Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4yTfTVkuf4zVcIICCCjMnuQiTUo.roa
File: 4yTfTVkuf4zVcIICCCjMnuQiTUo.roa (raw, json)
Hash identifier: 9YFd3ZnJZy32Wr82vFfXxbyWNin2Op1+zpp9qR7Q+co=
Subject key identifier: E3:24:DF:4D:59:2E:7F:8C:D5:70:82:02:08:28:CC:9E:E4:22:4D:4A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C200A687344F5B1E5A3E969E037CC4521
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4yTfTVkuf4zVcIICCCjMnuQiTUo.roa
Signing time: Thu 30 Nov 2023 11:43:22 +0000
ROA not before: Thu 30 Nov 2023 11:43:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a10:ccc2:9c00::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:0a:68:73:44:f5:b1:e5:a3:e9:69:e0:37:cc:45:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 30 11:43:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e324df4d592e7f8cd57082020828cc9ee4224d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:eb:fb:54:d0:19:7f:fe:dd:8e:ad:0d:1e:f2:
04:6a:d9:ef:57:a6:ac:04:a7:56:2c:a6:dd:92:69:
b9:a1:00:1a:9c:9e:82:b9:fb:9a:ec:7c:d5:86:dc:
48:8a:de:47:1a:f5:70:15:c2:66:e3:0a:f1:c2:9d:
2f:04:d3:9f:e1:76:38:26:fc:52:9b:91:8e:30:de:
67:f0:f2:55:12:2a:65:09:ca:65:06:31:ca:56:8c:
cc:7e:ce:92:8c:b3:2e:7e:c8:32:f1:f1:12:e4:22:
2e:c0:af:7b:54:b6:d0:0c:d1:3f:f4:07:42:87:6c:
02:fc:76:ad:2f:88:47:dd:f7:a2:b1:0d:89:c3:96:
b7:e8:53:9d:6a:36:d8:16:7e:72:61:5f:a8:78:d0:
5b:33:38:52:ce:b2:07:55:70:c3:7e:d1:de:dd:8d:
e8:b4:a9:6c:88:ef:0e:0a:09:e6:a9:5d:1b:ed:03:
e7:5f:3b:0f:8f:a1:fd:45:b4:7a:86:01:12:2e:98:
42:76:c0:27:d3:e5:4d:47:c0:26:00:67:cc:c0:76:
8c:10:d4:9d:15:ef:be:94:2f:b3:e2:53:2c:91:e5:
f8:04:91:ce:eb:8c:6d:03:42:56:6b:7b:a4:47:e5:
69:73:8b:1e:f9:46:26:f8:2c:42:30:8f:56:b0:61:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:24:DF:4D:59:2E:7F:8C:D5:70:82:02:08:28:CC:9E:E4:22:4D:4A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4yTfTVkuf4zVcIICCCjMnuQiTUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc2:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
19:12:63:52:e3:6e:ea:4e:c2:63:e7:2c:08:f6:19:b5:83:b5:
b7:bc:d4:ca:a8:51:ae:14:3d:17:8c:42:38:6c:5f:40:82:13:
26:af:65:17:f7:3c:a3:26:6f:7f:28:83:40:7c:7e:73:8c:93:
d3:48:56:82:c5:68:3c:5b:ed:11:00:5b:3f:16:0a:c0:55:cb:
ae:f1:57:22:41:05:9d:c2:76:6e:e9:06:cb:13:a6:00:ac:d5:
71:66:5b:1e:ef:d7:c4:f3:b0:be:37:aa:7e:33:5f:5c:cd:28:
74:cb:1a:3a:05:51:90:67:60:e0:c4:30:69:9b:c5:cf:8d:a0:
34:5b:dd:43:c0:38:a3:d2:79:a8:25:43:69:1f:49:ec:5d:c8:
e2:44:ec:a3:3d:2b:46:f5:3b:4c:d3:cd:79:e2:04:b8:48:cc:
98:65:43:57:a0:76:a0:6b:be:32:1e:2b:7c:96:e4:6c:68:44:
65:98:64:b2:d3:21:33:05:17:38:13:0c:cd:92:6a:c3:34:b1:
8d:2c:4a:4c:42:06:c8:f9:d3:4f:d4:57:cb:71:c0:78:c8:be:
3c:09:8b:ae:2f:84:48:87:2e:03:3c:93:40:2a:f1:a8:a1:30:
7f:05:a2:ad:f2:e1:28:5e:ab:2d:fc:bc:33:41:7f:99:12:b5:
12:9b:bc:62
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYwgCmhzRPWx5aPpaeA3zEUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTMwMTE0MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI0ZGY0ZDU5MmU3ZjhjZDU3MDgyMDIwODI4Y2M5ZWU0MjI0ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluv7VNAZf/7djq0NHvIEatnvV6as
BKdWLKbdkmm5oQAanJ6Cufua7HzVhtxIit5HGvVwFcJm4wrxwp0vBNOf4XY4JvxS
m5GOMN5n8PJVEiplCcplBjHKVozMfs6SjLMufsgy8fES5CIuwK97VLbQDNE/9AdC
h2wC/HatL4hH3feisQ2Jw5a36FOdajbYFn5yYV+oeNBbMzhSzrIHVXDDftHe3Y3o
tKlsiO8OCgnmqV0b7QPnXzsPj6H9RbR6hgESLphCdsAn0+VNR8AmAGfMwHaMENSd
Fe++lC+z4lMskeX4BJHO64xtA0JWa3ukR+Vpc4se+UYm+CxCMI9WsGGsDQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOMk301ZLn+M1XCCAggozJ7kIk1KMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHlUZlRWa3VmNHpWY0lJQ0NDak1udVFpVFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhDMwpww
DQYJKoZIhvcNAQELBQADggEBABkSY1LjbupOwmPnLAj2GbWDtbe81MqoUa4UPReM
QjhsX0CCEyavZRf3PKMmb38og0B8fnOMk9NIVoLFaDxb7REAWz8WCsBVy67xVyJB
BZ3Cdm7pBssTpgCs1XFmWx7v18TzsL43qn4zX1zNKHTLGjoFUZBnYODEMGmbxc+N
oDRb3UPAOKPSeaglQ2kfSexdyOJE7KM9K0b1O0zTzXniBLhIzJhlQ1egdqBrvjIe
K3yW5GxoRGWYZLLTITMFFzgTDM2SasM0sY0sSkxCBsj500/UV8txwHjIvjwJi64v
hEiHLgM8k0Aq8aihMH8Foq3y4Sheqy38vDNBf5kStRKbvGI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:29 2024 by rpki-client on console-fra.rpki-client.org