Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa
File: 3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa (raw, json)
Hash identifier: tc+HynnWEOvfc1wLYnxD69a8640jTJcWUYi0QWScb0Y=
Subject key identifier: DC:D9:B5:84:72:BD:BB:27:8A:22:B2:10:B6:C5:EA:01:C6:21:0D:91
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01861FFD2A148129CCB39F391355F5A21A42
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa
Signing time: Sun 05 Feb 2023 05:12:10 +0000
ROA not before: Sun 05 Feb 2023 05:12:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208690
IP address blocks: 2a0e:97c0:6d0::/44 maxlen: 48
2a0e:b107:1770::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1f:fd:2a:14:81:29:cc:b3:9f:39:13:55:f5:a2:1a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 5 05:12:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcd9b58472bdbb278a22b210b6c5ea01c6210d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b4:44:cd:23:dc:96:b1:be:a0:6e:d7:11:dc:
ca:56:7f:07:dc:9e:fc:ba:26:a6:f3:9c:49:90:a4:
da:3d:eb:30:da:1a:3f:81:58:63:35:fa:9d:8c:ed:
d3:5a:e2:69:38:97:6b:7d:f5:43:81:e5:8a:46:a8:
28:0b:e3:04:d1:db:10:fe:73:2e:f0:62:87:a2:ed:
8f:e1:42:e5:65:a5:48:2c:b3:5d:f5:c8:8b:09:89:
0a:48:43:8c:40:99:2d:d0:cf:39:b6:a4:74:50:80:
f6:af:15:1a:a7:17:fa:cc:a8:cc:19:d3:e6:02:72:
17:86:0d:db:a6:19:1f:6e:99:7f:12:17:cb:fa:0c:
14:dd:45:40:b2:de:f9:69:3d:6c:44:15:a3:81:80:
9e:8f:b6:77:ca:a1:76:a0:50:e2:c3:d7:6d:5a:e5:
0c:a7:b3:62:c5:dc:ef:4d:4d:f9:bf:a2:0d:3c:4b:
f7:77:cf:7f:c6:82:93:1d:22:7d:db:b8:56:29:ce:
10:41:14:4b:c9:36:55:13:83:4d:01:21:98:78:f0:
7f:f7:27:aa:a5:21:60:ee:23:80:a9:cd:e2:54:fc:
c5:0f:18:f7:e7:e4:9a:59:74:c9:db:b2:1b:0b:7e:
b2:05:86:7d:3a:d6:c2:41:e5:c1:1b:16:2c:09:83:
b3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D9:B5:84:72:BD:BB:27:8A:22:B2:10:B6:C5:EA:01:C6:21:0D:91
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3Nm1hHK9uyeKIrIQtsXqAcYhDZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6d0::/44
2a0e:b107:1770::/44
Signature Algorithm: sha256WithRSAEncryption
8a:ce:5a:2e:48:89:d1:8b:b2:32:41:16:7a:84:39:5a:97:df:
48:44:4f:73:f6:57:79:e5:17:e9:bb:5f:c8:bb:cb:85:e0:ed:
2e:24:5c:db:55:ac:78:6d:60:1d:ac:28:34:9b:ae:f6:83:cd:
28:c4:88:c5:87:94:72:dd:f0:21:13:e4:84:c7:08:7e:3e:4f:
6d:87:ac:85:60:8d:73:51:e7:b6:dd:15:28:9d:2a:ae:b5:5a:
d7:13:78:e3:1b:71:cd:9e:34:26:08:ee:c9:fb:5a:d3:e8:b7:
52:1d:44:f3:e1:d9:f1:66:af:d5:e9:55:47:d5:42:15:53:45:
45:d5:17:bf:bb:00:60:ae:22:c6:ad:84:a5:af:13:54:22:1c:
15:fb:2b:c1:44:1f:0f:ad:13:d2:2d:52:a7:83:9e:6d:e4:1b:
0a:0c:a4:be:d2:21:39:82:2b:bb:f9:2d:d8:56:48:32:78:b1:
45:51:be:5b:4f:1b:96:fe:2d:13:fb:ae:1d:12:9e:38:fe:40:
50:17:c6:f3:87:1d:5a:43:a5:93:56:f8:81:0d:da:62:ae:e6:
85:8d:8f:20:fb:d9:aa:ea:a8:9d:58:b3:d4:6a:c0:04:32:78:
3a:52:78:e3:b6:1e:fe:67:d9:9c:11:10:54:c6:b0:22:dc:9c:
68:3a:20:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYf/SoUgSnMs585E1X1ohpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA1MDUxMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Q5YjU4NDcyYmRiYjI3OGEyMmIyMTBiNmM1ZWEwMWM2MjEwZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrREzSPclrG+oG7XEdzKVn8H3J78
uiam85xJkKTaPesw2ho/gVhjNfqdjO3TWuJpOJdrffVDgeWKRqgoC+ME0dsQ/nMu
8GKHou2P4ULlZaVILLNd9ciLCYkKSEOMQJkt0M85tqR0UID2rxUapxf6zKjMGdPm
AnIXhg3bphkfbpl/EhfL+gwU3UVAst75aT1sRBWjgYCej7Z3yqF2oFDiw9dtWuUM
p7NixdzvTU35v6INPEv3d89/xoKTHSJ927hWKc4QQRRLyTZVE4NNASGYePB/9yeq
pSFg7iOAqc3iVPzFDxj35+SaWXTJ27IbC36yBYZ9OtbCQeXBGxYsCYOzXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNzZtYRyvbsniiKyELbF6gHGIQ2RMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM05tMWhISzl1eWVLSXJJUXRzWHFBY1loRFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAbQ
AwcEKg6xBxdwMA0GCSqGSIb3DQEBCwUAA4IBAQCKzlouSInRi7IyQRZ6hDlal99I
RE9z9ld55Rfpu1/Iu8uF4O0uJFzbVax4bWAdrCg0m672g80oxIjFh5Ry3fAhE+SE
xwh+Pk9th6yFYI1zUee23RUonSqutVrXE3jjG3HNnjQmCO7J+1rT6LdSHUTz4dnx
Zq/V6VVH1UIVU0VF1Re/uwBgriLGrYSlrxNUIhwV+yvBRB8PrRPSLVKng55t5BsK
DKS+0iE5giu7+S3YVkgyeLFFUb5bTxuW/i0T+64dEp44/kBQF8bzhx1aQ6WTVviB
DdpiruaFjY8g+9mq6qidWLPUasAEMng6Unjjth7+Z9mcERBUxrAi3JxoOiD7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org