Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1brzQPOdzJdmCufZH_6abWymjy0.roa
File: 1brzQPOdzJdmCufZH_6abWymjy0.roa (raw, json)
Hash identifier: ELIm+G1Ky1gF8VjyttzfPoZCgFn3SZiYgwqEpPSnSYM=
Subject key identifier: D5:BA:F3:40:F3:9D:CC:97:66:0A:E7:D9:1F:FE:9A:6D:6C:A6:8F:2D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187BD9B40358CFD2633283E4B8D525FE796
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1brzQPOdzJdmCufZH_6abWymjy0.roa
Signing time: Wed 26 Apr 2023 12:48:00 +0000
ROA not before: Wed 26 Apr 2023 12:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208328
IP address blocks: 2a0e:97c0:640::/44 maxlen: 48
2a0e:97c0:642::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Apr 2023 19:19:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:9b:40:35:8c:fd:26:33:28:3e:4b:8d:52:5f:e7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 26 12:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5baf340f39dcc97660ae7d91ffe9a6d6ca68f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:57:2d:4d:37:a1:0b:66:33:70:fc:ad:25:
fd:03:b0:8f:24:82:37:fe:d1:71:f6:20:b6:8b:ec:
9e:6e:ad:2a:28:43:88:1f:7d:c5:8f:08:27:ad:6e:
af:58:05:b3:ec:d3:6a:12:fe:fe:df:12:68:de:0a:
ed:01:60:49:af:ac:4e:4e:2c:9b:ae:d3:2e:b1:5e:
57:12:89:5f:b5:61:60:20:ca:bb:84:97:14:d0:91:
00:9e:2e:f5:04:37:88:90:ba:29:21:76:04:8c:8c:
c6:28:b4:8b:67:1d:3a:3a:74:a5:91:54:70:63:2e:
20:a4:5a:c3:d8:27:d6:10:17:bc:7f:df:f2:3e:4d:
9b:58:38:ae:09:4d:f2:38:66:93:e8:e8:94:01:d2:
f6:cd:5a:0d:6c:13:fe:4c:a8:29:aa:35:55:4a:fd:
4f:7e:6b:6d:d2:67:6a:ad:de:e9:f5:c0:1e:d8:11:
b4:56:52:ca:50:fe:d3:78:51:df:78:86:80:62:30:
32:b5:61:a0:2c:ce:2d:32:ea:29:52:a8:df:75:c9:
85:4a:12:48:68:43:c6:42:58:20:43:c5:05:05:0d:
7d:33:c5:16:9a:73:bd:8f:4e:31:b6:ca:20:e1:8e:
cd:64:8d:8b:25:11:c8:3e:55:7e:a7:f2:da:ed:b8:
39:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BA:F3:40:F3:9D:CC:97:66:0A:E7:D9:1F:FE:9A:6D:6C:A6:8F:2D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1brzQPOdzJdmCufZH_6abWymjy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:640::/44
Signature Algorithm: sha256WithRSAEncryption
0d:02:19:34:0f:62:4d:a7:55:0d:f2:38:ce:ba:9f:af:e7:d6:
3e:26:4e:9d:11:2f:56:13:5e:4f:42:02:c8:a9:78:f2:05:a0:
09:ac:01:3a:2f:30:00:f3:32:55:26:9e:79:8e:9c:81:b3:e4:
71:dd:aa:66:05:e2:94:ef:bc:53:86:9d:ed:e2:a5:60:91:f1:
f8:a3:75:b1:89:51:10:0f:7f:b5:31:f7:50:20:40:64:5d:8f:
e8:0d:99:f7:a2:e6:a0:db:94:55:22:58:23:6f:61:8f:f6:a7:
b5:16:16:f7:d3:01:22:b8:e3:a6:07:0b:45:7e:cf:9a:fd:f5:
9a:6c:0d:2d:14:fe:4d:40:a8:2c:9a:61:e7:2e:f1:d9:d9:2d:
58:d7:6f:c5:f6:c4:5c:fa:ac:73:20:fd:20:6e:db:73:a0:b6:
6d:57:75:4b:8c:35:02:44:24:8f:98:9f:76:2a:8e:00:ec:02:
f7:0d:1d:f6:3f:6e:2c:ea:ec:49:e9:87:b9:f4:7b:69:91:67:
a8:fe:93:ea:97:f1:59:bb:66:2e:e6:8d:28:a8:10:99:4e:3d:
92:95:d5:39:f6:7e:10:ff:2f:02:ff:02:1e:50:a3:71:93:3a:
f4:7c:5d:ac:8f:93:b9:e9:2a:55:01:6e:f6:f4:0c:3a:91:96:
98:f0:33:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYe9m0A1jP0mMyg+S41SX+eWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI2MTI0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJhZjM0MGYzOWRjYzk3NjYwYWU3ZDkxZmZlOWE2ZDZjYTY4ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbpXLU03oQtmM3D8rSX9A7CPJII3
/tFx9iC2i+yebq0qKEOIH33FjwgnrW6vWAWz7NNqEv7+3xJo3grtAWBJr6xOTiyb
rtMusV5XEolftWFgIMq7hJcU0JEAni71BDeIkLopIXYEjIzGKLSLZx06OnSlkVRw
Yy4gpFrD2CfWEBe8f9/yPk2bWDiuCU3yOGaT6OiUAdL2zVoNbBP+TKgpqjVVSv1P
fmtt0mdqrd7p9cAe2BG0VlLKUP7TeFHfeIaAYjAytWGgLM4tMuopUqjfdcmFShJI
aEPGQlggQ8UFBQ19M8UWmnO9j04xtsog4Y7NZI2LJRHIPlV+p/La7bg5mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNW680DzncyXZgrn2R/+mm1spo8tMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMWJyelFQT2R6SmRtQ3VmWkhfNmFiV3ltankwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAZA
MA0GCSqGSIb3DQEBCwUAA4IBAQANAhk0D2JNp1UN8jjOup+v59Y+Jk6dES9WE15P
QgLIqXjyBaAJrAE6LzAA8zJVJp55jpyBs+Rx3apmBeKU77xThp3t4qVgkfH4o3Wx
iVEQD3+1MfdQIEBkXY/oDZn3ouag25RVIlgjb2GP9qe1Fhb30wEiuOOmBwtFfs+a
/fWabA0tFP5NQKgsmmHnLvHZ2S1Y12/F9sRc+qxzIP0gbttzoLZtV3VLjDUCRCSP
mJ92Ko4A7AL3DR32P24s6uxJ6Ye59HtpkWeo/pPql/FZu2Yu5o0oqBCZTj2SldU5
9n4Q/y8C/wIeUKNxkzr0fF2sj5O56SpVAW729Aw6kZaY8DMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:21 2024 by rpki-client on console-fra.rpki-client.org