Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5tGyDU3N8x7TEyw8JQfkV9no6QQ.roa
File: 5tGyDU3N8x7TEyw8JQfkV9no6QQ.roa (raw, json)
Hash identifier: zl2iCniojPLql1rbMeqnFrZgKqe4NFqCgIhvJRoYfVE=
Subject key identifier: E6:D1:B2:0D:4D:CD:F3:1E:D3:13:2C:3C:25:07:E4:57:D9:E8:E9:04
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B08BB86ED4EABC1A0F62B84271238
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5tGyDU3N8x7TEyw8JQfkV9no6QQ.roa
Signing time: Tue 24 Jan 2023 16:09:55 +0000
ROA not before: Tue 24 Jan 2023 16:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212580
IP address blocks: 2a0e:b107:e00::/44 maxlen: 48
2a0e:b107:de0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:08:bb:86:ed:4e:ab:c1:a0:f6:2b:84:27:12:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6d1b20d4dcdf31ed3132c3c2507e457d9e8e904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:5a:2f:9f:4b:ab:a9:34:ef:af:d1:d0:8a:
08:f4:6f:d5:7d:b7:02:87:2f:a4:b7:3e:ad:fb:d1:
38:8e:22:dd:17:1d:0e:fd:19:78:fd:0d:77:bd:bf:
d1:02:86:1e:e5:7c:81:b0:3b:bb:c0:ce:ea:9c:74:
c1:5c:9c:28:14:fc:ed:78:c9:e8:42:d5:62:69:51:
a9:e2:04:05:6d:96:58:ac:fa:81:e9:07:89:8a:c9:
36:20:b9:7e:aa:4e:3c:27:66:ec:06:0a:5e:a5:cb:
e6:f4:e0:1f:5f:c6:48:5b:48:57:6b:2d:c5:32:37:
5f:90:fc:a9:b2:3b:1f:4e:43:4c:15:e7:f6:71:5f:
90:29:a5:42:d1:96:34:a6:39:a5:11:9b:97:df:9d:
c9:ea:ae:53:71:dd:92:b6:66:2e:e1:51:76:78:71:
ee:37:d3:5f:ec:d8:a9:74:e3:5e:c9:2a:29:57:0e:
b2:62:56:df:da:00:08:6c:e5:92:69:d7:56:e5:86:
a3:16:26:c2:22:33:21:2a:a3:d7:84:fb:09:55:a7:
02:7d:88:7a:08:05:5e:b3:c6:7b:1c:02:61:91:e0:
2f:32:da:35:b5:54:5e:a1:46:26:49:b4:03:de:51:
91:e6:45:8d:eb:00:0c:3d:5a:af:1c:b2:a0:0d:2a:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D1:B2:0D:4D:CD:F3:1E:D3:13:2C:3C:25:07:E4:57:D9:E8:E9:04
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5tGyDU3N8x7TEyw8JQfkV9no6QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:de0::/44
2a0e:b107:e00::/44
Signature Algorithm: sha256WithRSAEncryption
62:11:ff:88:19:fa:a0:cf:3b:74:f7:73:86:ac:8a:00:ac:ad:
53:ba:cf:26:5d:29:31:dc:95:30:6c:44:87:2a:03:7b:a4:bc:
f0:7f:f1:55:75:16:75:60:05:94:da:0a:35:d6:21:67:a8:84:
94:92:c6:30:3b:0f:ae:36:91:0b:11:cd:b3:3a:77:93:23:ac:
24:7f:ff:a6:c8:f0:e6:c5:d0:a2:4d:40:9b:7b:c2:66:d8:70:
bb:61:99:b5:26:11:11:23:8c:f6:63:de:13:43:5d:24:7f:83:
3f:1e:c0:1e:8c:6e:5f:92:73:2e:8d:3f:86:ad:d4:d8:57:c6:
f5:13:22:81:7d:b9:47:e4:cd:af:39:33:b7:fd:f0:51:d9:ae:
df:a3:ae:65:59:05:16:cd:0f:9a:c6:78:39:67:8f:3a:ef:ed:
00:31:ac:f9:0c:70:f6:43:33:18:d1:4d:2d:99:02:38:7a:88:
ad:c7:71:4c:03:17:79:48:2b:80:47:ca:f8:9d:10:ce:48:58:
71:31:ae:97:2d:b1:a4:1e:b6:ed:25:a6:cf:a2:e8:80:c7:e7:
a7:4a:1f:7c:98:49:8e:68:96:c5:a8:9e:e8:ff:e4:00:2e:6b:
6c:63:a5:17:47:e2:52:32:73:b4:32:1f:03:01:cc:8c:e4:3e:
44:90:5b:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkiwi7hu1Oq8Gg9iuEJxI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQxYjIwZDRkY2RmMzFlZDMxMzJjM2MyNTA3ZTQ1N2Q5ZThlOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcRaL59Lq6k076/R0IoI9G/VfbcC
hy+ktz6t+9E4jiLdFx0O/Rl4/Q13vb/RAoYe5XyBsDu7wM7qnHTBXJwoFPzteMno
QtViaVGp4gQFbZZYrPqB6QeJisk2ILl+qk48J2bsBgpepcvm9OAfX8ZIW0hXay3F
MjdfkPypsjsfTkNMFef2cV+QKaVC0ZY0pjmlEZuX353J6q5Tcd2StmYu4VF2eHHu
N9Nf7NipdONeySopVw6yYlbf2gAIbOWSaddW5YajFibCIjMhKqPXhPsJVacCfYh6
CAVes8Z7HAJhkeAvMto1tVReoUYmSbQD3lGR5kWN6wAMPVqvHLKgDSp16QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFObRsg1NzfMe0xMsPCUH5FfZ6OkEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNXRHeURVM044eDdURXl3OEpRZmtWOW5vNlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBw3g
AwcEKg6xBw4AMA0GCSqGSIb3DQEBCwUAA4IBAQBiEf+IGfqgzzt093OGrIoArK1T
us8mXSkx3JUwbESHKgN7pLzwf/FVdRZ1YAWU2go11iFnqISUksYwOw+uNpELEc2z
OneTI6wkf/+myPDmxdCiTUCbe8Jm2HC7YZm1JhERI4z2Y94TQ10kf4M/HsAejG5f
knMujT+GrdTYV8b1EyKBfblH5M2vOTO3/fBR2a7fo65lWQUWzQ+axng5Z4867+0A
Maz5DHD2QzMY0U0tmQI4eoitx3FMAxd5SCuAR8r4nRDOSFhxMa6XLbGkHrbtJabP
ouiAx+enSh98mEmOaJbFqJ7o/+QALmtsY6UXR+JSMnO0Mh8DAcyM5D5EkFsd
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org