Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2z88m2q7GniMmixFlaWWytgLhe8.roa
File: 2z88m2q7GniMmixFlaWWytgLhe8.roa (raw, json)
Hash identifier: AlJqr4mrX1K/G0xzV2Vp5NQW47eSMUrVFoFNS/CpIl4=
Subject key identifier: DB:3F:3C:9B:6A:BB:1A:78:8C:9A:2C:45:95:A5:96:CA:D8:0B:85:EF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186A0F9CB8C8B77FE57A23410AB1AAB3BF0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2z88m2q7GniMmixFlaWWytgLhe8.roa
Signing time: Thu 02 Mar 2023 06:19:30 +0000
ROA not before: Thu 02 Mar 2023 06:19:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:f9:cb:8c:8b:77:fe:57:a2:34:10:ab:1a:ab:3b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 2 06:19:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db3f3c9b6abb1a788c9a2c4595a596cad80b85ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ee:c5:26:c5:51:98:82:ec:51:d1:76:4b:72:
24:d1:c8:c8:d4:9e:7a:44:b2:e2:14:c8:d3:d7:51:
78:59:0c:b2:82:77:22:01:a6:c5:4b:d4:67:68:4a:
86:60:e2:75:bf:40:76:54:a3:a9:b0:1d:b9:0c:28:
e9:d8:fd:b0:7c:84:ef:44:ed:e4:68:85:98:4d:05:
95:5f:a7:05:0c:9e:9f:cb:72:f0:45:f1:21:95:d1:
4c:40:ad:25:de:e5:8c:16:fa:41:db:fa:a2:2d:c0:
21:c0:91:47:21:bb:c0:61:4d:03:e1:ae:2b:7e:7f:
31:83:42:ad:b0:d2:d4:f2:9b:76:47:0f:33:f4:05:
2e:a0:3a:54:cf:f0:f8:45:7f:7a:e9:78:53:df:53:
b8:18:16:77:17:5a:c3:44:40:29:06:af:01:4e:1f:
dc:4b:9b:c1:f8:c4:92:7f:2d:b7:fd:2f:53:3c:31:
f6:07:5d:39:d7:98:6d:4c:5f:8f:5f:96:ea:53:d5:
a2:f2:0a:c8:d5:c2:b9:1f:93:54:7d:16:eb:b3:32:
7c:2a:c9:59:17:e3:16:8c:00:fc:b7:27:1a:55:82:
84:10:61:6b:19:e6:cf:9d:a1:64:19:bc:56:a8:77:
39:5f:b7:12:40:ba:ee:0b:b2:71:f6:a2:1b:ab:58:
e6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3F:3C:9B:6A:BB:1A:78:8C:9A:2C:45:95:A5:96:CA:D8:0B:85:EF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2z88m2q7GniMmixFlaWWytgLhe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
33:f2:ab:ae:1f:fc:f3:64:32:d1:b5:0b:53:3a:f3:5a:ad:55:
3f:99:57:03:c3:f1:ec:95:8e:e4:b8:f9:77:9b:f5:0c:22:9c:
ee:6b:f3:ac:0c:fb:7d:e4:ba:32:0c:dd:80:57:34:3b:de:3b:
0e:f4:33:24:f3:66:79:85:32:85:67:f5:25:12:90:3f:ac:ac:
a2:17:18:17:81:af:1c:a9:78:6f:2b:54:c5:83:b6:71:98:a5:
90:64:32:36:90:f2:1d:34:18:51:63:b7:65:37:32:cd:6b:1c:
76:a8:8b:e8:d8:39:96:af:f1:45:60:d8:5e:07:82:68:19:42:
09:bf:f5:f3:f2:0d:ce:b0:10:6d:43:26:01:c9:59:c4:b0:65:
8c:3e:d9:e8:2a:9d:9d:b5:f3:b6:3b:b0:72:20:29:19:b7:ee:
1d:80:30:0f:ba:8e:aa:1b:cf:f4:f1:34:1f:92:43:6e:7e:41:
e3:db:e1:6f:57:c6:3c:5c:c5:d2:e5:4a:67:83:87:bf:e8:43:
85:68:41:f2:a4:1f:40:1b:f1:72:dc:8b:d4:a2:54:50:fd:59:
2e:f8:43:16:c8:fb:4d:d2:46:9c:5a:8b:9f:57:e4:84:1d:85:
3f:c7:fa:59:f5:7c:e2:89:a0:9f:b7:15:7e:e7:fd:d9:42:ce:
e9:92:c1:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYag+cuMi3f+V6I0EKsaqzvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAyMDYxOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNmM2M5YjZhYmIxYTc4OGM5YTJjNDU5NWE1OTZjYWQ4MGI4NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+7FJsVRmILsUdF2S3Ik0cjI1J56
RLLiFMjT11F4WQyygnciAabFS9RnaEqGYOJ1v0B2VKOpsB25DCjp2P2wfITvRO3k
aIWYTQWVX6cFDJ6fy3LwRfEhldFMQK0l3uWMFvpB2/qiLcAhwJFHIbvAYU0D4a4r
fn8xg0KtsNLU8pt2Rw8z9AUuoDpUz/D4RX966XhT31O4GBZ3F1rDREApBq8BTh/c
S5vB+MSSfy23/S9TPDH2B10515htTF+PX5bqU9Wi8grI1cK5H5NUfRbrszJ8KslZ
F+MWjAD8tycaVYKEEGFrGebPnaFkGbxWqHc5X7cSQLruC7Jx9qIbq1jm9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNs/PJtquxp4jJosRZWllsrYC4XvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMno4OG0ycTdHbmlNbWl4RmxhV1d5dGdMaGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAvA
MA0GCSqGSIb3DQEBCwUAA4IBAQAz8quuH/zzZDLRtQtTOvNarVU/mVcDw/HslY7k
uPl3m/UMIpzua/OsDPt95LoyDN2AVzQ73jsO9DMk82Z5hTKFZ/UlEpA/rKyiFxgX
ga8cqXhvK1TFg7ZxmKWQZDI2kPIdNBhRY7dlNzLNaxx2qIvo2DmWr/FFYNheB4Jo
GUIJv/Xz8g3OsBBtQyYByVnEsGWMPtnoKp2dtfO2O7ByICkZt+4dgDAPuo6qG8/0
8TQfkkNufkHj2+FvV8Y8XMXS5Upng4e/6EOFaEHypB9AG/Fy3IvUolRQ/Vku+EMW
yPtN0kacWoufV+SEHYU/x/pZ9XziiaCftxV+5/3ZQs7pksHN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org