Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2xXMHlUJ1Sam8zJxwodLA6SHrTY.roa
File: 2xXMHlUJ1Sam8zJxwodLA6SHrTY.roa (raw, json)
Hash identifier: XnqD7lEM+1Q7CEy+2hGVC7U4cWHyhTrQ0pkFuMsdDcc=
Subject key identifier: DB:15:CC:1E:55:09:D5:26:A6:F3:32:71:C2:87:4B:03:A4:87:AD:36
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187E3156A755600412683F369A567079A8C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2xXMHlUJ1Sam8zJxwodLA6SHrTY.roa
Signing time: Wed 03 May 2023 19:27:24 +0000
ROA not before: Wed 03 May 2023 19:27:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212184
IP address blocks: 2a0e:b107:20b0::/48 maxlen: 48
2a10:2f00:192::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e3:15:6a:75:56:00:41:26:83:f3:69:a5:67:07:9a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 3 19:27:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db15cc1e5509d526a6f33271c2874b03a487ad36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6e:7b:a3:f2:8d:98:47:c0:fc:83:e3:8f:65:
2a:f0:8d:39:fb:22:b5:61:a0:88:ee:dd:17:b7:b3:
12:20:61:37:78:80:92:0e:10:17:3e:82:50:29:5c:
62:51:55:94:70:d4:4f:45:e1:5e:13:9c:c6:ef:ff:
14:5c:86:f9:6a:8b:ea:68:a5:91:82:4b:b2:b4:10:
58:d6:9f:5e:35:f4:f5:94:df:12:04:59:4c:1e:11:
ed:f5:a7:7c:56:2f:2c:83:f5:29:aa:5f:a8:f1:ed:
d8:bc:89:46:8d:06:86:de:a7:9d:3d:5b:e2:3f:f6:
a1:9f:b5:24:b9:6e:eb:16:1a:3a:58:48:80:de:d4:
90:ce:d1:e3:40:60:4e:47:e9:23:6e:87:24:c4:91:
92:0b:13:41:7d:17:47:3f:b7:e0:dd:01:c2:89:79:
a8:58:79:e7:90:0e:af:f3:36:7f:4d:52:e3:3c:61:
4c:e0:73:c4:c0:09:a3:d3:cc:a2:70:fb:96:f1:b8:
ef:a0:bf:a1:5a:1a:19:70:a4:ee:ae:dc:58:70:02:
02:6a:a4:52:8e:02:e7:a1:49:8b:f2:7a:2d:1e:6d:
9f:89:7d:9b:5e:89:76:ef:75:21:6b:0b:ad:84:7d:
10:15:54:d2:47:e1:98:77:ea:26:14:45:7c:ff:83:
e5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:15:CC:1E:55:09:D5:26:A6:F3:32:71:C2:87:4B:03:A4:87:AD:36
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2xXMHlUJ1Sam8zJxwodLA6SHrTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:20b0::/48
2a10:2f00:192::/48
Signature Algorithm: sha256WithRSAEncryption
b8:14:29:58:25:81:40:83:73:1f:30:02:a7:8b:e8:e6:99:97:
c4:fb:4e:50:6f:56:a9:f6:38:96:4f:74:b6:f2:05:4d:0d:5f:
4d:bb:8d:f3:f9:6b:c5:28:ea:c0:ed:53:3d:05:d3:1e:62:58:
ef:10:c3:22:12:c6:d4:15:f1:e8:df:e8:08:93:91:04:fb:f1:
fb:af:02:aa:01:9b:a1:a0:6b:27:25:ad:15:b7:b0:7a:ed:a3:
57:ff:d9:16:7d:ab:98:df:72:f0:b0:80:ef:80:85:bd:e1:d4:
24:2b:0d:26:8d:7b:47:73:4b:52:d5:4a:7b:f4:66:cd:98:3e:
d5:3a:02:a5:af:55:63:aa:03:30:43:59:4e:11:8e:93:c7:c0:
02:69:04:0a:da:4f:05:14:18:21:44:2b:35:42:e8:bf:c7:06:
df:35:d2:b8:c9:1b:19:e3:47:2f:ab:7f:df:3f:9a:ab:79:76:
22:1a:4e:38:03:8c:88:96:19:a8:7c:f6:38:9d:7e:61:e7:13:
c5:ef:03:96:42:e1:dd:86:14:79:7b:e8:98:1b:c1:16:64:db:
be:ac:a8:84:66:39:ec:b3:20:51:65:d3:92:b2:c7:85:87:84:
b2:16:00:9b:f6:ae:44:03:d7:77:0e:1a:21:ab:49:7a:3c:23:
f3:12:2a:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfjFWp1VgBBJoPzaaVnB5qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAzMTkyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE1Y2MxZTU1MDlkNTI2YTZmMzMyNzFjMjg3NGIwM2E0ODdhZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG57o/KNmEfA/IPjj2Uq8I05+yK1
YaCI7t0Xt7MSIGE3eICSDhAXPoJQKVxiUVWUcNRPReFeE5zG7/8UXIb5aovqaKWR
gkuytBBY1p9eNfT1lN8SBFlMHhHt9ad8Vi8sg/Upql+o8e3YvIlGjQaG3qedPVvi
P/ahn7UkuW7rFho6WEiA3tSQztHjQGBOR+kjbockxJGSCxNBfRdHP7fg3QHCiXmo
WHnnkA6v8zZ/TVLjPGFM4HPEwAmj08yicPuW8bjvoL+hWhoZcKTurtxYcAICaqRS
jgLnoUmL8notHm2fiX2bXol273UhawuthH0QFVTSR+GYd+omFEV8/4PlwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsVzB5VCdUmpvMyccKHSwOkh602MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMnhYTUhsVUoxU2FtOHpKeHdvZExBNlNIclRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xByCw
AwcAKhAvAAGSMA0GCSqGSIb3DQEBCwUAA4IBAQC4FClYJYFAg3MfMAKni+jmmZfE
+05Qb1ap9jiWT3S28gVNDV9Nu43z+WvFKOrA7VM9BdMeYljvEMMiEsbUFfHo3+gI
k5EE+/H7rwKqAZuhoGsnJa0Vt7B67aNX/9kWfauY33LwsIDvgIW94dQkKw0mjXtH
c0tS1Up79GbNmD7VOgKlr1VjqgMwQ1lOEY6Tx8ACaQQK2k8FFBghRCs1Qui/xwbf
NdK4yRsZ40cvq3/fP5qreXYiGk44A4yIlhmofPY4nX5h5xPF7wOWQuHdhhR5e+iY
G8EWZNu+rKiEZjnssyBRZdOSsseFh4SyFgCb9q5EA9d3Dhohq0l6PCPzEioK
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:48 2024 by rpki-client on console-ams.rpki-client.org