Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/05Bk7n0R3W45iyFypJZapXqGBAs.roa
File: 05Bk7n0R3W45iyFypJZapXqGBAs.roa (raw, json)
Hash identifier: ya0wjEf8j3UkL9sPA3nJee3do+GLBbz28i/b3d4E6OM=
Subject key identifier: D3:90:64:EE:7D:11:DD:6E:39:8B:21:72:A4:96:5A:A5:7A:86:04:0B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B14490C4BAA3B7358C7CEFA7872FB5803
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/05Bk7n0R3W45iyFypJZapXqGBAs.roa
Signing time: Mon 09 Oct 2023 11:53:33 +0000
ROA not before: Mon 09 Oct 2023 11:53:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209025
IP address blocks: 2a0e:b107:9b0::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:49:0c:4b:aa:3b:73:58:c7:ce:fa:78:72:fb:58:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 9 11:53:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d39064ee7d11dd6e398b2172a4965aa57a86040b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:77:5d:92:32:20:80:d5:08:0f:a0:55:8d:92:
87:2f:aa:fd:bd:49:b9:08:bb:42:8f:de:bc:d2:3d:
b8:94:68:fa:82:4f:60:35:a2:8b:bf:cd:e2:a5:80:
7b:af:06:27:c4:b6:98:ce:d2:dd:f6:1c:4a:5e:c6:
64:12:f4:7a:00:53:46:e6:31:6d:6e:23:98:0d:8a:
84:8f:32:c9:d1:14:e1:56:4e:d9:0c:9d:b5:19:b5:
d8:ef:99:d8:45:35:fe:13:8b:22:f1:f7:ce:13:44:
c4:79:fd:7b:13:25:06:4d:13:d2:52:da:c5:4f:c8:
cc:3f:ba:3b:d0:4b:9a:fe:b5:d5:8c:de:8b:81:3a:
8e:95:b8:ef:5e:14:d3:b2:3e:c3:b8:1c:1b:d5:0d:
68:e5:0d:5b:fe:99:32:f7:f0:10:33:94:9e:65:96:
44:39:ef:07:8b:90:22:c1:51:6e:c8:26:74:71:ca:
f4:26:39:74:33:d2:36:fb:ca:4b:df:15:9c:5b:6b:
e2:ba:3c:16:3e:0e:71:6f:bd:12:a1:e8:57:14:45:
8a:77:f4:1e:93:9b:23:70:23:b1:25:d3:8c:ee:8f:
14:67:55:9e:89:32:56:bb:3e:80:14:c9:4c:fa:25:
6f:c6:a6:4e:c5:31:05:b2:c6:38:6c:b7:2c:04:a5:
52:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:64:EE:7D:11:DD:6E:39:8B:21:72:A4:96:5A:A5:7A:86:04:0B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/05Bk7n0R3W45iyFypJZapXqGBAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:800::/44
2a0e:b107:9b0::/44
Signature Algorithm: sha256WithRSAEncryption
3b:94:04:a7:fa:a7:50:d3:3b:0b:22:82:dc:ce:ff:2d:33:4a:
c2:7d:d5:32:17:4b:33:d5:84:f5:d0:0d:ad:9f:bc:87:d9:24:
a5:44:08:5a:89:b6:74:e2:cf:70:64:b6:d2:ce:7d:3b:7b:0a:
aa:40:60:0a:6b:ad:99:35:ec:08:59:ab:f8:ae:cc:76:d9:1f:
bb:c8:bc:74:9a:48:cd:11:89:11:a6:9a:b6:16:93:59:4b:64:
ae:50:18:0e:d8:9c:a3:17:0a:1c:c8:6d:0a:5f:69:78:a8:bf:
74:84:e4:a9:67:91:b1:05:b4:b4:31:a6:09:2d:16:ca:b4:47:
ed:ca:92:dc:a3:f3:cd:e0:4c:c6:79:f2:38:ff:0b:bd:46:1c:
53:1f:ec:d7:3b:04:d2:ab:b1:f3:dc:8c:ee:b8:c5:44:66:e9:
39:2d:c2:05:53:25:b7:31:be:85:1f:65:5e:3d:56:c9:c7:bc:
50:df:0d:7b:f1:1d:0b:db:59:90:ae:86:ac:6b:32:85:62:7a:
2a:c5:9c:d3:e7:b6:61:da:a4:fa:e2:53:2a:60:b6:4c:dc:5e:
b4:fb:14:40:55:4f:e6:95:b0:71:5c:d9:f8:25:f6:10:6e:6d:
a1:24:57:79:6e:3e:9a:9b:68:d3:41:80:fd:b6:61:67:83:11:
4e:c0:3a:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsUSQxLqjtzWMfO+nhy+1gDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDA5MTE1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzkwNjRlZTdkMTFkZDZlMzk4YjIxNzJhNDk2NWFhNTdhODYwNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3ddkjIggNUID6BVjZKHL6r9vUm5
CLtCj9680j24lGj6gk9gNaKLv83ipYB7rwYnxLaYztLd9hxKXsZkEvR6AFNG5jFt
biOYDYqEjzLJ0RThVk7ZDJ21GbXY75nYRTX+E4si8ffOE0TEef17EyUGTRPSUtrF
T8jMP7o70Eua/rXVjN6LgTqOlbjvXhTTsj7DuBwb1Q1o5Q1b/pky9/AQM5SeZZZE
Oe8Hi5AiwVFuyCZ0ccr0Jjl0M9I2+8pL3xWcW2viujwWPg5xb70SoehXFEWKd/Qe
k5sjcCOxJdOM7o8UZ1WeiTJWuz6AFMlM+iVvxqZOxTEFssY4bLcsBKVSswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOQZO59Ed1uOYshcqSWWqV6hgQLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMDVCazduMFIzVzQ1aXlGeXBKWmFwWHFHQkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwgA
AwcEKg6xBwmwMA0GCSqGSIb3DQEBCwUAA4IBAQA7lASn+qdQ0zsLIoLczv8tM0rC
fdUyF0sz1YT10A2tn7yH2SSlRAhaibZ04s9wZLbSzn07ewqqQGAKa62ZNewIWav4
rsx22R+7yLx0mkjNEYkRppq2FpNZS2SuUBgO2JyjFwocyG0KX2l4qL90hOSpZ5Gx
BbS0MaYJLRbKtEftypLco/PN4EzGefI4/wu9RhxTH+zXOwTSq7Hz3IzuuMVEZuk5
LcIFUyW3Mb6FH2VePVbJx7xQ3w178R0L21mQroasazKFYnoqxZzT57Zh2qT64lMq
YLZM3F60+xRAVU/mlbBxXNn4JfYQbm2hJFd5bj6am2jTQYD9tmFngxFOwDol
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:48 2024 by rpki-client on console-ams.rpki-client.org