Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1CFqWTTB4seUxrY9RpOZVs0tigg.roa
File: 1CFqWTTB4seUxrY9RpOZVs0tigg.roa (raw, json)
Hash identifier: SZOnEXAN4t6VTzALJWfxPuxDi5lona2dfQTMn9Tum+8=
Subject key identifier: D4:21:6A:59:34:C1:E2:C7:94:C6:B6:3D:46:93:99:56:CD:2D:8A:08
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AD16FF45EA7C8CB430F6D4817F777
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1CFqWTTB4seUxrY9RpOZVs0tigg.roa
Signing time: Tue 24 Jan 2023 16:09:40 +0000
ROA not before: Tue 24 Jan 2023 16:09:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203655
IP address blocks: 2a0e:b107:1b60::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:d1:6f:f4:5e:a7:c8:cb:43:0f:6d:48:17:f7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4216a5934c1e2c794c6b63d46939956cd2d8a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:41:99:9d:0e:4d:d7:b5:2d:e2:03:f8:2f:
b2:18:41:e2:c4:e7:9b:c7:5e:a2:02:11:78:9c:ec:
c3:dc:e6:99:d7:36:a5:5d:0b:03:3e:2f:b2:52:ad:
04:c7:9a:86:bf:bb:8a:4d:e6:48:3d:e0:98:ff:c7:
35:7b:80:b1:77:a3:aa:10:42:a5:79:a0:3c:ee:cc:
65:8d:21:81:50:db:50:5b:2e:09:a8:0e:c3:cc:4c:
59:2a:44:4d:cd:98:bc:6e:09:77:7c:4d:72:cf:94:
7b:2d:6e:ae:01:dd:8f:53:af:9f:c2:b9:18:8a:d2:
36:69:30:6c:1f:42:ed:64:da:65:c0:76:3e:cf:1b:
c0:fa:cd:86:02:8d:34:89:d5:81:e8:10:2e:08:b7:
cd:39:59:52:73:87:2d:a5:53:7f:d5:e6:2d:54:66:
96:ae:b8:a7:e9:11:47:15:a6:4e:2a:a1:a5:27:72:
3c:32:69:9f:fa:8e:01:94:d0:ac:d6:38:ae:a1:41:
a6:88:19:ba:9c:c4:c5:ee:12:a6:9e:28:29:15:0d:
56:99:35:14:78:94:e1:67:62:fb:5c:f0:18:67:6d:
12:60:8a:29:64:4c:d2:31:c4:96:c8:ea:60:09:55:
44:fb:d5:7a:3e:d2:1a:2a:f1:fe:78:6d:90:fe:e5:
7e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:21:6A:59:34:C1:E2:C7:94:C6:B6:3D:46:93:99:56:CD:2D:8A:08
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1CFqWTTB4seUxrY9RpOZVs0tigg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b60::/44
Signature Algorithm: sha256WithRSAEncryption
25:26:37:98:99:10:e1:58:b0:53:bc:51:ac:10:92:93:21:0a:
25:df:ee:6b:1a:4a:0f:a7:fa:f3:8d:d7:a6:66:8d:c7:ce:95:
02:2d:89:33:8b:17:7e:2b:0e:2d:68:1d:14:04:e9:de:61:02:
aa:5e:ba:9f:b9:cd:f6:84:2c:00:07:0b:3b:88:78:40:4d:6f:
08:a4:5f:95:6a:db:4a:e2:fa:7f:2e:bf:6f:5e:30:61:60:3f:
db:4a:c1:5e:25:52:56:bd:aa:c6:bb:60:1f:5a:8d:38:68:83:
48:32:9e:d3:91:e2:30:f5:cb:32:2d:a8:98:0d:69:97:c9:76:
09:92:f0:86:cf:e0:b8:7b:3a:7b:c7:7a:3a:03:c0:dc:f6:72:
f8:af:bd:01:28:6b:d6:dd:88:d6:30:d8:72:9d:8d:5b:be:f9:
21:f5:59:d9:44:dd:90:a1:1f:11:56:ab:2d:ee:22:2d:6e:03:
d7:25:8e:cd:ba:34:54:81:92:8d:60:db:86:2a:2a:af:f2:fb:
92:76:62:da:02:7b:17:7d:3d:e5:aa:7e:8b:cd:36:fb:bb:56:
fa:be:ee:4a:23:da:14:dc:22:dc:a1:6b:05:18:cc:31:70:d8:
c1:b1:b7:31:98:6e:b5:a1:d0:db:29:ba:9a:b8:a3:a1:cb:ab:
59:eb:d8:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkitFv9F6nyMtDD21IF/d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDIxNmE1OTM0YzFlMmM3OTRjNmI2M2Q0NjkzOTk1NmNkMmQ4YTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl9BmZ0OTde1LeID+C+yGEHixOeb
x16iAhF4nOzD3OaZ1zalXQsDPi+yUq0Ex5qGv7uKTeZIPeCY/8c1e4Cxd6OqEEKl
eaA87sxljSGBUNtQWy4JqA7DzExZKkRNzZi8bgl3fE1yz5R7LW6uAd2PU6+fwrkY
itI2aTBsH0LtZNplwHY+zxvA+s2GAo00idWB6BAuCLfNOVlSc4ctpVN/1eYtVGaW
rrin6RFHFaZOKqGlJ3I8Mmmf+o4BlNCs1jiuoUGmiBm6nMTF7hKmnigpFQ1WmTUU
eJThZ2L7XPAYZ20SYIopZEzSMcSWyOpgCVVE+9V6PtIaKvH+eG2Q/uV+ewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNQhalk0weLHlMa2PUaTmVbNLYoIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMUNGcVdUVEI0c2VVeHJZOVJwT1pWczB0aWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxtg
MA0GCSqGSIb3DQEBCwUAA4IBAQAlJjeYmRDhWLBTvFGsEJKTIQol3+5rGkoPp/rz
jdemZo3HzpUCLYkzixd+Kw4taB0UBOneYQKqXrqfuc32hCwABws7iHhATW8IpF+V
attK4vp/Lr9vXjBhYD/bSsFeJVJWvarGu2AfWo04aINIMp7TkeIw9csyLaiYDWmX
yXYJkvCGz+C4ezp7x3o6A8Dc9nL4r70BKGvW3YjWMNhynY1bvvkh9VnZRN2QoR8R
Vqst7iItbgPXJY7NujRUgZKNYNuGKiqv8vuSdmLaAnsXfT3lqn6LzTb7u1b6vu5K
I9oU3CLcoWsFGMwxcNjBsbcxmG61odDbKbqauKOhy6tZ69jE
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:29 2024 by rpki-client on console-fra.rpki-client.org