Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2OiZtv0M5sZv5PnQM18OYh6i1q8.roa
File: 2OiZtv0M5sZv5PnQM18OYh6i1q8.roa (raw, json)
Hash identifier: wVUzu8XREN3eMdCS+DquA0PO4m8r1WZzfpuvLry2fXE=
Subject key identifier: D8:E8:99:B6:FD:0C:E6:C6:6F:E4:F9:D0:33:5F:0E:62:1E:A2:D6:AF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188D87462199C017D220FDA2FD7AD1261DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2OiZtv0M5sZv5PnQM18OYh6i1q8.roa
Signing time: Tue 20 Jun 2023 10:58:05 +0000
ROA not before: Tue 20 Jun 2023 10:58:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198071
IP address blocks: 2a0e:97c0:cf0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:74:62:19:9c:01:7d:22:0f:da:2f:d7:ad:12:61:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 20 10:58:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8e899b6fd0ce6c66fe4f9d0335f0e621ea2d6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:f6:b1:31:ed:b5:75:12:18:60:ba:60:20:
e7:e1:8b:55:86:ed:ae:5c:ba:78:55:cd:bd:38:ac:
16:c9:6f:5d:65:d0:5c:b3:67:2d:d8:2e:b4:fa:ef:
c9:ef:29:80:ee:80:29:ba:29:68:55:5e:7e:76:97:
eb:95:59:bb:78:75:4e:af:18:62:ff:0b:ce:c1:5e:
f5:e2:23:a4:ef:4d:05:6d:96:ad:ac:15:e8:1a:da:
fa:2a:88:71:d0:8d:0e:42:02:91:17:d1:22:61:f5:
52:31:8e:09:02:a3:de:d3:eb:41:0e:41:67:31:cd:
eb:9d:e7:12:c3:7f:cc:75:9f:da:d9:50:7b:4f:2a:
b7:32:38:ce:f0:81:bb:69:19:55:2b:54:a0:7c:eb:
ed:2e:46:a8:ae:a6:61:99:b5:5d:82:98:67:ce:8b:
45:e2:36:7b:cb:cb:28:bd:cb:28:0c:10:8b:ec:ea:
08:57:ae:e5:4e:a2:a6:1e:64:ed:be:88:d4:d7:2d:
29:4a:f7:25:1f:14:bf:6c:40:0e:c7:42:90:00:58:
26:ca:36:37:d3:5f:9e:1d:bd:93:2b:56:e5:b5:9f:
ea:fe:90:f5:a0:ef:16:37:aa:b3:f8:73:71:50:d1:
a4:cd:f4:1c:1a:7a:a4:30:f0:5b:59:2e:d9:71:ea:
76:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E8:99:B6:FD:0C:E6:C6:6F:E4:F9:D0:33:5F:0E:62:1E:A2:D6:AF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2OiZtv0M5sZv5PnQM18OYh6i1q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:cf0::/44
Signature Algorithm: sha256WithRSAEncryption
5d:2b:ad:9b:a4:12:29:e5:1b:b4:7f:fc:66:6b:7a:2e:2d:81:
b5:d5:1a:f4:9d:5a:be:af:e4:39:c0:73:7f:d4:0a:fa:2d:5e:
4d:3a:31:d1:36:38:c8:9a:09:17:d5:ba:c5:2a:9b:83:b4:e3:
8d:e0:6d:92:7c:c1:82:df:41:4a:b7:d8:51:b7:de:83:b7:68:
88:c9:88:1b:aa:db:3f:b1:81:fc:bf:8b:86:61:39:d1:24:df:
54:72:d6:19:79:3f:12:e8:f8:e9:35:b9:90:ea:5c:b6:d0:be:
27:3a:0b:df:ab:f2:10:33:69:86:3c:92:0b:6e:fc:bf:99:6a:
66:7c:bc:fa:2f:06:a3:e3:27:a6:3e:0f:38:d8:85:fa:90:e2:
fd:b7:b6:21:9b:e9:8a:39:8e:7a:3c:31:3c:44:6d:26:ea:df:
0e:bc:29:8f:9d:a3:80:38:f5:84:f0:a3:c6:2b:a3:a1:50:9e:
c0:1b:df:bc:73:17:b6:2d:8f:88:7f:cc:27:9e:22:02:23:e4:
90:d4:61:6e:28:d3:0a:7d:2f:fe:8e:cb:56:48:e8:33:7a:bc:
e2:a4:94:bf:ff:aa:0e:71:a7:2c:1c:84:8c:ef:77:e2:d5:68:
4f:b5:7c:3a:f0:3a:e2:7c:05:c8:9c:f2:94:88:c2:be:ef:78:
a7:ba:8a:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYjYdGIZnAF9Ig/aL9etEmHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjIwMTA1ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU4OTliNmZkMGNlNmM2NmZlNGY5ZDAzMzVmMGU2MjFlYTJkNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsP2sTHttXUSGGC6YCDn4YtVhu2u
XLp4Vc29OKwWyW9dZdBcs2ct2C60+u/J7ymA7oApuiloVV5+dpfrlVm7eHVOrxhi
/wvOwV714iOk700FbZatrBXoGtr6Kohx0I0OQgKRF9EiYfVSMY4JAqPe0+tBDkFn
Mc3rnecSw3/MdZ/a2VB7Tyq3MjjO8IG7aRlVK1SgfOvtLkaorqZhmbVdgphnzotF
4jZ7y8sovcsoDBCL7OoIV67lTqKmHmTtvojU1y0pSvclHxS/bEAOx0KQAFgmyjY3
01+eHb2TK1bltZ/q/pD1oO8WN6qz+HNxUNGkzfQcGnqkMPBbWS7Zcep2+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNjombb9DObGb+T50DNfDmIeotavMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMk9pWnR2ME01c1p2NVBuUU0xOE9ZaDZpMXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAzw
MA0GCSqGSIb3DQEBCwUAA4IBAQBdK62bpBIp5Ru0f/xma3ouLYG11Rr0nVq+r+Q5
wHN/1Ar6LV5NOjHRNjjImgkX1brFKpuDtOON4G2SfMGC30FKt9hRt96Dt2iIyYgb
qts/sYH8v4uGYTnRJN9UctYZeT8S6PjpNbmQ6ly20L4nOgvfq/IQM2mGPJILbvy/
mWpmfLz6Lwaj4yemPg842IX6kOL9t7Yhm+mKOY56PDE8RG0m6t8OvCmPnaOAOPWE
8KPGK6OhUJ7AG9+8cxe2LY+If8wnniICI+SQ1GFuKNMKfS/+jstWSOgzerzipJS/
/6oOcacsHISM73fi1WhPtXw68DrifAXInPKUiMK+73inuopN
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:48 2024 by rpki-client on console-ams.rpki-client.org