Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/74dyUKdob-FgTLXy4bm9xGZJCyw.roa
File: 74dyUKdob-FgTLXy4bm9xGZJCyw.roa (raw, json)
Hash identifier: dcAiXuyGOPijgy1DrS73SEDM2lvUE59CNSqQbhDc++w=
Subject key identifier: EF:87:72:50:A7:68:6F:E1:60:4C:B5:F2:E1:B9:BD:C4:66:49:0B:2C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187DB1CB3852B7807ACFA7F90B3A7CB13DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/74dyUKdob-FgTLXy4bm9xGZJCyw.roa
Signing time: Tue 02 May 2023 06:18:23 +0000
ROA not before: Tue 02 May 2023 06:18:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211659
IP address blocks: 2a0e:b105:123::/48 maxlen: 48
2a0e:97c0:261::/48 maxlen: 48
2a0e:b105:121::/48 maxlen: 48
2a0e:b105:122::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:1c:b3:85:2b:78:07:ac:fa:7f:90:b3:a7:cb:13:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 2 06:18:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef877250a7686fe1604cb5f2e1b9bdc466490b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:85:c6:89:65:4c:99:81:63:41:08:fd:3a:
67:a0:cb:9b:f5:24:4a:aa:37:a3:bb:c1:a5:11:d4:
37:1b:3d:7d:3f:34:e6:41:21:77:15:d1:42:93:31:
a2:c2:ff:13:e4:5d:ac:48:6d:8b:85:f9:87:24:8a:
82:33:05:04:ff:91:7c:4b:6a:38:3d:06:9c:f7:1a:
93:d9:d5:d3:cd:ef:a3:2a:9c:6f:00:e2:3e:e4:95:
cb:b2:83:87:ec:ae:fb:f4:97:f3:bc:72:c4:eb:c1:
eb:7d:04:72:90:88:56:81:7b:f5:9d:a3:d8:31:00:
a2:be:03:25:73:fd:dc:41:f5:fc:0f:f7:d1:71:cc:
6b:ac:ce:e7:cf:99:0b:d0:21:ce:16:ad:b1:bd:df:
9e:9e:c7:1b:9c:54:8e:47:aa:a5:70:0b:ff:38:58:
81:5f:cc:a5:13:99:15:59:56:bf:c6:15:30:fd:89:
9c:83:c4:3c:90:ed:bc:a8:66:6b:b7:7e:4b:2d:c1:
47:45:f6:7d:a4:b3:08:28:47:81:97:c4:54:09:b2:
e0:60:57:62:f6:92:6e:57:98:5b:90:31:b5:4f:5f:
49:e4:f6:b7:9d:4a:19:80:55:dc:e5:21:7a:ac:ce:
35:18:30:56:c5:e9:57:d7:ba:24:c3:b6:ae:e8:f0:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:87:72:50:A7:68:6F:E1:60:4C:B5:F2:E1:B9:BD:C4:66:49:0B:2C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/74dyUKdob-FgTLXy4bm9xGZJCyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:261::/48
2a0e:b105:121::-2a0e:b105:123:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0a:ae:ee:91:9d:82:85:21:d4:98:4e:cc:ec:40:cc:a1:c8:28:
a3:01:60:7e:b5:32:1a:d0:a8:d8:9e:7e:50:f1:9f:5f:17:53:
f7:21:c5:b3:ab:b3:bf:b6:fd:87:c5:d8:5b:4d:7c:8b:25:92:
cc:c3:1a:b3:55:be:bc:a6:df:cb:4a:9c:ca:2a:42:52:55:38:
11:b0:5b:cd:41:c3:03:cf:e8:74:fd:7c:33:5e:7b:61:e0:ec:
89:c8:bc:cc:88:36:19:2e:f2:fa:85:97:18:d9:18:cc:81:d7:
2e:8b:ae:68:67:06:6a:6a:6b:6c:98:39:d0:47:1e:97:b9:50:
53:86:c2:c6:48:db:5c:5c:70:d8:3f:49:d1:58:c0:1f:01:69:
7f:45:86:ca:ae:fd:b5:96:de:d3:9d:58:3f:83:d1:fe:7e:c9:
17:f8:88:fc:bd:8e:58:d7:52:9b:15:7d:90:62:14:f1:e5:86:
30:72:13:ba:f7:7c:2b:f4:58:3b:21:17:11:55:72:db:88:28:
ec:74:2e:41:0f:70:c2:c9:10:86:cf:14:5c:26:c9:24:e3:aa:
46:36:34:6f:0f:99:1c:44:37:48:6f:66:0a:a8:c5:23:b5:03:
3a:48:42:93:b3:ff:2e:a4:63:75:a4:d3:f6:22:e0:24:4a:5b:
df:60:a8:cf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYfbHLOFK3gHrPp/kLOnyxPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAyMDYxODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjg3NzI1MGE3Njg2ZmUxNjA0Y2I1ZjJlMWI5YmRjNDY2NDkwYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT6FxollTJmBY0EI/TpnoMub9SRK
qjeju8GlEdQ3Gz19PzTmQSF3FdFCkzGiwv8T5F2sSG2LhfmHJIqCMwUE/5F8S2o4
PQac9xqT2dXTze+jKpxvAOI+5JXLsoOH7K779JfzvHLE68HrfQRykIhWgXv1naPY
MQCivgMlc/3cQfX8D/fRccxrrM7nz5kL0CHOFq2xvd+enscbnFSOR6qlcAv/OFiB
X8ylE5kVWVa/xhUw/Ymcg8Q8kO28qGZrt35LLcFHRfZ9pLMIKEeBl8RUCbLgYFdi
9pJuV5hbkDG1T19J5Pa3nUoZgFXc5SF6rM41GDBWxelX17okw7au6PBhWQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO+HclCnaG/hYEy18uG5vcRmSQssMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNzRkeVVLZG9iLUZnVExYeTRibTl4R1pKQ3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6XwAJh
MBIDBwAqDrEFASEDBwIqDrEFASAwDQYJKoZIhvcNAQELBQADggEBAAqu7pGdgoUh
1JhOzOxAzKHIKKMBYH61MhrQqNieflDxn18XU/chxbOrs7+2/YfF2FtNfIslkszD
GrNVvrym38tKnMoqQlJVOBGwW81BwwPP6HT9fDNee2Hg7InIvMyINhku8vqFlxjZ
GMyB1y6LrmhnBmpqa2yYOdBHHpe5UFOGwsZI21xccNg/SdFYwB8BaX9Fhsqu/bWW
3tOdWD+D0f5+yRf4iPy9jljXUpsVfZBiFPHlhjByE7r3fCv0WDshFxFVctuIKOx0
LkEPcMLJEIbPFFwmySTjqkY2NG8PmRxEN0hvZgqoxSO1AzpIQpOz/y6kY3Wk0/Yi
4CRKW99gqM8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org