Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5rG1LjBnts-wtK2XBzHwvbsCHTg.roa
File: 5rG1LjBnts-wtK2XBzHwvbsCHTg.roa (raw, json)
Hash identifier: ESf/nor2OAuYaKgxXNcUGDlwdLMF/z3uS/yeUbTt9rc=
Subject key identifier: E6:B1:B5:2E:30:67:B6:CF:B0:B4:AD:97:07:31:F0:BD:BB:02:1D:38
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7D3B192A33627459575FEDA753F95
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5rG1LjBnts-wtK2XBzHwvbsCHTg.roa
Signing time: Mon 02 Jan 2023 05:15:19 +0000
ROA not before: Mon 02 Jan 2023 05:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208223
IP address blocks: 2a0e:b107:1a30::/48 maxlen: 48
2a0e:b107:1a35::/48 maxlen: 48
2a0e:b107:1a3a::/48 maxlen: 48
2a0e:b107:1a3f::/48 maxlen: 48
2a0e:b107:1a34::/48 maxlen: 48
2a0e:b107:1a39::/48 maxlen: 48
2a0e:b107:1a3e::/48 maxlen: 48
2a0e:b107:1a33::/48 maxlen: 48
2a0e:b107:1a38::/48 maxlen: 48
2a0e:b107:1a3d::/48 maxlen: 48
2a0e:b107:1a32::/48 maxlen: 48
2a0e:b107:1a37::/48 maxlen: 48
2a0e:b107:1a3c::/48 maxlen: 48
2a0e:b107:1a31::/48 maxlen: 48
2a0e:b107:1a36::/48 maxlen: 48
2a0e:b107:1a3b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:d3:b1:92:a3:36:27:45:95:75:fe:da:75:3f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6b1b52e3067b6cfb0b4ad970731f0bdbb021d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:c6:5a:ee:3a:3b:4b:c1:cf:db:4c:5d:ff:
66:bd:de:d5:4e:39:4a:61:8f:66:4b:8c:79:02:10:
fb:e4:d1:85:8f:93:ca:19:cb:a9:78:4c:38:e4:99:
95:2f:73:00:a4:f0:3d:1f:81:59:39:63:47:1d:e3:
73:8a:e2:7e:12:b2:9f:f6:85:ba:d0:3e:e5:c0:2f:
b1:ff:54:ce:0b:52:2e:32:96:ea:30:b9:84:0e:bb:
4f:80:96:c7:98:c0:a4:c5:4b:09:c3:47:84:d1:63:
a4:72:98:51:79:6a:f8:f5:d4:e3:2b:11:cd:51:1a:
60:62:3f:b1:ea:c1:cb:78:09:d3:37:a5:2c:34:79:
5b:6d:42:27:94:b2:dc:3a:69:a8:d6:4b:53:10:be:
08:13:33:9b:0f:22:39:bf:3c:48:96:f6:c2:44:7a:
f2:e5:4a:31:ca:a5:11:bc:b2:f3:79:7e:d2:81:be:
95:bf:6c:03:45:e5:3c:31:72:7c:22:01:63:62:d0:
17:9e:2a:94:12:bd:9f:76:09:e5:a7:1b:66:c1:69:
f1:26:a1:e7:74:84:d7:8f:3d:d5:f2:72:fb:14:d2:
89:e7:a7:af:9f:d3:93:94:2e:7c:3f:f6:6d:97:c2:
31:fd:49:f4:5d:91:4d:2e:84:fe:c4:d3:8b:9c:32:
48:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B1:B5:2E:30:67:B6:CF:B0:B4:AD:97:07:31:F0:BD:BB:02:1D:38
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5rG1LjBnts-wtK2XBzHwvbsCHTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a30::/44
Signature Algorithm: sha256WithRSAEncryption
b3:77:0c:4b:cc:fc:24:7d:47:37:e7:46:b0:19:8f:76:12:8b:
87:e1:90:fb:3b:09:50:d5:ef:04:b4:80:90:1f:43:43:5b:78:
5a:cb:c7:2b:d0:07:12:83:d7:4a:bc:2f:c5:5e:e1:5e:09:e6:
ee:7f:a2:3d:eb:72:51:75:03:cc:b6:46:ff:b2:4e:91:7f:0f:
e4:8e:be:56:c8:2d:7e:25:36:6d:81:10:13:61:cf:80:32:c1:
63:fb:47:10:a7:aa:76:26:01:68:83:4a:2d:9b:1f:6a:ec:fb:
ff:cf:13:3b:19:b9:0f:97:5f:3a:9d:8a:fc:39:71:b4:56:26:
21:91:8b:66:da:33:9b:45:93:8f:f9:db:f7:dc:d6:28:c7:55:
20:84:b4:5c:78:2d:69:8a:80:0b:22:f9:c3:db:e4:61:90:19:
f8:89:fe:eb:cf:95:e4:65:83:e7:9b:0b:5c:cd:8c:77:b9:49:
c6:32:1e:d5:3a:22:b3:11:57:e1:d0:17:f8:3a:d0:3e:f6:9a:
7f:e7:2e:e9:89:36:6c:ee:9b:c1:eb:d2:1d:8e:7b:ad:e2:56:
e1:6c:2a:e2:0c:1a:00:ef:d6:b6:f9:61:db:dd:ae:36:df:52:
28:c0:6f:fa:fc:a7:93:5f:7d:27:fa:b9:f1:c8:60:3e:4a:36:
cb:c1:75:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw59OxkqM2J0WVdf7adT+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmIxYjUyZTMwNjdiNmNmYjBiNGFkOTcwNzMxZjBiZGJiMDIxZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXzGWu46O0vBz9tMXf9mvd7VTjlK
YY9mS4x5AhD75NGFj5PKGcupeEw45JmVL3MApPA9H4FZOWNHHeNziuJ+ErKf9oW6
0D7lwC+x/1TOC1IuMpbqMLmEDrtPgJbHmMCkxUsJw0eE0WOkcphReWr49dTjKxHN
URpgYj+x6sHLeAnTN6UsNHlbbUInlLLcOmmo1ktTEL4IEzObDyI5vzxIlvbCRHry
5UoxyqURvLLzeX7Sgb6Vv2wDReU8MXJ8IgFjYtAXniqUEr2fdgnlpxtmwWnxJqHn
dITXjz3V8nL7FNKJ56evn9OTlC58P/Ztl8Ix/Un0XZFNLoT+xNOLnDJIxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOaxtS4wZ7bPsLStlwcx8L27Ah04MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNXJHMUxqQm50cy13dEsyWEJ6SHd2YnNDSFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxow
MA0GCSqGSIb3DQEBCwUAA4IBAQCzdwxLzPwkfUc350awGY92EouH4ZD7OwlQ1e8E
tICQH0NDW3hay8cr0AcSg9dKvC/FXuFeCebuf6I963JRdQPMtkb/sk6Rfw/kjr5W
yC1+JTZtgRATYc+AMsFj+0cQp6p2JgFog0otmx9q7Pv/zxM7GbkPl186nYr8OXG0
ViYhkYtm2jObRZOP+dv33NYox1UghLRceC1pioALIvnD2+RhkBn4if7rz5XkZYPn
mwtczYx3uUnGMh7VOiKzEVfh0Bf4OtA+9pp/5y7piTZs7pvB69Idjnut4lbhbCri
DBoA79a2+WHb3a4231IowG/6/KeTX30n+rnxyGA+SjbLwXXm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:55 2023 by rpki-client on console-ams.rpki-client.org