Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3tTkvTtQBpTWfzV1wYIeVMSOorE.roa
File: 3tTkvTtQBpTWfzV1wYIeVMSOorE.roa (raw, json)
Hash identifier: C+awfjFVGduzcqWq85MENaO55RaiiwvmFF3WPYJgiqc=
Subject key identifier: DE:D4:E4:BD:3B:50:06:94:D6:7F:35:75:C1:82:1E:54:C4:8E:A2:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186C320D4DC291F15065980DF660F9B5CBF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3tTkvTtQBpTWfzV1wYIeVMSOorE.roa
Signing time: Wed 08 Mar 2023 21:29:13 +0000
ROA not before: Wed 08 Mar 2023 21:29:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211522
IP address blocks: 2a10:cc44:202::/48 maxlen: 48
2a10:cc44:203::/48 maxlen: 48
2a10:cc44:201::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c3:20:d4:dc:29:1f:15:06:59:80:df:66:0f:9b:5c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 8 21:29:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ded4e4bd3b500694d67f3575c1821e54c48ea2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4a:b9:50:aa:a3:51:12:9a:fb:b0:0f:36:6b:
eb:b8:7f:fd:d8:8f:69:a4:e4:d2:a9:0f:91:a4:50:
db:7e:b3:be:71:cb:28:98:c2:01:6a:68:70:81:2d:
62:34:72:40:60:6f:e9:0a:93:92:ea:57:a2:53:4a:
31:8a:af:3d:33:b6:57:ce:b2:91:18:1e:55:47:c8:
99:49:eb:c3:1f:0e:58:ba:a3:6b:54:d7:ba:8b:b8:
10:5f:06:9a:90:ce:58:f6:ec:db:16:e2:a0:b8:e7:
ba:56:06:50:ba:3f:cc:b3:9a:0b:6e:50:da:67:73:
7e:69:ea:7f:a6:9d:0d:e4:b7:20:07:9c:67:93:a9:
33:89:4f:b9:ff:cf:c5:8d:62:ba:a5:af:76:84:b9:
9e:25:87:8f:23:79:b9:21:ec:b6:e2:23:3d:d1:8c:
76:75:ed:40:f0:24:3a:bc:97:d7:50:a1:af:93:ed:
1b:86:03:3a:a1:53:01:06:ee:fa:89:1b:bc:b7:06:
39:5b:64:9c:14:10:38:d1:7c:95:27:16:cd:e4:53:
a2:e5:39:3f:10:7c:4c:79:89:44:ec:5c:2a:e1:5e:
ac:08:cc:2b:e4:d7:13:18:a2:bb:01:1a:86:c0:54:
bd:f2:e0:da:b5:4f:23:57:ba:ae:0e:06:0d:f7:97:
45:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D4:E4:BD:3B:50:06:94:D6:7F:35:75:C1:82:1E:54:C4:8E:A2:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3tTkvTtQBpTWfzV1wYIeVMSOorE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc44:201::-2a10:cc44:203:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:39:df:6f:cf:87:0b:de:49:66:de:b2:8f:b7:8f:04:e8:5e:
ba:9d:18:c9:85:4b:d5:22:66:40:f4:cc:09:b4:09:a7:f2:1c:
e0:30:a8:90:b7:60:47:d5:d7:72:91:63:e2:de:61:29:11:9a:
a5:3f:57:88:99:64:99:2f:4e:cf:b5:9c:40:c6:b6:55:f9:80:
b2:e9:68:67:d2:fd:7b:21:07:55:d9:20:2e:8a:15:5e:09:37:
ce:13:07:29:2e:44:53:74:e6:b3:5d:4b:bc:ec:66:3f:45:e4:
25:37:37:ac:8d:8d:b0:39:87:f7:d8:7b:89:84:5a:ce:a5:09:
6c:c6:6c:bd:bf:e2:d5:04:49:4f:80:27:4f:4d:89:61:c8:c2:
7d:b1:ff:ba:b7:cd:e4:4b:5f:67:41:4b:41:e8:97:47:a7:f3:
e9:d2:12:a5:48:e9:07:11:dd:6d:2f:4d:5d:c7:ae:0a:4a:d4:
6d:d3:26:5a:2f:6a:43:d2:05:e9:a1:fa:e2:2c:5b:54:b5:9e:
b8:8c:bc:39:42:cb:cc:f0:80:6e:2d:f0:72:0e:17:6b:3d:09:
82:c8:29:ba:ab:a6:2e:d7:a8:7d:4f:d1:d8:56:68:39:a6:01:
15:29:ea:1b:5f:5f:ca:22:2b:ae:4f:da:1a:52:66:04:df:1c:
9b:23:af:2a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYbDINTcKR8VBlmA32YPm1y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzA4MjEyOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ0ZTRiZDNiNTAwNjk0ZDY3ZjM1NzVjMTgyMWU1NGM0OGVhMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0q5UKqjURKa+7APNmvruH/92I9p
pOTSqQ+RpFDbfrO+ccsomMIBamhwgS1iNHJAYG/pCpOS6leiU0oxiq89M7ZXzrKR
GB5VR8iZSevDHw5YuqNrVNe6i7gQXwaakM5Y9uzbFuKguOe6VgZQuj/Ms5oLblDa
Z3N+aep/pp0N5LcgB5xnk6kziU+5/8/FjWK6pa92hLmeJYePI3m5Iey24iM90Yx2
de1A8CQ6vJfXUKGvk+0bhgM6oVMBBu76iRu8twY5W2ScFBA40XyVJxbN5FOi5Tk/
EHxMeYlE7Fwq4V6sCMwr5NcTGKK7ARqGwFS98uDatU8jV7quDgYN95dFYwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN7U5L07UAaU1n81dcGCHlTEjqKxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3RUa3ZUdFFCcFRXZnpWMXdZSWVWTVNPb3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEMxE
AgEDBwIqEMxEAgAwDQYJKoZIhvcNAQELBQADggEBAHA532/PhwveSWbeso+3jwTo
XrqdGMmFS9UiZkD0zAm0CafyHOAwqJC3YEfV13KRY+LeYSkRmqU/V4iZZJkvTs+1
nEDGtlX5gLLpaGfS/XshB1XZIC6KFV4JN84TBykuRFN05rNdS7zsZj9F5CU3N6yN
jbA5h/fYe4mEWs6lCWzGbL2/4tUESU+AJ09NiWHIwn2x/7q3zeRLX2dBS0Hol0en
8+nSEqVI6QcR3W0vTV3HrgpK1G3TJlovakPSBemh+uIsW1S1nriMvDlCy8zwgG4t
8HIOF2s9CYLIKbqrpi7XqH1P0dhWaDmmARUp6htfX8oiK65P2hpSZgTfHJsjryo=
-----END CERTIFICATE-----
Generated at Fri Aug 4 17:41:57 2023 by rpki-client on console-ams.rpki-client.org