Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3thqa5TcSNU6qkl_MK1DER1qKls.roa
File: 3thqa5TcSNU6qkl_MK1DER1qKls.roa (raw, json)
Hash identifier: seeXKsiknLphZZwfkFTfPh6+pRPgow+o1hPi30Rpvgk=
Subject key identifier: DE:D8:6A:6B:94:DC:48:D5:3A:AA:49:7F:30:AD:43:11:1D:6A:2A:5B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B129A8D18DAEF890AF4FD31427CEB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3thqa5TcSNU6qkl_MK1DER1qKls.roa
Signing time: Tue 24 Jan 2023 16:09:57 +0000
ROA not before: Tue 24 Jan 2023 16:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213377
IP address blocks: 2a0e:b107:1080::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:12:9a:8d:18:da:ef:89:0a:f4:fd:31:42:7c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ded86a6b94dc48d53aaa497f30ad43111d6a2a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:04:12:4d:93:e2:15:30:a5:e3:1a:f5:55:
0e:50:cf:9c:03:fd:25:70:b4:09:12:55:d2:b7:ab:
a8:44:06:a3:59:a4:17:05:c7:76:6e:ef:bc:42:b8:
23:46:ba:9e:a4:c3:18:84:42:e3:84:76:15:68:f7:
6f:58:a2:55:37:16:1b:95:6b:fc:1f:4e:af:7b:42:
c3:c7:be:b0:1a:ef:70:83:00:46:b4:df:f6:7d:4e:
2e:c9:a6:3d:1d:69:25:52:bd:7c:1d:38:cd:d7:57:
1b:65:c9:b9:9a:59:0b:e2:33:c0:50:70:f9:2d:6e:
a6:00:b6:af:7c:a8:1d:11:33:ce:c8:0e:58:0b:97:
3e:ea:a0:84:3c:66:c6:99:ed:dd:8e:d9:c4:f2:7a:
4c:41:90:01:ca:0a:4d:39:e6:71:00:93:35:f1:89:
2d:61:df:ac:64:62:36:cf:c0:ec:b6:b3:4d:2b:49:
b9:70:e3:dc:06:35:ef:6c:b4:0f:18:9d:a2:fa:44:
fd:ae:27:5a:b1:d0:43:b2:8c:e0:c7:10:2f:bc:9b:
ff:63:3e:88:77:d1:ce:f7:2b:7e:da:65:81:c1:1e:
51:00:d2:62:5e:f7:20:70:2b:cf:24:5f:e0:78:7d:
16:32:b1:61:24:97:78:42:1d:77:37:41:a4:94:cd:
76:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D8:6A:6B:94:DC:48:D5:3A:AA:49:7F:30:AD:43:11:1D:6A:2A:5B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3thqa5TcSNU6qkl_MK1DER1qKls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1080::/44
Signature Algorithm: sha256WithRSAEncryption
98:e2:3f:de:4b:ec:2b:35:86:58:1c:bd:82:08:47:69:93:ae:
88:e5:e4:0f:f1:a4:e0:f4:89:65:c3:7f:0d:e3:90:a5:44:98:
82:7d:48:c6:24:80:b0:63:e6:f8:f9:32:6b:d9:39:a8:66:43:
bc:f8:a9:45:94:75:94:33:9c:42:3a:9c:52:e4:f6:7c:7d:31:
92:18:51:fc:d7:19:5b:29:14:f4:a3:0c:64:33:e6:46:8f:d8:
7a:16:5d:2b:cd:14:49:20:06:58:7c:b8:2c:d7:c7:70:fc:8e:
3c:f4:32:85:5a:1c:b3:f8:6a:32:67:5b:f5:7f:61:03:b3:56:
dd:26:a7:90:c6:18:59:ff:60:6d:26:e2:64:df:40:8d:8f:3c:
7c:03:88:61:49:58:ea:b8:09:a0:d1:cb:49:a4:ae:b5:f3:6c:
e1:8b:4b:f7:85:f5:fe:fd:9e:ce:72:5e:96:a1:82:80:5d:8f:
9f:46:3c:76:03:e9:1d:f0:41:3a:00:ae:fe:77:fb:a9:e1:19:
37:da:6d:2b:17:d4:e5:c3:46:79:b9:5c:06:c4:ed:fa:c9:9a:
5b:e6:22:2b:45:9d:0a:0e:52:2c:c9:bf:35:2b:cb:2d:17:d6:
13:ef:a1:b1:53:6f:e5:90:36:4f:79:d8:be:c0:ea:47:f0:f6:
af:92:76:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkixKajRja74kK9P0xQnzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ4NmE2Yjk0ZGM0OGQ1M2FhYTQ5N2YzMGFkNDMxMTFkNmEyYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3EEEk2T4hUwpeMa9VUOUM+cA/0l
cLQJElXSt6uoRAajWaQXBcd2bu+8QrgjRrqepMMYhELjhHYVaPdvWKJVNxYblWv8
H06ve0LDx76wGu9wgwBGtN/2fU4uyaY9HWklUr18HTjN11cbZcm5mlkL4jPAUHD5
LW6mALavfKgdETPOyA5YC5c+6qCEPGbGme3djtnE8npMQZABygpNOeZxAJM18Ykt
Yd+sZGI2z8DstrNNK0m5cOPcBjXvbLQPGJ2i+kT9ridasdBDsozgxxAvvJv/Yz6I
d9HO9yt+2mWBwR5RANJiXvcgcCvPJF/geH0WMrFhJJd4Qh13N0GklM12LQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN7YamuU3EjVOqpJfzCtQxEdaipbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3RocWE1VGNTTlU2cWtsX01LMURFUjFxS2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxCA
MA0GCSqGSIb3DQEBCwUAA4IBAQCY4j/eS+wrNYZYHL2CCEdpk66I5eQP8aTg9Ill
w38N45ClRJiCfUjGJICwY+b4+TJr2TmoZkO8+KlFlHWUM5xCOpxS5PZ8fTGSGFH8
1xlbKRT0owxkM+ZGj9h6Fl0rzRRJIAZYfLgs18dw/I489DKFWhyz+GoyZ1v1f2ED
s1bdJqeQxhhZ/2BtJuJk30CNjzx8A4hhSVjquAmg0ctJpK6182zhi0v3hfX+/Z7O
cl6WoYKAXY+fRjx2A+kd8EE6AK7+d/up4Rk32m0rF9Tlw0Z5uVwGxO36yZpb5iIr
RZ0KDlIsyb81K8stF9YT76GxU2/lkDZPedi+wOpH8Pavknbd
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:29 2024 by rpki-client on console-fra.rpki-client.org