Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3yqoMQN-MixoVOdnq9srSwBuuh4.roa
File: 3yqoMQN-MixoVOdnq9srSwBuuh4.roa (raw, json)
Hash identifier: 2Vj3R1vo6XIGDPuyrlNtp2gsKXoaYbETh+uvoGPzQ3E=
Subject key identifier: DF:2A:A8:31:03:7E:32:2C:68:54:E7:67:AB:DB:2B:4B:00:6E:BA:1E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018B1E63C2E8B05B786A77647CDD5C4C6C5E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3yqoMQN-MixoVOdnq9srSwBuuh4.roa
Signing time: Wed 11 Oct 2023 10:58:56 +0000
ROA not before: Wed 11 Oct 2023 10:58:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213086
IP address blocks: 2a0e:b107:670::/44 maxlen: 48
2a0e:b107:1f00::/44 maxlen: 48
2a0e:b107:1df0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:63:c2:e8:b0:5b:78:6a:77:64:7c:dd:5c:4c:6c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 11 10:58:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2aa831037e322c6854e767abdb2b4b006eba1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:97:b7:56:16:8d:fb:6c:5c:a3:e5:68:3c:2f:
d0:53:84:73:ab:0b:14:db:e6:fa:ce:c9:98:60:b7:
a4:9d:19:07:b6:98:9f:7a:99:e4:d3:89:b5:a7:68:
80:b0:a9:b4:64:5a:47:0d:45:79:86:35:df:10:32:
58:a2:09:04:40:3f:e1:08:1f:50:bd:74:ef:b6:bc:
67:9e:96:8e:19:0d:5f:15:d0:73:98:7a:52:aa:ed:
b4:43:5c:97:e3:ab:b5:07:9e:1b:ee:de:7a:a0:11:
9f:e3:69:85:eb:5f:1c:9d:47:d1:b8:42:1d:df:ed:
bb:c0:d6:c0:2f:9c:c7:81:27:ba:bb:6d:ee:22:c3:
df:19:b7:c3:8f:ab:3f:81:7d:4f:8d:14:20:a6:ea:
c6:be:7d:35:5c:0e:62:dc:0c:01:35:c8:d1:cc:2f:
8e:10:2f:7d:05:0e:68:9a:ec:7d:38:12:26:74:f4:
1c:82:97:8c:21:7e:f0:10:56:18:9b:da:30:48:b6:
fc:5b:fc:e1:cc:43:aa:99:dd:6c:87:72:90:75:47:
6e:ca:b9:17:01:43:6b:ff:a8:12:e3:1d:3c:ca:09:
55:d0:9b:25:14:bf:d1:8a:19:fc:05:3b:9c:a7:9e:
f2:44:37:8d:d5:6e:d5:9d:16:94:f1:17:2a:09:ea:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2A:A8:31:03:7E:32:2C:68:54:E7:67:AB:DB:2B:4B:00:6E:BA:1E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3yqoMQN-MixoVOdnq9srSwBuuh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:670::/44
2a0e:b107:1df0::/44
2a0e:b107:1f00::/44
Signature Algorithm: sha256WithRSAEncryption
96:e9:6f:97:06:2e:4b:ea:b5:93:14:73:c3:11:1a:fb:d2:8c:
48:98:5a:6c:85:06:b1:9b:5e:3e:f4:67:6f:25:c7:b1:e8:35:
38:e6:78:52:dc:b2:ab:a1:fe:9b:78:88:ef:01:5c:0b:bc:7b:
30:41:a4:1d:d8:22:f6:20:47:96:b6:71:75:13:82:92:21:88:
dd:72:98:bf:8a:4a:49:44:10:e9:06:7c:6b:36:e3:2a:60:4d:
95:66:a9:7b:fd:8b:67:f1:a4:ae:dc:db:2a:f1:61:57:00:17:
36:a0:b3:ed:10:3b:5c:9f:cf:cc:10:4b:61:1a:d6:59:9f:3f:
50:f6:18:9b:c3:2b:7e:0f:3e:1c:92:aa:2a:27:ad:48:df:e9:
e4:2b:a1:a4:0f:d5:75:5a:df:03:c3:11:a4:d2:94:9d:38:58:
bc:87:2f:73:2c:15:86:3a:3d:53:f9:35:fb:ee:04:25:f8:cb:
ea:fa:70:9b:98:6a:7d:5a:e6:d2:ec:2c:a1:ae:fb:13:25:49:
d1:a1:02:48:80:36:32:a8:96:5b:52:26:70:3d:f6:9a:c0:a5:
3b:df:78:7b:45:2e:51:ac:e6:e7:73:01:5f:01:3a:9d:d9:a1:
d3:1f:b8:bf:6a:9b:35:20:7e:73:09:ed:8f:7a:8b:8f:b2:b9:
16:f6:bf:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYseY8LosFt4andkfN1cTGxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDExMTA1ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJhYTgzMTAzN2UzMjJjNjg1NGU3NjdhYmRiMmI0YjAwNmViYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJe3VhaN+2xco+VoPC/QU4RzqwsU
2+b6zsmYYLeknRkHtpifepnk04m1p2iAsKm0ZFpHDUV5hjXfEDJYogkEQD/hCB9Q
vXTvtrxnnpaOGQ1fFdBzmHpSqu20Q1yX46u1B54b7t56oBGf42mF618cnUfRuEId
3+27wNbAL5zHgSe6u23uIsPfGbfDj6s/gX1PjRQgpurGvn01XA5i3AwBNcjRzC+O
EC99BQ5omux9OBImdPQcgpeMIX7wEFYYm9owSLb8W/zhzEOqmd1sh3KQdUduyrkX
AUNr/6gS4x08yglV0JslFL/Rihn8BTucp57yRDeN1W7VnRaU8RcqCeqzfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN8qqDEDfjIsaFTnZ6vbK0sAbroeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM3lxb01RTi1NaXhvVk9kbnE5c3JTd0J1dWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBwZw
AwcEKg6xBx3wAwcEKg6xBx8AMA0GCSqGSIb3DQEBCwUAA4IBAQCW6W+XBi5L6rWT
FHPDERr70oxImFpshQaxm14+9GdvJcex6DU45nhS3LKrof6beIjvAVwLvHswQaQd
2CL2IEeWtnF1E4KSIYjdcpi/ikpJRBDpBnxrNuMqYE2VZql7/Ytn8aSu3Nsq8WFX
ABc2oLPtEDtcn8/MEEthGtZZnz9Q9hibwyt+Dz4ckqoqJ61I3+nkK6GkD9V1Wt8D
wxGk0pSdOFi8hy9zLBWGOj1T+TX77gQl+Mvq+nCbmGp9WubS7CyhrvsTJUnRoQJI
gDYyqJZbUiZwPfaawKU733h7RS5RrObncwFfATqd2aHTH7i/aps1IH5zCe2PeouP
srkW9r8w
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org