Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8CIvgbiMn2T4wXDgBIQIzki3v0Q.roa
File: 8CIvgbiMn2T4wXDgBIQIzki3v0Q.roa (raw, json)
Hash identifier: xgan3m5xXL5Zu1J93MVidBpRzIhxGs3pf36mwdnXfi4=
Subject key identifier: F0:22:2F:81:B8:8C:9F:64:F8:C1:70:E0:04:84:08:CE:48:B7:BF:44
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186DB1F278AAAA2F8B9F009EAD1EA5B94F9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8CIvgbiMn2T4wXDgBIQIzki3v0Q.roa
Signing time: Mon 13 Mar 2023 13:18:17 +0000
ROA not before: Mon 13 Mar 2023 13:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210397
IP address blocks: 2a0e:97c0:780::/48 maxlen: 48
2a0e:97c0:78b::/48 maxlen: 48
2a0e:97c0:781::/48 maxlen: 48
2a0e:97c0:78f::/48 maxlen: 48
2a0e:97c0:78a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:1f:27:8a:aa:a2:f8:b9:f0:09:ea:d1:ea:5b:94:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 13 13:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0222f81b88c9f64f8c170e0048408ce48b7bf44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:99:f4:77:1c:fd:1a:a1:2c:96:99:f7:ed:
2d:50:62:bc:a1:ad:74:07:54:57:99:a5:36:e2:d5:
1f:0e:83:31:af:78:90:46:87:ea:84:cf:63:0c:12:
28:41:2b:75:93:f8:a6:8b:dd:a5:ad:a4:c8:a4:cb:
07:54:ec:cd:61:ff:07:07:85:dc:e6:37:af:f0:60:
61:6d:2f:53:f9:37:1c:dc:19:65:a1:26:d8:82:e2:
d9:c1:9a:18:85:73:bf:cc:0e:a0:36:c6:b6:c2:ff:
34:b7:83:11:5b:27:03:5e:05:b8:b6:eb:d1:27:02:
60:7e:f6:2b:f7:f4:21:87:41:db:13:ba:e0:0b:9f:
a9:f0:38:06:fe:49:26:50:e3:1e:05:37:d9:76:8a:
3a:b7:fa:30:24:f0:d7:7a:af:ac:e7:49:37:95:71:
d0:58:87:74:ed:08:fc:df:e1:78:a6:7f:68:a7:c9:
59:ca:06:8b:2a:09:f0:3b:2e:ea:b5:0c:63:da:f0:
38:7a:e0:b7:49:75:a7:0e:a3:3b:28:8d:7d:5c:6e:
3a:85:0b:c0:f7:8d:77:43:48:8e:82:ba:55:89:e0:
ca:33:c9:29:7f:8b:38:85:30:01:6f:6d:f9:cd:53:
d3:69:84:95:fa:c3:97:8e:f3:92:25:cd:ac:d7:c6:
6c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:22:2F:81:B8:8C:9F:64:F8:C1:70:E0:04:84:08:CE:48:B7:BF:44
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8CIvgbiMn2T4wXDgBIQIzki3v0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:780::/47
2a0e:97c0:78a::/47
2a0e:97c0:78f::/48
Signature Algorithm: sha256WithRSAEncryption
4c:2d:41:40:e2:51:11:b1:f8:d9:3f:ec:1f:34:b5:67:34:a3:
66:80:ba:99:0b:8b:83:b1:3c:fe:6f:2f:56:a9:9d:da:6b:11:
13:bb:49:29:13:53:bd:9e:bd:43:9d:6e:b4:0e:f2:70:e3:12:
cc:6d:56:5f:86:24:6c:35:47:aa:da:84:31:43:cd:1a:98:59:
89:6b:dc:c3:b0:23:11:ef:f8:07:b0:c1:2e:3d:1c:04:bc:7f:
cd:ac:13:13:48:00:32:d4:c3:95:7e:84:5a:a8:f3:a9:e8:ba:
54:e7:1d:9c:68:e3:d4:39:1e:46:29:2c:a0:a9:8c:0d:d8:db:
4e:b1:55:db:6a:63:61:99:b0:e7:19:7d:8e:34:70:d3:67:c8:
22:41:7a:7a:f4:5d:26:9b:3e:28:7e:b8:89:df:96:ef:fd:13:
19:72:52:09:9a:7c:bb:a9:3c:27:01:b7:f8:03:65:61:86:ea:
5d:d2:e3:34:de:a5:51:89:2d:25:fb:21:f6:78:d3:f0:a5:c7:
ae:84:c3:ca:9a:1b:38:38:a6:09:c9:f2:74:2f:71:b5:e9:71:
92:39:08:03:fc:c0:75:79:2e:db:98:cc:01:96:c8:d4:61:47:
1c:22:57:a6:6f:d5:20:c2:f4:dc:f9:3e:17:b7:15:2b:5e:ae:
ee:8e:f4:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbbHyeKqqL4ufAJ6tHqW5T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzEzMTMxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIyMmY4MWI4OGM5ZjY0ZjhjMTcwZTAwNDg0MDhjZTQ4YjdiZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz6Z9Hcc/RqhLJaZ9+0tUGK8oa10
B1RXmaU24tUfDoMxr3iQRofqhM9jDBIoQSt1k/imi92lraTIpMsHVOzNYf8HB4Xc
5jev8GBhbS9T+Tcc3BlloSbYguLZwZoYhXO/zA6gNsa2wv80t4MRWycDXgW4tuvR
JwJgfvYr9/Qhh0HbE7rgC5+p8DgG/kkmUOMeBTfZdoo6t/owJPDXeq+s50k3lXHQ
WId07Qj83+F4pn9op8lZygaLKgnwOy7qtQxj2vA4euC3SXWnDqM7KI19XG46hQvA
9413Q0iOgrpVieDKM8kpf4s4hTABb235zVPTaYSV+sOXjvOSJc2s18ZsRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPAiL4G4jJ9k+MFw4ASECM5It79EMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOENJdmdiaU1uMlQ0d1hEZ0JJUUl6a2kzdjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAeA
AwcBKg6XwAeKAwcAKg6XwAePMA0GCSqGSIb3DQEBCwUAA4IBAQBMLUFA4lERsfjZ
P+wfNLVnNKNmgLqZC4uDsTz+by9WqZ3aaxETu0kpE1O9nr1DnW60DvJw4xLMbVZf
hiRsNUeq2oQxQ80amFmJa9zDsCMR7/gHsMEuPRwEvH/NrBMTSAAy1MOVfoRaqPOp
6LpU5x2caOPUOR5GKSygqYwN2NtOsVXbamNhmbDnGX2ONHDTZ8giQXp69F0mmz4o
friJ35bv/RMZclIJmny7qTwnAbf4A2Vhhupd0uM03qVRiS0l+yH2eNPwpceuhMPK
mhs4OKYJyfJ0L3G16XGSOQgD/MB1eS7bmMwBlsjUYUccIlemb9UgwvTc+T4XtxUr
Xq7ujvSu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org