Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/R5BatYe962PJBqeWOdyyKaC2wCc.roa
File: R5BatYe962PJBqeWOdyyKaC2wCc.roa (raw, json)
Hash identifier: YMe6T/p1x4NMAnFzLKfv3QLQwUzcWPaXZ7/CJP4HwGQ=
Subject key identifier: 47:90:5A:B5:87:BD:EB:63:C9:06:A7:96:39:DC:B2:29:A0:B6:C0:27
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018B8F86C58CC4CA2F1CBFF8FE7482E3D3CC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/R5BatYe962PJBqeWOdyyKaC2wCc.roa
Signing time: Thu 02 Nov 2023 10:14:16 +0000
ROA not before: Thu 02 Nov 2023 10:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57271
IP address blocks: 2a0d:c103::/32 maxlen: 32
2a01:48a0:4001::/48 maxlen: 48
2a0a:b381::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 17:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:86:c5:8c:c4:ca:2f:1c:bf:f8:fe:74:82:e3:d3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Nov 2 10:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47905ab587bdeb63c906a79639dcb229a0b6c027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:51:f5:1b:2e:75:b0:6b:f9:95:88:26:7f:b8:
3b:9a:b5:d4:88:1a:ee:26:4c:38:c1:f3:c4:50:a1:
c0:c5:0a:95:fd:a0:3f:53:c3:60:42:29:3e:38:06:
a5:6c:cc:bf:c5:d9:8e:ef:62:ce:77:27:20:62:27:
a9:b4:90:c5:61:51:54:4d:0d:fc:85:b1:58:65:45:
5d:69:a2:a2:a6:98:e8:99:3e:39:d8:3f:d1:bb:9a:
90:bc:14:58:ce:03:ba:fd:cd:a2:a3:d1:f6:53:a4:
9e:bf:e6:a5:6d:22:a4:de:db:85:a9:36:1c:35:71:
4d:7e:eb:6e:d1:22:29:67:1f:db:27:95:ea:cf:3e:
b5:fb:41:0e:93:4f:94:b9:9b:58:84:6c:95:9c:d1:
60:8e:67:23:56:f9:9b:e6:d1:63:99:a5:d0:ac:6a:
0c:20:6c:a3:a0:7e:55:5c:31:f1:22:9e:20:75:23:
fd:c2:7a:51:3e:d3:99:ab:e3:1b:04:b0:c7:8e:74:
91:dd:e8:fd:aa:47:8c:3e:5a:61:bf:35:57:55:f8:
36:ef:2f:51:4a:c0:4d:8f:08:51:4f:cb:30:78:bf:
db:4a:47:38:1b:a7:60:83:e7:cf:9b:ff:e5:89:be:
5e:c6:56:79:42:c4:99:bd:ed:23:bb:ae:80:2d:f2:
b4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:90:5A:B5:87:BD:EB:63:C9:06:A7:96:39:DC:B2:29:A0:B6:C0:27
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/R5BatYe962PJBqeWOdyyKaC2wCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:48a0:4001::/48
2a0a:b381::/32
2a0d:c103::/32
Signature Algorithm: sha256WithRSAEncryption
5b:7c:f0:1e:16:37:2c:9b:5f:c3:3a:a6:e4:99:57:87:ef:18:
7d:9e:fe:29:2e:e2:90:d8:10:0c:1a:35:e1:39:06:14:01:f4:
7d:0a:04:83:8b:a6:5d:2f:70:4d:3f:47:fe:75:0a:ae:fb:42:
7b:c7:9e:cb:52:57:f3:f4:1a:78:0a:4c:a0:ef:e2:7e:3a:ab:
b6:b0:6e:2f:44:fb:52:50:f3:80:bc:91:64:a5:f4:fe:a3:1b:
f1:b8:80:9f:5f:2c:dc:25:40:6a:31:87:53:68:b3:1a:74:c7:
a9:47:48:5a:53:c4:38:43:b1:85:48:83:bc:75:85:4c:ec:5b:
23:82:91:69:10:fa:88:03:44:07:04:ad:ba:c4:b0:6a:a4:f9:
f6:62:a8:4c:66:42:c3:b2:6c:b0:c9:a5:9a:77:37:20:9c:df:
bf:e4:a3:c6:95:11:09:5f:a4:8a:b7:bb:6a:92:be:31:58:6f:
92:5b:58:0c:ce:1e:67:8b:80:20:97:23:cb:e1:32:e8:cb:3e:
8e:ae:0d:4b:10:22:10:81:18:1f:b8:8a:b6:51:2f:fc:3f:e6:
44:e7:80:d9:5f:60:17:be:cd:52:11:89:d1:ae:15:87:a2:d9:
a4:d3:d2:fd:70:1a:cd:f1:83:d8:2d:f3:bc:76:4a:fc:b3:08:
aa:57:dc:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuPhsWMxMovHL/4/nSC49PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMxMTAyMTAxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzkwNWFiNTg3YmRlYjYzYzkwNmE3OTYzOWRjYjIyOWEwYjZjMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1H1Gy51sGv5lYgmf7g7mrXUiBru
Jkw4wfPEUKHAxQqV/aA/U8NgQik+OAalbMy/xdmO72LOdycgYieptJDFYVFUTQ38
hbFYZUVdaaKippjomT452D/Ru5qQvBRYzgO6/c2io9H2U6Sev+albSKk3tuFqTYc
NXFNfutu0SIpZx/bJ5Xqzz61+0EOk0+UuZtYhGyVnNFgjmcjVvmb5tFjmaXQrGoM
IGyjoH5VXDHxIp4gdSP9wnpRPtOZq+MbBLDHjnSR3ej9qkeMPlphvzVXVfg27y9R
SsBNjwhRT8sweL/bSkc4G6dgg+fPm//lib5exlZ5QsSZve0ju66ALfK0mwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEeQWrWHvetjyQanljncsimgtsAnMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvUjVCYXRZZTk2MlBKQnFlV09keXlLYUMyd0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgFIoEAB
AwUAKgqzgQMFACoNwQMwDQYJKoZIhvcNAQELBQADggEBAFt88B4WNyybX8M6puSZ
V4fvGH2e/iku4pDYEAwaNeE5BhQB9H0KBIOLpl0vcE0/R/51Cq77QnvHnstSV/P0
GngKTKDv4n46q7awbi9E+1JQ84C8kWSl9P6jG/G4gJ9fLNwlQGoxh1Nosxp0x6lH
SFpTxDhDsYVIg7x1hUzsWyOCkWkQ+ogDRAcErbrEsGqk+fZiqExmQsOybLDJpZp3
NyCc37/ko8aVEQlfpIq3u2qSvjFYb5JbWAzOHmeLgCCXI8vhMujLPo6uDUsQIhCB
GB+4irZRL/w/5kTngNlfYBe+zVIRidGuFYei2aTT0v1wGs3xg9gt87x2SvyzCKpX
3GI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org