Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5kjGjH9E4FX_T8ougJwpAOw7-QY.roa
File: 5kjGjH9E4FX_T8ougJwpAOw7-QY.roa (raw, json)
Hash identifier: px4yPScmHfLbx/YasAER58V3P1nd1ZN+GeKU8V6rm7g=
Subject key identifier: E6:48:C6:8C:7F:44:E0:55:FF:4F:CA:2E:80:9C:29:00:EC:3B:F9:06
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E80D6AF583DD5FE508944BA0D74427
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5kjGjH9E4FX_T8ougJwpAOw7-QY.roa
Signing time: Mon 02 Jan 2023 05:15:34 +0000
ROA not before: Mon 02 Jan 2023 05:15:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 2a10:cc45:101::/48 maxlen: 48
2a10:cc45:106::/48 maxlen: 48
2a10:cc45:107::/48 maxlen: 48
2a10:cc45:10c::/48 maxlen: 48
2a10:cc45:105::/48 maxlen: 48
2a10:cc45:10a::/48 maxlen: 48
2a10:cc45:10b::/48 maxlen: 48
2a10:cc45:100::/48 maxlen: 48
2a10:cc45:109::/48 maxlen: 48
2a10:cc45:10e::/48 maxlen: 48
2a10:cc45:10f::/48 maxlen: 48
2a10:cc45:104::/48 maxlen: 48
2a10:cc45:10d::/48 maxlen: 48
2a10:cc45:102::/48 maxlen: 48
2a10:cc45:103::/48 maxlen: 48
2a10:cc45:100::/44 maxlen: 48
2a10:cc45:108::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:0d:6a:f5:83:dd:5f:e5:08:94:4b:a0:d7:44:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e648c68c7f44e055ff4fca2e809c2900ec3bf906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a9:a6:c9:8b:9b:58:03:86:6b:94:bc:83:bb:
b5:c4:8c:07:65:fd:cd:aa:a5:5f:5a:2a:31:30:57:
67:45:24:b5:09:de:e9:76:4e:bb:20:f3:8d:69:f6:
bc:3e:cf:1f:39:ac:88:f9:32:87:d6:24:2b:1d:76:
63:af:9b:74:e6:34:25:5f:39:37:26:f5:aa:de:92:
8a:ed:69:94:31:4a:cf:b8:25:7d:b8:e1:31:7a:8f:
e3:48:75:1e:29:71:33:6e:c3:23:53:c6:f3:03:ba:
5e:a5:76:6b:62:4b:a5:3c:e7:57:df:f5:18:e7:e0:
81:79:5d:89:4a:1b:af:bc:b6:cb:a9:0b:e0:f4:32:
0f:69:51:af:96:2a:46:6a:32:f6:0b:cd:c9:38:9e:
95:8d:38:64:12:14:75:18:b0:b8:8c:f8:ef:c0:9d:
e3:cd:ba:33:44:fe:d0:03:9c:5f:9a:70:2d:a5:66:
b6:3c:09:50:22:7c:8a:bc:be:48:bf:96:0b:36:dd:
ea:b7:66:2a:e6:25:91:3f:d7:19:77:8f:f1:c3:f2:
c3:33:6f:f7:da:64:a8:fc:70:cf:ca:5f:d2:3b:f7:
ce:5e:ce:c5:ce:bc:17:a9:52:b3:83:b7:41:c9:d9:
8c:2a:d6:31:a3:2c:94:a4:0d:61:dc:5f:7b:c4:2b:
08:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:48:C6:8C:7F:44:E0:55:FF:4F:CA:2E:80:9C:29:00:EC:3B:F9:06
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5kjGjH9E4FX_T8ougJwpAOw7-QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc45:100::/44
Signature Algorithm: sha256WithRSAEncryption
a3:1a:de:04:08:d2:9a:b0:f6:8a:cc:34:5e:54:6f:50:78:77:
28:c5:fd:d3:c6:68:29:a8:1d:07:d5:54:4c:47:4f:0a:8e:4a:
08:98:41:a4:e5:c4:4b:b6:89:c8:39:9f:74:02:d4:c5:51:61:
e5:05:bb:67:93:a1:9a:31:7a:96:7c:89:82:ee:4e:c9:ea:9f:
e7:8a:35:04:40:13:d7:c9:7c:fc:5d:c6:d6:ea:f0:25:4c:96:
f0:68:3b:d5:12:4c:f3:58:d2:12:3f:f9:39:5a:0d:f2:24:2b:
b6:77:25:45:ee:1c:d3:a2:33:bb:ba:d1:4d:3a:21:5b:0f:c2:
9c:ed:c6:68:23:85:84:18:5d:b2:39:6b:e1:8d:19:60:3b:92:
f4:19:5a:a4:64:e6:a2:90:04:6d:f3:09:64:8f:a4:ba:d7:b1:
91:2f:62:51:53:2b:f8:e4:bc:e2:dd:d0:61:10:16:e0:94:0f:
c2:6b:80:dc:24:7d:a1:4e:94:1a:1c:4f:ab:32:c2:df:e6:9a:
d3:32:31:c5:da:b1:2a:d7:c2:b9:1e:bc:f8:44:87:c1:5b:7b:
fa:62:45:f7:4d:37:90:02:c1:0a:12:4d:8a:14:5f:70:82:74:
04:4d:a8:88:10:33:c6:d0:76:3d:19:9c:fc:5f:21:c9:39:cb:
e5:d7:a0:6d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6A1q9YPdX+UIlEug10QnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ4YzY4YzdmNDRlMDU1ZmY0ZmNhMmU4MDljMjkwMGVjM2JmOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6mmyYubWAOGa5S8g7u1xIwHZf3N
qqVfWioxMFdnRSS1Cd7pdk67IPONafa8Ps8fOayI+TKH1iQrHXZjr5t05jQlXzk3
JvWq3pKK7WmUMUrPuCV9uOExeo/jSHUeKXEzbsMjU8bzA7pepXZrYkulPOdX3/UY
5+CBeV2JShuvvLbLqQvg9DIPaVGvlipGajL2C83JOJ6VjThkEhR1GLC4jPjvwJ3j
zbozRP7QA5xfmnAtpWa2PAlQInyKvL5Iv5YLNt3qt2Yq5iWRP9cZd4/xw/LDM2/3
2mSo/HDPyl/SO/fOXs7FzrwXqVKzg7dBydmMKtYxoyyUpA1h3F97xCsI/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOZIxox/ROBV/0/KLoCcKQDsO/kGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNWtqR2pIOUU0RlhfVDhvdWdKd3BBT3c3LVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRQEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCjGt4ECNKasPaKzDReVG9QeHcoxf3TxmgpqB0H
1VRMR08KjkoImEGk5cRLtonIOZ90AtTFUWHlBbtnk6GaMXqWfImC7k7J6p/nijUE
QBPXyXz8XcbW6vAlTJbwaDvVEkzzWNISP/k5Wg3yJCu2dyVF7hzTojO7utFNOiFb
D8Kc7cZoI4WEGF2yOWvhjRlgO5L0GVqkZOaikARt8wlkj6S617GRL2JRUyv45Lzi
3dBhEBbglA/Ca4DcJH2hTpQaHE+rMsLf5prTMjHF2rEq18K5Hrz4RIfBW3v6YkX3
TTeQAsEKEk2KFF9wgnQETaiIEDPG0HY9GZz8XyHJOcvl16Bt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:55 2023 by rpki-client on console-ams.rpki-client.org