Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/473Gmc5kD8nrIxXRkpl3onlT1hc.roa
File: 473Gmc5kD8nrIxXRkpl3onlT1hc.roa (raw, json)
Hash identifier: stTiDdhDREyxN/56WIlBpomzn+6OTMRG1ahI8hAnjQ8=
Subject key identifier: E3:BD:C6:99:CE:64:0F:C9:EB:23:15:D1:92:99:77:A2:79:53:D6:17
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187D2D93294334341A6C2F1ABC6879E4247
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/473Gmc5kD8nrIxXRkpl3onlT1hc.roa
Signing time: Sun 30 Apr 2023 15:47:42 +0000
ROA not before: Sun 30 Apr 2023 15:47:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:660::/44 maxlen: 48
2a0e:b107:5f0::/44 maxlen: 48
2a0e:b107:1d60::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:1e00::/44 maxlen: 48
2a0e:b107:5e0::/44 maxlen: 48
2a0e:b107:2150::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d2:d9:32:94:33:43:41:a6:c2:f1:ab:c6:87:9e:42:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 30 15:47:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3bdc699ce640fc9eb2315d1929977a27953d617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:a6:3c:c1:f6:65:bb:74:34:d3:b0:91:7d:
56:0b:01:ed:20:84:af:e6:ce:2c:19:8e:53:e9:9c:
49:15:17:5b:96:1c:17:15:7f:68:1b:41:25:75:e8:
1c:ad:02:78:30:05:f9:36:c5:40:d3:57:9d:51:c9:
0d:6b:4d:6a:5c:a3:75:67:c8:c1:ff:8e:f3:b3:53:
62:18:d2:ee:a8:61:9e:52:67:1e:d1:58:f5:60:04:
ae:ed:52:dd:f2:73:71:9a:04:3c:6c:23:65:f7:d7:
2f:e3:ae:51:62:77:72:e8:97:32:e1:81:98:fb:d9:
08:ed:f6:06:f8:ac:24:9f:c2:fb:1b:73:f3:5f:36:
97:3d:4f:77:85:01:34:82:d0:b6:6b:3e:c1:f2:60:
e2:61:2e:6d:1c:c3:b8:25:1c:7d:a7:36:39:7c:c9:
9f:b6:41:2f:6a:d4:77:9a:29:4d:f0:f6:e2:c9:2e:
38:b5:2a:19:24:87:bc:f5:0c:13:e7:b1:24:97:dd:
79:0b:e8:ba:dd:40:e6:cd:27:c1:76:24:3e:98:ea:
3f:3c:f2:9b:89:14:1f:c2:46:c6:54:e7:6e:f1:67:
1c:d2:31:50:b7:82:9a:9d:aa:92:99:fb:19:0a:24:
05:e6:36:3d:4f:c7:19:bf:8b:c0:e0:71:b2:ec:b7:
64:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BD:C6:99:CE:64:0F:C9:EB:23:15:D1:92:99:77:A2:79:53:D6:17
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/473Gmc5kD8nrIxXRkpl3onlT1hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:660::/44
2a0e:b107:800::/44
2a0e:b107:1d60::/44
2a0e:b107:1e00::/44
2a0e:b107:2150::/44
Signature Algorithm: sha256WithRSAEncryption
1b:d4:8c:65:db:4a:3d:49:0c:5b:30:93:b7:58:22:64:0f:70:
ec:be:11:b1:b9:cf:cc:93:de:f4:8a:93:03:e5:ea:de:f2:db:
ba:71:ea:1b:3c:48:43:4a:0d:aa:8f:ac:67:38:db:be:37:b1:
d8:0e:8d:6a:e7:76:6a:8a:e1:10:62:aa:51:8c:62:51:a4:38:
8a:e7:f5:53:d5:23:3b:1e:1b:61:e1:c6:46:d6:11:37:11:c5:
40:74:eb:1d:d8:0b:1a:d8:ff:6c:e7:3a:e5:04:9b:dc:ed:c8:
fa:0f:46:69:c7:47:99:d3:ea:a4:0f:b0:1a:f9:ea:07:f2:2f:
92:c5:cb:c1:71:00:9f:9c:50:c7:a7:80:fb:66:23:fc:63:22:
10:b3:36:e0:9f:6e:1b:43:16:96:80:27:66:e1:c9:77:7e:a5:
3f:4c:83:34:76:cb:89:7e:b0:12:75:b6:cf:d5:93:fb:3e:f5:
bb:4a:53:d7:83:7f:7f:e1:c5:6e:71:6b:d8:42:a8:fb:5e:67:
00:0f:4b:7d:81:d4:b0:5a:8c:8e:97:0d:53:39:e3:84:3e:6a:
c3:31:98:6a:e5:f7:21:17:71:50:56:b2:80:83:c0:4b:34:62:
fc:91:59:bf:39:32:99:3a:78:2e:11:e4:c3:33:b3:72:7a:43:
0b:57:42:e4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYfS2TKUM0NBpsLxq8aHnkJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDMwMTU0NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2JkYzY5OWNlNjQwZmM5ZWIyMzE1ZDE5Mjk5NzdhMjc5NTNkNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgumPMH2Zbt0NNOwkX1WCwHtIISv
5s4sGY5T6ZxJFRdblhwXFX9oG0EldegcrQJ4MAX5NsVA01edUckNa01qXKN1Z8jB
/47zs1NiGNLuqGGeUmce0Vj1YASu7VLd8nNxmgQ8bCNl99cv465RYndy6Jcy4YGY
+9kI7fYG+Kwkn8L7G3PzXzaXPU93hQE0gtC2az7B8mDiYS5tHMO4JRx9pzY5fMmf
tkEvatR3milN8PbiyS44tSoZJIe89QwT57Ekl915C+i63UDmzSfBdiQ+mOo/PPKb
iRQfwkbGVOdu8Wcc0jFQt4KanaqSmfsZCiQF5jY9T8cZv4vA4HGy7Ldk0QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFOO9xpnOZA/J6yMV0ZKZd6J5U9YXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNDczR21jNWtEOG5ySXhYUmtwbDNvbmxUMWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBMBIDBwUqDrEH
BeADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHCAADBwQqDrEHHWADBwQqDrEHHgAD
BwQqDrEHIVAwDQYJKoZIhvcNAQELBQADggEBABvUjGXbSj1JDFswk7dYImQPcOy+
EbG5z8yT3vSKkwPl6t7y27px6hs8SENKDaqPrGc42743sdgOjWrndmqK4RBiqlGM
YlGkOIrn9VPVIzseG2HhxkbWETcRxUB06x3YCxrY/2znOuUEm9ztyPoPRmnHR5nT
6qQPsBr56gfyL5LFy8FxAJ+cUMengPtmI/xjIhCzNuCfbhtDFpaAJ2bhyXd+pT9M
gzR2y4l+sBJ1ts/Vk/s+9btKU9eDf3/hxW5xa9hCqPteZwAPS32B1LBajI6XDVM5
44Q+asMxmGrl9yEXcVBWsoCDwEs0YvyRWb85Mpk6eC4R5MMzs3J6QwtXQuQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org