Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BQW0QaLskPrcoo8Br3twCZ3myo.roa
File: 0BQW0QaLskPrcoo8Br3twCZ3myo.roa (raw, json)
Hash identifier: ZHBcbcSSVqZSibVLCU+HlUptW6km1gcyRTp7jkXxeik=
Subject key identifier: D0:14:16:D1:06:8B:B2:43:EB:72:8A:3C:06:BD:ED:C0:26:77:9B:2A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186109BD29983CA0AFC59AE17F0AF48A4E8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BQW0QaLskPrcoo8Br3twCZ3myo.roa
Signing time: Thu 02 Feb 2023 05:31:32 +0000
ROA not before: Thu 02 Feb 2023 05:31:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200516
IP address blocks: 2a0e:b107:f60::/48 maxlen: 48
2a0e:b107:f60::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:9b:d2:99:83:ca:0a:fc:59:ae:17:f0:af:48:a4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 2 05:31:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d01416d1068bb243eb728a3c06bdedc026779b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0c:22:ad:17:a2:e0:fc:ef:5d:dd:9d:45:b8:
ad:07:8d:ad:78:ab:d6:47:24:e7:d0:2b:c1:da:42:
41:f1:76:e9:bb:87:64:48:6f:ac:e0:ba:c6:b9:44:
82:5d:22:3e:70:c4:2f:42:45:75:ef:a7:fa:60:ee:
09:0c:74:4f:b8:9e:63:ac:ba:75:8d:bb:be:66:56:
13:88:54:15:d1:47:75:ee:45:3f:ac:82:17:76:43:
e4:18:ab:09:71:81:15:dc:4c:fa:3e:5f:0c:54:b3:
90:99:7e:df:07:5a:0f:93:ac:b7:81:d1:e8:4b:c9:
aa:01:38:38:3f:75:fa:e7:cc:40:01:ed:32:32:93:
83:bc:aa:22:2c:2a:71:8f:bc:42:40:29:64:ce:32:
ab:de:1d:46:7c:b1:8e:f9:9a:09:02:d6:63:1d:8c:
63:1a:ab:90:a4:c0:e0:3a:1c:fb:e4:6a:f8:f6:4f:
ba:59:53:2b:e7:a5:58:96:77:16:ab:b6:40:5a:85:
9c:7a:f5:ec:43:58:fc:41:c6:be:ad:c5:8f:0e:b3:
4a:a4:c2:23:d8:4f:93:0d:fa:cb:31:c4:0a:46:9c:
61:6f:05:21:0e:a3:13:f0:1f:01:fd:13:8d:11:a3:
93:e2:2f:3c:cb:28:7b:45:0f:da:fc:3a:26:e7:92:
eb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:14:16:D1:06:8B:B2:43:EB:72:8A:3C:06:BD:ED:C0:26:77:9B:2A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BQW0QaLskPrcoo8Br3twCZ3myo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f60::/44
Signature Algorithm: sha256WithRSAEncryption
9e:0f:eb:4d:47:80:1c:6c:1d:32:de:b4:8c:d4:21:e0:2e:ba:
af:24:66:28:da:6c:ee:95:6f:07:6a:6e:65:97:89:1d:96:17:
39:87:38:3b:6a:f2:3e:e4:40:60:f5:a9:ba:00:24:29:b9:d2:
4f:5a:ad:47:ba:ba:f5:55:94:be:70:ce:23:56:76:45:78:df:
6a:57:c6:cc:37:c3:ca:47:7e:53:90:39:c5:3b:75:9b:14:af:
31:05:3e:5b:12:13:ba:f1:41:01:9a:98:c9:ba:1b:6e:7d:b2:
ba:97:91:d8:9e:7f:63:70:b6:8e:21:f1:d9:f0:44:26:ec:c2:
e1:8b:62:b0:48:7c:2d:72:e8:92:d6:48:4a:42:5d:dc:40:d6:
64:ba:71:48:4e:87:f8:49:b7:04:f2:c2:c5:f6:15:f2:7e:e7:
2a:6d:9f:23:8a:29:23:ee:c2:18:89:8a:23:3b:ec:9e:7b:6f:
20:c1:6d:a3:43:c4:53:fc:91:ab:dd:c0:ef:d6:1c:35:9c:1b:
a8:0c:e0:d7:b3:88:d5:d9:6a:d7:c3:a7:61:7c:8c:02:5c:e6:
64:f9:0b:57:0b:66:d8:c9:fb:2e:35:96:47:0b:07:ff:c0:43:
e7:ff:f6:c7:d1:99:8e:c2:bc:a9:95:05:11:c1:02:b0:47:5a:
a5:f3:a6:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYYQm9KZg8oK/FmuF/CvSKToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjAyMDUzMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE0MTZkMTA2OGJiMjQzZWI3MjhhM2MwNmJkZWRjMDI2Nzc5YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgwirRei4PzvXd2dRbitB42teKvW
RyTn0CvB2kJB8Xbpu4dkSG+s4LrGuUSCXSI+cMQvQkV176f6YO4JDHRPuJ5jrLp1
jbu+ZlYTiFQV0Ud17kU/rIIXdkPkGKsJcYEV3Ez6Pl8MVLOQmX7fB1oPk6y3gdHo
S8mqATg4P3X658xAAe0yMpODvKoiLCpxj7xCQClkzjKr3h1GfLGO+ZoJAtZjHYxj
GquQpMDgOhz75Gr49k+6WVMr56VYlncWq7ZAWoWcevXsQ1j8Qca+rcWPDrNKpMIj
2E+TDfrLMcQKRpxhbwUhDqMT8B8B/RONEaOT4i88yyh7RQ/a/Dom55LrQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNAUFtEGi7JD63KKPAa97cAmd5sqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMEJRVzBRYUxza1ByY29vOEJyM3R3Q1ozbXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBw9g
MA0GCSqGSIb3DQEBCwUAA4IBAQCeD+tNR4AcbB0y3rSM1CHgLrqvJGYo2mzulW8H
am5ll4kdlhc5hzg7avI+5EBg9am6ACQpudJPWq1Hurr1VZS+cM4jVnZFeN9qV8bM
N8PKR35TkDnFO3WbFK8xBT5bEhO68UEBmpjJuhtufbK6l5HYnn9jcLaOIfHZ8EQm
7MLhi2KwSHwtcuiS1khKQl3cQNZkunFITof4SbcE8sLF9hXyfucqbZ8jiikj7sIY
iYojO+yee28gwW2jQ8RT/JGr3cDv1hw1nBuoDODXs4jV2WrXw6dhfIwCXOZk+QtX
C2bYyfsuNZZHCwf/wEPn//bH0ZmOwryplQURwQKwR1ql86Yy
-----END CERTIFICATE-----
Generated at Sat Aug 12 14:46:31 2023 by rpki-client on console-fra.rpki-client.org