Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QwG40XRDc8yrDkxohqcCFheB8A.roa
File: 0QwG40XRDc8yrDkxohqcCFheB8A.roa (raw, json)
Hash identifier: 7tF2VsSjafuSX8tTlmugKUDUYjg0SV6Xe5sEVyqoe3c=
Subject key identifier: D1:0C:06:E3:45:D1:0D:CF:32:AC:39:31:A2:1A:9C:08:58:5E:07:C0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E792A9F44E0F9D3932FF9944C63239
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QwG40XRDc8yrDkxohqcCFheB8A.roa
Signing time: Mon 02 Jan 2023 05:15:02 +0000
ROA not before: Mon 02 Jan 2023 05:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139989
IP address blocks: 2a0e:97c0:371::/48 maxlen: 48
2a10:cc40:111::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:92:a9:f4:4e:0f:9d:39:32:ff:99:44:c6:32:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10c06e345d10dcf32ac3931a21a9c08585e07c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:65:05:29:88:5e:79:c2:fa:41:55:0c:bd:
aa:3a:97:c8:9c:33:49:43:29:c5:d0:a7:07:ab:13:
7b:f2:a6:03:2b:92:d8:11:7c:0b:66:3c:c0:2c:7f:
e2:fe:b0:2f:47:fc:f3:41:86:de:47:da:7d:23:6a:
59:aa:ff:34:87:b8:f4:1e:ae:85:13:6a:3d:a3:ba:
1f:4f:4e:28:80:27:42:67:ec:27:9f:c8:5d:2f:78:
1c:2a:4b:91:b6:76:f6:db:e3:a3:14:5b:66:20:9b:
16:d6:3d:79:c1:1f:8b:7a:80:62:a1:39:01:45:1d:
75:6a:14:9c:e6:90:37:43:4c:06:f7:f2:40:9a:40:
3d:53:cf:0e:a2:76:48:d7:65:f8:fb:db:5c:0c:34:
3c:ee:2a:78:75:46:37:cf:be:7c:95:f2:d6:47:b8:
aa:31:49:c3:52:b4:b0:eb:4a:66:70:b4:d1:7e:4f:
f8:26:30:f7:96:92:f3:0f:99:55:8f:68:5d:e2:02:
bb:fb:cc:7e:d3:0e:9b:ca:a8:92:ee:e1:77:d7:3a:
06:98:c8:88:9f:54:d0:1c:fc:ca:e7:bb:e4:08:c5:
26:b3:8f:61:04:7d:38:79:a5:ee:d8:ad:b8:a9:3c:
bf:9a:db:56:8a:d9:75:28:99:24:66:fc:f6:22:32:
06:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0C:06:E3:45:D1:0D:CF:32:AC:39:31:A2:1A:9C:08:58:5E:07:C0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0QwG40XRDc8yrDkxohqcCFheB8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:371::/48
2a10:cc40:111::/48
Signature Algorithm: sha256WithRSAEncryption
b9:56:1d:7f:64:0c:3d:12:f1:47:48:22:63:fe:d9:13:d5:db:
93:1c:da:9c:9f:35:cd:e7:79:ba:9d:ce:65:37:97:7a:40:89:
45:9b:79:ed:cb:e5:15:aa:00:67:39:22:5e:a5:9f:0e:c1:0e:
b2:89:ff:ad:38:65:eb:d6:5b:9a:97:08:49:9b:6d:cc:90:24:
fd:78:37:a4:64:4c:d0:cd:3b:82:38:d4:38:0e:93:cd:43:c5:
d3:59:bd:81:e8:71:47:ef:b2:be:50:d5:1a:86:3a:f4:a3:55:
04:5e:22:e4:b8:29:01:b9:21:18:be:cf:01:aa:8e:2b:27:fa:
31:db:35:9a:8d:f5:bd:af:f2:b2:75:44:70:9c:e2:4b:c5:8e:
ce:42:1b:74:3e:10:36:ae:65:27:96:28:cb:96:69:6c:05:0d:
a1:74:37:38:cf:4c:6b:b0:53:95:ae:c7:d4:36:f8:bc:a8:3a:
b4:a0:d3:0e:a7:6c:25:b7:a3:6f:8b:31:ba:9e:3e:bc:5d:96:
3a:31:b4:d6:a5:56:b6:82:ab:ae:35:d8:dd:81:94:97:0d:3f:
5a:a7:8d:1e:21:82:c7:fd:87:35:05:c9:c6:6a:87:70:f9:0e:
8c:e4:27:83:36:f0:b9:54:9d:3f:a1:fb:18:37:d2:a1:19:2c:
3d:a5:af:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw55Kp9E4PnTky/5lExjI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBjMDZlMzQ1ZDEwZGNmMzJhYzM5MzFhMjFhOWMwODU4NWUwN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnVlBSmIXnnC+kFVDL2qOpfInDNJ
QynF0KcHqxN78qYDK5LYEXwLZjzALH/i/rAvR/zzQYbeR9p9I2pZqv80h7j0Hq6F
E2o9o7ofT04ogCdCZ+wnn8hdL3gcKkuRtnb22+OjFFtmIJsW1j15wR+LeoBioTkB
RR11ahSc5pA3Q0wG9/JAmkA9U88OonZI12X4+9tcDDQ87ip4dUY3z758lfLWR7iq
MUnDUrSw60pmcLTRfk/4JjD3lpLzD5lVj2hd4gK7+8x+0w6byqiS7uF31zoGmMiI
n1TQHPzK57vkCMUms49hBH04eaXu2K24qTy/mttWitl1KJkkZvz2IjIGNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNEMBuNF0Q3PMqw5MaIanAhYXgfAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFF3RzQwWFJEYzh5ckRreG9ocWNDRmhlQjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwANx
AwcAKhDMQAERMA0GCSqGSIb3DQEBCwUAA4IBAQC5Vh1/ZAw9EvFHSCJj/tkT1duT
HNqcnzXN53m6nc5lN5d6QIlFm3nty+UVqgBnOSJepZ8OwQ6yif+tOGXr1lualwhJ
m23MkCT9eDekZEzQzTuCONQ4DpPNQ8XTWb2B6HFH77K+UNUahjr0o1UEXiLkuCkB
uSEYvs8Bqo4rJ/ox2zWajfW9r/KydURwnOJLxY7OQht0PhA2rmUnlijLlmlsBQ2h
dDc4z0xrsFOVrsfUNvi8qDq0oNMOp2wlt6NvizG6nj68XZY6MbTWpVa2gquuNdjd
gZSXDT9ap40eIYLH/Yc1BcnGaodw+Q6M5CeDNvC5VJ0/ofsYN9KhGSw9pa/3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:53 2023 by rpki-client on console-ams.rpki-client.org