Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2tI3kdHRrGl9tFlQbpl9_qZbw5U.roa
File: 2tI3kdHRrGl9tFlQbpl9_qZbw5U.roa (raw, json)
Hash identifier: 7tPjGhXvkzbvPlOTtlqkwoxje0w8ruNtKwEwesN1QRI=
Subject key identifier: DA:D2:37:91:D1:D1:AC:69:7D:B4:59:50:6E:99:7D:FE:A6:5B:C3:95
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7B81F652FA85CE598E2EF1A256633
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2tI3kdHRrGl9tFlQbpl9_qZbw5U.roa
Signing time: Mon 02 Jan 2023 05:15:12 +0000
ROA not before: Mon 02 Jan 2023 05:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b75::/48 maxlen: 48
2a0e:97c0:b70::/44 maxlen: 48
2a0e:97c0:b70::/48 maxlen: 48
2a0e:97c0:b73::/48 maxlen: 48
2a0e:97c1:100::/44 maxlen: 48
2a0e:97c0:b71::/48 maxlen: 48
2a0e:97c0:b74::/48 maxlen: 48
2a0e:97c0:b72::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:b8:1f:65:2f:a8:5c:e5:98:e2:ef:1a:25:66:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dad23791d1d1ac697db459506e997dfea65bc395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:dc:f3:c8:2e:c6:81:bd:9b:59:ce:3e:12:5a:
e7:3e:0b:4a:ef:7d:ab:05:5e:3f:c6:82:08:22:2f:
3c:f3:73:3e:cb:c8:21:e7:de:81:1b:38:0c:b8:51:
3b:6e:8c:3e:74:1d:94:e1:21:c5:70:3a:3d:5c:9b:
c7:73:e0:0b:3c:c1:42:c0:55:66:18:e2:48:80:c1:
dd:89:1e:80:56:28:44:0d:67:bb:a8:df:00:2e:4b:
e5:e0:62:07:ae:03:d8:81:70:e9:2d:86:81:ef:93:
ee:8b:96:20:14:c8:4d:33:05:32:65:5f:da:ac:a6:
83:5b:e3:d8:37:83:71:25:fc:5b:c6:14:82:80:46:
d7:71:42:9b:5e:81:7d:4a:be:9c:25:ad:f6:94:69:
e0:3e:7f:7d:20:ba:3e:9b:65:1f:fa:1f:59:6c:f6:
48:a9:9f:62:72:ca:da:f2:42:55:da:94:02:f8:02:
fd:b5:d1:94:4c:ea:5b:0d:9d:c5:2e:5b:9a:aa:97:
b0:21:1a:6d:d1:75:69:d5:2e:39:07:9f:9f:15:c5:
f2:51:e4:cc:15:52:dc:c0:3e:32:f9:f9:74:b0:38:
fb:ee:65:d8:34:fc:6a:d3:95:a1:24:ab:89:59:23:
5f:8e:ca:01:ee:94:80:c5:d6:4d:73:f9:f4:5c:22:
e1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D2:37:91:D1:D1:AC:69:7D:B4:59:50:6E:99:7D:FE:A6:5B:C3:95
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2tI3kdHRrGl9tFlQbpl9_qZbw5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/44
2a0e:97c1:100::/44
Signature Algorithm: sha256WithRSAEncryption
12:81:89:8d:b8:72:f7:16:a6:ae:b1:3e:e6:f9:79:28:82:11:
56:cf:e0:d2:0d:bc:b8:0e:6e:2b:12:5d:a3:00:3b:2b:ce:03:
34:a5:f6:bf:c8:5c:5a:be:c1:48:f9:c4:e3:80:4e:25:20:da:
ae:0f:08:f8:3e:62:7f:77:51:c6:95:cc:f9:96:d7:b0:80:00:
ec:52:2e:00:bf:12:d1:96:9b:74:ec:37:09:ba:8c:bc:83:07:
fe:46:11:6d:7f:26:69:9a:43:15:c1:65:88:18:75:f3:3f:5c:
10:b9:8e:8e:5e:68:f8:a5:95:72:d7:b6:f2:77:66:00:6c:42:
18:56:4c:31:73:b2:fc:52:67:58:61:1f:42:e5:8f:f5:e0:74:
99:fc:b6:c3:70:a3:c4:76:c9:73:ae:36:e4:6f:fb:71:72:14:
72:9c:68:45:a1:c9:79:d0:11:db:2d:54:bf:dd:ee:69:b4:a5:
18:18:05:4b:77:ce:61:fa:95:6d:9c:f3:f9:00:31:6f:d8:6f:
b3:b4:63:0a:92:37:a3:42:64:3b:e4:a4:57:e9:35:d7:f3:af:
c3:c9:bf:a2:ee:23:6c:f7:f9:c2:e6:bc:a6:fe:cc:c4:c0:8a:
42:1a:44:16:44:5a:52:37:08:ae:43:5f:7e:96:fa:41:db:be:
c2:6d:f1:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw57gfZS+oXOWY4u8aJWYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQyMzc5MWQxZDFhYzY5N2RiNDU5NTA2ZTk5N2RmZWE2NWJjMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdzzyC7Ggb2bWc4+ElrnPgtK732r
BV4/xoIIIi8883M+y8gh596BGzgMuFE7bow+dB2U4SHFcDo9XJvHc+ALPMFCwFVm
GOJIgMHdiR6AVihEDWe7qN8ALkvl4GIHrgPYgXDpLYaB75Pui5YgFMhNMwUyZV/a
rKaDW+PYN4NxJfxbxhSCgEbXcUKbXoF9Sr6cJa32lGngPn99ILo+m2Uf+h9ZbPZI
qZ9icsra8kJV2pQC+AL9tdGUTOpbDZ3FLluaqpewIRpt0XVp1S45B5+fFcXyUeTM
FVLcwD4y+fl0sDj77mXYNPxq05WhJKuJWSNfjsoB7pSAxdZNc/n0XCLhIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNrSN5HR0axpfbRZUG6Zff6mW8OVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMnRJM2tkSFJyR2w5dEZsUWJwbDlfcVpidzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAtw
AwcEKg6XwQEAMA0GCSqGSIb3DQEBCwUAA4IBAQASgYmNuHL3FqausT7m+XkoghFW
z+DSDby4Dm4rEl2jADsrzgM0pfa/yFxavsFI+cTjgE4lINquDwj4PmJ/d1HGlcz5
ltewgADsUi4AvxLRlpt07DcJuoy8gwf+RhFtfyZpmkMVwWWIGHXzP1wQuY6OXmj4
pZVy17byd2YAbEIYVkwxc7L8UmdYYR9C5Y/14HSZ/LbDcKPEdslzrjbkb/txchRy
nGhFocl50BHbLVS/3e5ptKUYGAVLd85h+pVtnPP5ADFv2G+ztGMKkjejQmQ75KRX
6TXX86/Dyb+i7iNs9/nC5rym/szEwIpCGkQWRFpSNwiuQ19+lvpB277CbfGT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org