a5:26:bb:40:f2:e3:4c:a8:ad:8d:df:5c:d3:
82:6a:0f:f8:d0:8f:da:d0:b9:a0:74:06:49:0e:fd:4a:87:40:
d0:bb:0a:14:b3:ca:7a:82:f6:e3:37:b8:22:fc:f8:91:c7:14:
a5:72:66:26:50:8b:3f:5b:c6:db:bc:78:5a:4a:f1:8d:3f:06:
5e:4e:8b:3c:ec:85:5e:0b:f7:14:f9:9f:32:93:48:d9:e9:06:
11:fe:dd:56:f7:39:56:9b:4a:bf:f0:18:e4:c2:be:64:08:7f:
05:7f:11:31:12:ac:a0:d0:4c:39:83:1a:fd:0d:c3:e7:2d:c1:
a9:e5:2e:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZED/8jCSTxWGxXRcARTRcZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNzMwMTQxNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QxODA5MjcwMjkyOGQyYTI1MjZhNTBhYzIyMDJjYjRkMWE3ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzegPx4UEyw1y8n+vdBhKG2Gwnle+
BZF5bzYVQitG47/C+9e0wAOYaaHzxBvt5Z2cqsSUglKrsnlSJsOwtDBG+m18Jug8
+ka0MB650p7J8MgyRcdxhBkza/NXLnXTb/wEaZ7FLyC4Evzi1holLSRHPBeqgM+9
lepU2dNMge/tyaaYZyRmuLMpS68Zy0armOR9INaW02MvrAdQf/KFDA8aElAUX4dN
uKmQnvLo1sZYwm+J+lpbkZHvE+F4kmAIqaSfkiyCaWhbx4vTGQmgS8oVLHlA2CI7
s7o1sBC631EHmTIPibCb0dNeawY3narD8eqKtrLHB9zsN4k3McbjNLgH7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzRgJJwKSjSolJqUKwiAstNGn10MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvek5HQWtuQXBLTktpVW1wUXJDSUN5MDBhZlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/kBAEF
MA0GCSqGSIb3DQEBCwUAA4IBAQAiy9Ly5RfFigjd7Jq+2L1HibkikSV/5nJNkIQf
CEUVT0On6Imnupat/qLCTHLqZLFdWT1mDShSpmqdi8FB3Tr+kTq2FIv0TJUJ3/W6
au0uubEI/cmuIykk/yl4kgUVZSfWFo+Lmj+IONfeXRbqfb54P8/kuKgeLnPtU9VT
wi0M01zEO6Umu0Dy40yorY3fXNOCag/40I/a0LmgdAZJDv1Kh0DQuwoUs8p6gvbj
N7gi/PiRxxSlcmYmUIs/W8bbvHhaSvGNPwZeTos87IVeC/cU+Z8yk0jZ6QYR/t1W
9zlWm0q/8Bjkwr5kCH8FfxExEqyg0Ew5gxr9DcPnLcGp5S6L
-----END CERTIFICATE-----
Generated at Wed Aug 7 13:00:29 2024 by rpki-client on console-ams.rpki-client.org