Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qYoTHKS3mC3YgQx4MmifEoyVIA.roa
File: 3qYoTHKS3mC3YgQx4MmifEoyVIA.roa (raw, json)
Hash identifier: q1y4PGFX7KPWcssPXG4B3AeDXrRBLs1k3sjGpN52lAc=
Subject key identifier: DE:A6:28:4C:72:92:DE:60:B7:62:04:31:E0:C9:A2:7C:4A:32:54:80
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01863898E3A20624D4CFE77343859C898569
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qYoTHKS3mC3YgQx4MmifEoyVIA.roa
Signing time: Thu 09 Feb 2023 23:53:09 +0000
ROA not before: Thu 09 Feb 2023 23:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209669
IP address blocks: 2a10:cc40:150::/48 maxlen: 48
2a0e:97c0:a1f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:38:98:e3:a2:06:24:d4:cf:e7:73:43:85:9c:89:85:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 9 23:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea6284c7292de60b7620431e0c9a27c4a325480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:ac:f2:39:ce:69:66:cb:aa:13:4d:27:cf:
6f:d8:9c:67:91:50:93:c7:ae:3e:ad:12:cf:b2:1a:
b6:51:ef:4b:a4:d6:d6:09:53:83:de:d4:5a:06:01:
08:cd:2f:3f:3b:f5:00:7e:6e:ae:84:d4:9b:58:9f:
45:79:f1:4d:21:9b:09:20:4d:54:21:ff:20:3b:e4:
64:a3:67:5b:f9:a6:d0:ba:80:e1:df:25:33:ae:04:
71:89:59:3d:6a:47:95:41:08:88:ff:dd:4e:42:d8:
e5:7b:19:24:4b:b2:90:3b:55:08:36:29:3e:3e:3b:
66:c1:31:b6:8c:3e:b1:c5:6a:23:f4:b6:e8:c4:cb:
fb:19:84:75:9b:30:4d:19:a1:4c:2b:c6:a5:d8:40:
21:de:bf:9a:b2:6d:ec:48:9e:7c:ac:04:a8:b6:aa:
8d:8b:77:56:a1:db:a8:66:0c:ff:ec:2f:4f:52:62:
b2:6e:06:84:e5:56:4a:ef:fe:f0:9c:ce:ee:24:61:
bd:8c:ef:50:47:41:3a:fe:48:19:92:d3:36:8a:18:
22:c8:74:6b:a1:cd:9a:4e:44:29:28:55:da:4c:c5:
0e:3a:d3:7d:00:d1:24:c1:94:15:b2:98:9d:0b:3c:
43:b5:a8:88:37:4b:21:0b:ee:8c:da:34:4a:25:8e:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A6:28:4C:72:92:DE:60:B7:62:04:31:E0:C9:A2:7C:4A:32:54:80
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3qYoTHKS3mC3YgQx4MmifEoyVIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a1f::/48
2a10:cc40:150::/48
Signature Algorithm: sha256WithRSAEncryption
38:19:00:be:19:df:af:a3:ef:77:b8:55:10:72:66:97:5d:77:
22:ba:cd:d8:1b:97:b6:6a:29:82:09:46:8a:b9:79:13:77:14:
c6:5a:30:b1:f0:6d:6b:36:1f:1c:5c:21:b6:2f:c4:b3:af:4d:
07:1d:49:07:76:6c:63:7e:67:d1:1f:70:8f:f9:ab:23:71:47:
bd:c3:ff:d8:2d:36:3b:32:cc:fe:e0:70:bd:8a:e9:d2:cf:87:
ed:a8:3d:2b:ff:38:06:8f:d7:18:0e:07:fe:d9:48:34:1b:eb:
a9:25:12:fe:0b:de:3f:4b:6c:b4:82:bb:9c:2c:f9:ff:d9:5f:
bd:eb:31:f6:9b:f0:2e:6b:1c:52:a5:ea:74:92:41:52:09:92:
59:5a:3b:64:41:66:28:2e:54:9c:a2:cb:98:8d:69:61:77:c7:
d4:85:e5:ab:17:b8:f0:c1:87:4f:1a:44:3d:4b:ea:6f:74:67:
7f:ef:32:ac:3a:33:fd:46:61:4e:96:b2:67:1e:ad:88:ed:6e:
d4:c6:da:45:87:7a:af:43:cd:82:11:42:c2:58:ba:69:c0:dd:
65:12:5d:b9:d3:79:0d:bd:5f:ad:06:69:60:ef:39:2b:fd:b4:
61:1b:6b:8b:71:d5:5e:91:f9:ff:4a:0c:e0:68:32:ac:4f:c2:
ff:b7:28:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY4mOOiBiTUz+dzQ4WciYVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjA5MjM1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE2Mjg0YzcyOTJkZTYwYjc2MjA0MzFlMGM5YTI3YzRhMzI1NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxWs8jnOaWbLqhNNJ89v2JxnkVCT
x64+rRLPshq2Ue9LpNbWCVOD3tRaBgEIzS8/O/UAfm6uhNSbWJ9FefFNIZsJIE1U
If8gO+Rko2db+abQuoDh3yUzrgRxiVk9akeVQQiI/91OQtjlexkkS7KQO1UINik+
PjtmwTG2jD6xxWoj9LboxMv7GYR1mzBNGaFMK8al2EAh3r+asm3sSJ58rASotqqN
i3dWoduoZgz/7C9PUmKybgaE5VZK7/7wnM7uJGG9jO9QR0E6/kgZktM2ihgiyHRr
oc2aTkQpKFXaTMUOOtN9ANEkwZQVspidCzxDtaiIN0shC+6M2jRKJY6vMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN6mKExykt5gt2IEMeDJonxKMlSAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3FZb1RIS1MzbUMzWWdReDRNbWlmRW95VklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAof
AwcAKhDMQAFQMA0GCSqGSIb3DQEBCwUAA4IBAQA4GQC+Gd+vo+93uFUQcmaXXXci
us3YG5e2aimCCUaKuXkTdxTGWjCx8G1rNh8cXCG2L8Szr00HHUkHdmxjfmfRH3CP
+asjcUe9w//YLTY7Msz+4HC9iunSz4ftqD0r/zgGj9cYDgf+2Ug0G+upJRL+C94/
S2y0grucLPn/2V+96zH2m/AuaxxSpep0kkFSCZJZWjtkQWYoLlScosuYjWlhd8fU
heWrF7jwwYdPGkQ9S+pvdGd/7zKsOjP9RmFOlrJnHq2I7W7UxtpFh3qvQ82CEULC
WLppwN1lEl2503kNvV+tBmlg7zkr/bRhG2uLcdVekfn/SgzgaDKsT8L/tyib
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org