Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOChOPcYX4fv_5fr-l9wgqTcueg.roa
File: zOChOPcYX4fv_5fr-l9wgqTcueg.roa (raw, json)
Hash identifier: NmY+vCfoCEpKP0YC3yFaV7XTNUk7wqVXGGeDU7x1YTo=
Subject key identifier: CC:E0:A1:38:F7:18:5F:87:EF:FF:97:EB:FA:5F:70:82:A4:DC:B9:E8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0193BECC38127E82BB05F904D947
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOChOPcYX4fv_5fr-l9wgqTcueg.roa
Signing time: Tue 02 Jan 2024 10:34:16 +0000
ROA not before: Tue 02 Jan 2024 10:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a10:2f00:187::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 20:41:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:01:93:be:cc:38:12:7e:82:bb:05:f9:04:d9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cce0a138f7185f87efff97ebfa5f7082a4dcb9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f0:26:d9:b1:9e:77:c3:e2:fb:56:c9:b3:87:
df:2e:1a:cc:e9:11:46:a9:1b:ad:d7:86:b4:1c:3f:
ce:f3:c1:51:1d:59:04:2a:52:cb:17:a7:d9:5d:df:
2a:7b:e2:9c:c4:2b:fc:44:fe:6b:03:39:e3:4d:34:
f3:7a:85:9b:88:e0:6d:ba:97:be:06:e9:d7:7a:24:
0c:48:a1:ec:2f:03:4d:fb:f9:f2:1f:cf:b5:5a:21:
fb:72:7f:7d:0a:85:8d:95:3c:b2:bd:84:25:ae:3f:
4d:3f:87:ef:80:05:1d:5f:08:bf:41:5b:d2:a6:c8:
86:aa:7d:83:61:cf:32:7c:f1:5b:c1:57:37:8c:9f:
a9:6e:e3:51:70:19:db:c6:8d:e6:b8:11:d1:1e:be:
14:20:28:33:5b:d5:65:bb:25:70:64:d8:16:83:3f:
b5:b0:95:d7:f8:55:2d:fd:09:44:5e:b9:da:5a:d7:
43:e3:a7:e1:5d:67:c1:a9:5b:1a:64:77:f2:2c:50:
e2:c1:e5:b5:56:39:cb:33:97:f4:36:b3:0b:a1:64:
9f:37:b0:52:d1:09:84:8f:44:e2:c8:fb:6e:ab:60:
aa:75:e0:9a:4b:41:53:de:32:c8:db:45:d1:ea:bd:
c7:be:2d:77:42:1a:ff:62:c4:52:e1:ec:18:e3:ef:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E0:A1:38:F7:18:5F:87:EF:FF:97:EB:FA:5F:70:82:A4:DC:B9:E8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/zOChOPcYX4fv_5fr-l9wgqTcueg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:187::/48
Signature Algorithm: sha256WithRSAEncryption
a7:f4:05:b8:a8:6d:5d:df:49:d2:b4:27:a1:51:6d:74:8d:b3:
33:a8:6f:d3:7a:a2:24:09:26:0c:0b:32:f1:b6:38:ca:e1:c2:
51:28:06:6a:ff:97:1e:0e:36:67:5b:03:b3:ac:b7:9a:e6:c7:
01:7a:aa:67:14:c1:d6:89:48:5f:3f:b5:47:89:d8:0c:48:d2:
2f:21:d8:80:1c:9e:71:a7:dc:45:74:d1:cf:f7:3b:27:29:aa:
d9:44:7b:09:c2:b1:33:81:75:b5:18:1d:8d:00:6f:e0:bf:44:
b8:26:4e:f8:9b:24:46:a8:ca:6b:88:35:aa:32:8d:2a:da:27:
b6:ef:c9:f5:39:60:3c:11:70:32:ce:da:29:a9:9b:2d:bb:b1:
74:6d:dc:1b:1a:88:22:ba:4f:0b:79:08:89:f3:c8:82:b7:8e:
05:4b:00:6e:e1:c4:4d:e9:6a:5b:c0:dd:08:76:67:90:fe:b9:
5d:1d:6b:5a:cf:e0:12:ae:ec:f9:df:cf:f2:90:86:03:00:c1:
e3:ab:ba:70:c7:41:1c:1c:97:1d:75:9e:7e:e8:27:5d:0c:ac:
19:3d:6d:21:9c:d9:09:1f:88:5e:08:7a:38:33:c9:d9:6a:63:
c4:b9:a7:1a:90:48:0a:4d:2c:f6:d2:52:f9:4f:ad:e5:25:19:
ea:9c:58:3d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQGTvsw4En6CuwX5BNlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2UwYTEzOGY3MTg1Zjg3ZWZmZjk3ZWJmYTVmNzA4MmE0ZGNiOWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPAm2bGed8Pi+1bJs4ffLhrM6RFG
qRut14a0HD/O88FRHVkEKlLLF6fZXd8qe+KcxCv8RP5rAznjTTTzeoWbiOBtupe+
BunXeiQMSKHsLwNN+/nyH8+1WiH7cn99CoWNlTyyvYQlrj9NP4fvgAUdXwi/QVvS
psiGqn2DYc8yfPFbwVc3jJ+pbuNRcBnbxo3muBHRHr4UICgzW9VluyVwZNgWgz+1
sJXX+FUt/QlEXrnaWtdD46fhXWfBqVsaZHfyLFDiweW1VjnLM5f0NrMLoWSfN7BS
0QmEj0TiyPtuq2CqdeCaS0FT3jLI20XR6r3Hvi13Qhr/YsRS4ewY4+/v9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMzgoTj3GF+H7/+X6/pfcIKk3LnoMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvek9DaE9QY1lYNGZ2XzVmci1sOXdncVRjdWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGH
MA0GCSqGSIb3DQEBCwUAA4IBAQCn9AW4qG1d30nStCehUW10jbMzqG/TeqIkCSYM
CzLxtjjK4cJRKAZq/5ceDjZnWwOzrLea5scBeqpnFMHWiUhfP7VHidgMSNIvIdiA
HJ5xp9xFdNHP9zsnKarZRHsJwrEzgXW1GB2NAG/gv0S4Jk74myRGqMpriDWqMo0q
2ie278n1OWA8EXAyztopqZstu7F0bdwbGogiuk8LeQiJ88iCt44FSwBu4cRN6Wpb
wN0IdmeQ/rldHWtaz+ASruz538/ykIYDAMHjq7pwx0EcHJcddZ5+6CddDKwZPW0h
nNkJH4heCHo4M8nZamPEuacakEgKTSz20lL5T63lJRnqnFg9
-----END CERTIFICATE-----
Generated at Thu Jan 11 23:51:24 2024 by rpki-client on console-fra.rpki-client.org