Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDJ-S4mtXaaPxYImhFVSdzMVvg.roa
File: 1iDJ-S4mtXaaPxYImhFVSdzMVvg.roa (raw, json)
Hash identifier: 17Cgqi4cj0H/IuiSqGDjSVaMBXqgMNVPDP3F/j5wpns=
Subject key identifier: D6:20:C9:F9:2E:26:B5:76:9A:3F:16:08:9A:11:55:49:DC:CC:56:F8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BD8F2A2246E81430D27AB851B2A58AB04
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDJ-S4mtXaaPxYImhFVSdzMVvg.roa
Signing time: Thu 16 Nov 2023 16:24:21 +0000
ROA not before: Thu 16 Nov 2023 16:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207252
IP address blocks: 2a10:cc40:270::/44 maxlen: 48
2a10:cc40:270::/48 maxlen: 48
2a06:de00:400::/38 maxlen: 48
2a06:de00:400::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:f2:a2:24:6e:81:43:0d:27:ab:85:1b:2a:58:ab:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 16 16:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d620c9f92e26b5769a3f16089a115549dccc56f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0b:d2:9f:5f:44:bf:6f:e2:db:8e:6f:1b:07:
9c:87:be:12:72:09:33:84:96:91:7d:4a:2c:2d:17:
60:18:d3:7a:d9:52:a0:a2:7f:d6:1d:a8:4e:8a:58:
25:59:4d:9f:78:ed:a1:7a:3b:d8:9f:6b:29:4f:1e:
f2:53:87:37:1f:05:b3:da:f3:c0:5f:d0:f2:4a:af:
0f:b4:74:b1:93:ce:be:f8:a6:ff:a9:94:c2:45:e7:
54:6f:ba:2b:fe:cf:2d:b4:32:c7:5b:c6:6d:49:10:
df:12:d0:43:14:68:e1:63:a2:32:32:2a:d3:bc:27:
48:fd:3d:45:90:c8:47:7a:bb:19:1c:86:99:2b:89:
0d:53:ba:1f:58:96:0b:4c:f7:60:6f:c8:ac:a3:cd:
b5:2e:22:f1:3f:94:bc:1d:f5:ab:2e:46:20:e6:33:
4c:ba:14:64:f4:39:f6:aa:9f:0f:25:89:e2:83:c2:
8e:c2:d1:8c:87:26:1a:66:0e:05:50:a1:bb:0b:f0:
97:d5:9d:2f:40:d2:95:51:f7:de:3e:aa:9c:95:42:
89:4a:52:2a:05:5e:ae:88:f5:ec:4b:d6:85:8e:da:
29:d0:59:6e:f0:f2:47:f8:ed:a6:e8:83:d9:79:e0:
e1:c3:c2:36:91:56:60:35:0d:33:5c:92:cc:f7:87:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:20:C9:F9:2E:26:B5:76:9A:3F:16:08:9A:11:55:49:DC:CC:56:F8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1iDJ-S4mtXaaPxYImhFVSdzMVvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:400::/38
2a10:cc40:270::/44
Signature Algorithm: sha256WithRSAEncryption
90:b1:d0:57:37:26:5a:f5:86:fa:21:52:2b:8d:96:08:34:c4:
cb:c0:69:94:1f:9c:94:bc:b3:1a:e0:5b:88:60:bf:41:dd:b2:
ed:9f:f4:65:0a:82:58:f9:68:3e:82:91:8b:8a:d5:d7:dd:29:
a6:bc:5c:39:aa:a3:6f:ce:88:82:ea:64:b4:de:4f:15:af:c8:
c2:3a:cb:cd:a2:4c:52:59:07:02:1a:c1:78:3c:48:6d:7d:11:
1b:19:3a:45:2f:d1:d3:0a:05:44:dd:47:f1:a0:ff:d0:07:15:
e6:19:40:f5:8d:73:5e:16:14:13:cd:d9:e2:ad:38:e0:41:be:
b1:d2:62:e7:34:23:54:fe:e5:21:00:27:2a:48:b6:c6:74:35:
dc:f1:f2:8a:ca:e0:c3:bc:24:3a:73:b1:a8:16:6a:63:71:13:
35:b3:bf:2a:a7:b3:b1:15:41:f0:aa:0c:01:76:0f:cd:cf:52:
1d:14:6e:be:31:6f:9e:5a:85:c4:81:c7:62:68:90:a5:e6:f5:
cc:b3:6e:b4:4c:aa:43:11:17:17:b1:04:76:8f:31:b9:04:50:
23:c6:c3:f4:a9:5d:b0:69:0c:f0:2b:7c:4b:59:17:1f:29:c9:
23:10:3d:50:0e:65:50:4c:a8:85:d3:1e:9f:0f:c4:da:2e:4a:
c5:9f:40:58
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYvY8qIkboFDDSerhRsqWKsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE2MTYyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjIwYzlmOTJlMjZiNTc2OWEzZjE2MDg5YTExNTU0OWRjY2M1NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQvSn19Ev2/i245vGwech74Scgkz
hJaRfUosLRdgGNN62VKgon/WHahOilglWU2feO2hejvYn2spTx7yU4c3HwWz2vPA
X9DySq8PtHSxk86++Kb/qZTCRedUb7or/s8ttDLHW8ZtSRDfEtBDFGjhY6IyMirT
vCdI/T1FkMhHersZHIaZK4kNU7ofWJYLTPdgb8iso821LiLxP5S8HfWrLkYg5jNM
uhRk9Dn2qp8PJYnig8KOwtGMhyYaZg4FUKG7C/CX1Z0vQNKVUffePqqclUKJSlIq
BV6uiPXsS9aFjtop0Flu8PJH+O2m6IPZeeDhw8I2kVZgNQ0zXJLM94dkXwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFNYgyfkuJrV2mj8WCJoRVUnczFb4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMWlESi1TNG10WGFhUHhZSW1oRlZTZHpNVnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYCKgbeAAQD
BwQqEMxAAnAwDQYJKoZIhvcNAQELBQADggEBAJCx0Fc3Jlr1hvohUiuNlgg0xMvA
aZQfnJS8sxrgW4hgv0Hdsu2f9GUKglj5aD6CkYuK1dfdKaa8XDmqo2/OiILqZLTe
TxWvyMI6y82iTFJZBwIawXg8SG19ERsZOkUv0dMKBUTdR/Gg/9AHFeYZQPWNc14W
FBPN2eKtOOBBvrHSYuc0I1T+5SEAJypItsZ0Ndzx8orK4MO8JDpzsagWamNxEzWz
vyqns7EVQfCqDAF2D83PUh0Ubr4xb55ahcSBx2JokKXm9cyzbrRMqkMRFxexBHaP
MbkEUCPGw/SpXbBpDPArfEtZFx8pySMQPVAOZVBMqIXTHp8PxNouSsWfQFg=
-----END CERTIFICATE-----
Generated at Wed Dec 13 19:12:22 2023 by rpki-client on console-ams.rpki-client.org