Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bQqg6XPzzmcIaI2mqOni63vdVM.roa
File: 1-bQqg6XPzzmcIaI2mqOni63vdVM.roa (raw, json)
Hash identifier: 6RuCOgHM/1SC44JvzLcbVDH4onApX8csQqCSMvPs+M8=
Subject key identifier: F9:B4:2A:83:A5:CF:CF:39:9C:21:A2:36:9A:A3:A7:8B:AD:EF:75:53
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E78227459EE609434898C88E62B542
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bQqg6XPzzmcIaI2mqOni63vdVM.roa
Signing time: Mon 02 Jan 2023 05:14:58 +0000
ROA not before: Mon 02 Jan 2023 05:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49459
IP address blocks: 2a10:2f00:173::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:82:27:45:9e:e6:09:43:48:98:c8:8e:62:b5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b42a83a5cfcf399c21a2369aa3a78badef7553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:87:17:dc:86:67:f4:91:20:34:31:3a:83:c5:
e4:de:25:24:4f:9a:74:9d:68:e7:70:46:8d:6d:9c:
b3:2c:c4:a2:97:0d:d2:fa:d2:46:2a:c3:fc:52:34:
2c:30:2a:e7:e8:ce:b2:e8:3a:a1:ad:d8:88:8e:44:
e1:7b:9b:23:11:03:49:ed:a3:ec:c5:d1:54:cb:85:
73:b5:93:ef:62:85:01:21:30:70:9a:17:a4:ce:a4:
05:62:0f:1a:e8:08:d1:d3:4a:17:83:07:92:62:09:
19:3c:4c:69:20:27:04:bd:66:33:6a:35:50:43:c5:
ae:d0:b7:d6:6b:48:cc:76:4d:7d:3f:63:db:67:61:
38:0d:97:53:95:1f:35:09:78:eb:fe:c4:af:e4:1b:
25:6b:04:19:de:9a:1c:e7:a3:20:6c:69:7d:c3:72:
96:e2:8e:46:75:f6:03:d5:af:21:c0:da:c7:4d:36:
22:00:e1:3e:16:bb:89:99:04:53:52:ce:ae:ac:d6:
85:b3:3f:c5:b3:1c:53:a0:fd:0c:d9:eb:9c:f3:4a:
dd:58:61:59:79:c9:54:e4:92:1b:9b:91:f3:05:9c:
d7:3e:12:e1:a5:ef:11:0f:07:77:55:ca:b7:80:9f:
0d:22:6b:90:14:2d:fb:fd:89:8b:fa:f4:73:1e:92:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B4:2A:83:A5:CF:CF:39:9C:21:A2:36:9A:A3:A7:8B:AD:EF:75:53
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bQqg6XPzzmcIaI2mqOni63vdVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:173::/48
Signature Algorithm: sha256WithRSAEncryption
1f:bb:94:03:ba:9a:73:d8:9e:e3:e9:89:56:10:db:5c:c6:93:
e1:d0:f9:6f:8b:f8:39:1a:89:8e:a8:5b:a5:8b:fa:3c:10:10:
e0:07:d2:9f:0c:fd:d2:e7:ba:0e:b8:fd:f5:29:c2:4e:1c:b4:
f9:c5:3f:2e:e7:66:26:9f:a6:a1:2a:c2:2f:0f:d1:25:4b:09:
18:85:3f:61:52:a6:9b:b0:bb:07:24:65:1a:97:bb:c2:77:f9:
14:46:33:d6:35:22:14:8e:f7:dc:7c:76:94:47:9d:2d:a2:e7:
bd:4b:f7:df:6e:4f:a5:c5:e6:f8:10:32:00:8b:3d:51:5b:70:
6e:c6:b8:da:b3:81:63:69:85:11:aa:fd:fa:97:3f:c6:5d:43:
15:d2:94:87:9b:98:be:f0:7e:39:1d:cf:6f:fe:02:ba:b1:15:
bd:69:f0:22:fb:62:34:81:e2:8e:cd:54:68:b8:d6:19:57:77:
39:ec:f6:de:ab:32:cd:2a:f1:73:26:d1:80:59:b6:0f:92:d7:
95:59:ad:13:6a:f3:63:c3:e3:bc:9d:7b:a0:9b:48:cf:10:66:
93:a7:35:de:7a:80:54:77:31:9b:43:1d:4c:53:10:d0:ad:87:
39:65:a5:b4:d7:f7:c9:42:88:9e:5a:fb:75:6a:ad:3a:d3:f4:
86:2e:6b:3e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVw54InRZ7mCUNImMiOYrVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI0MmE4M2E1Y2ZjZjM5OWMyMWEyMzY5YWEzYTc4YmFkZWY3NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4cX3IZn9JEgNDE6g8Xk3iUkT5p0
nWjncEaNbZyzLMSilw3S+tJGKsP8UjQsMCrn6M6y6DqhrdiIjkThe5sjEQNJ7aPs
xdFUy4VztZPvYoUBITBwmhekzqQFYg8a6AjR00oXgweSYgkZPExpICcEvWYzajVQ
Q8Wu0LfWa0jMdk19P2PbZ2E4DZdTlR81CXjr/sSv5BslawQZ3poc56MgbGl9w3KW
4o5GdfYD1a8hwNrHTTYiAOE+FruJmQRTUs6urNaFsz/FsxxToP0M2euc80rdWGFZ
eclU5JIbm5HzBZzXPhLhpe8RDwd3Vcq3gJ8NImuQFC37/YmL+vRzHpJMdQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPm0KoOlz885nCGiNpqjp4ut73VTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1iUXFnNlhQenptY0lhSTJtcU9uaTYzdmRWTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwAB
czANBgkqhkiG9w0BAQsFAAOCAQEAH7uUA7qac9ie4+mJVhDbXMaT4dD5b4v4ORqJ
jqhbpYv6PBAQ4AfSnwz90ue6Drj99SnCThy0+cU/LudmJp+moSrCLw/RJUsJGIU/
YVKmm7C7ByRlGpe7wnf5FEYz1jUiFI733Hx2lEedLaLnvUv3325PpcXm+BAyAIs9
UVtwbsa42rOBY2mFEar9+pc/xl1DFdKUh5uYvvB+OR3Pb/4CurEVvWnwIvtiNIHi
js1UaLjWGVd3Oez23qsyzSrxcybRgFm2D5LXlVmtE2rzY8PjvJ17oJtIzxBmk6c1
3nqAVHcxm0MdTFMQ0K2HOWWltNf3yUKInlr7dWqtOtP0hi5rPg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:29 2024 by rpki-client on console-fra.rpki-client.org