Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8XZSAN5D4WPm4NUWorYed1CBK1k.roa
File: 8XZSAN5D4WPm4NUWorYed1CBK1k.roa (raw, json)
Hash identifier: hxeFtRREhyJ5FmjuZ+hq40Du3tQwUx7F6Mep8ugYhg0=
Subject key identifier: F1:76:52:00:DE:43:E1:63:E6:E0:D5:16:A2:B6:1E:77:50:81:2B:59
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC5B51693BE0E3C5724B75481206E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8XZSAN5D4WPm4NUWorYed1CBK1k.roa
Signing time: Tue 24 Jan 2023 16:09:37 +0000
ROA not before: Tue 24 Jan 2023 16:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141237
IP address blocks: 2a0e:b107:df4::/48 maxlen: 48
2a0e:b107:9dc::/48 maxlen: 48
2a0e:b107:df1::/48 maxlen: 48
2a0e:b107:df3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c5:b5:16:93:be:0e:3c:57:24:b7:54:81:20:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1765200de43e163e6e0d516a2b61e7750812b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:1d:ed:7c:92:68:45:7a:1f:65:36:64:62:
4b:00:c6:c6:f5:58:e1:a3:ff:11:af:fe:90:e3:e8:
6a:54:4b:e3:2f:4c:68:65:83:04:84:a1:40:29:8d:
18:f0:8f:11:72:3d:09:4e:00:34:9c:53:3f:63:03:
9e:a3:2f:25:ff:13:9d:65:71:c9:2f:bf:93:49:88:
88:03:14:9e:2e:e2:d0:af:1f:f9:0c:aa:92:5f:d4:
2b:64:50:58:3b:49:13:89:eb:0a:96:5d:46:fb:a5:
62:bc:b9:12:43:55:5f:3f:9d:24:4c:da:c3:55:9a:
72:6e:08:e4:0b:e6:ff:98:cd:8f:d8:08:96:0f:17:
31:76:1b:af:2c:b6:ef:29:51:26:2d:01:dd:bf:8e:
ef:88:62:6b:e5:4c:1b:8c:f1:6f:5b:77:e5:11:f1:
8b:5b:4b:a1:7f:8f:75:9d:2c:82:fa:46:6a:59:2e:
84:b2:6d:b8:4e:cc:68:24:f6:76:08:d6:89:5d:e7:
b4:78:af:69:27:f0:ad:4c:45:35:b7:54:95:fd:62:
4b:8c:76:87:0e:97:02:fd:21:4f:a5:d3:70:22:55:
5f:c9:b0:1d:2e:fd:9a:22:53:cf:1c:c1:e1:98:5d:
29:cb:ef:88:99:0f:59:95:7c:10:54:90:00:9b:e7:
60:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:76:52:00:DE:43:E1:63:E6:E0:D5:16:A2:B6:1E:77:50:81:2B:59
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8XZSAN5D4WPm4NUWorYed1CBK1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:9dc::/48
2a0e:b107:df1::/48
2a0e:b107:df3::-2a0e:b107:df4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:66:c5:d8:ab:a0:78:00:b6:05:70:2b:f6:9b:8f:7a:28:99:
f5:03:76:db:63:7a:cb:9f:f0:da:19:d3:e0:47:f9:bf:51:46:
21:6b:83:8b:23:cb:3d:73:af:a4:e1:ba:f2:0d:cf:37:16:2d:
8a:94:e7:f7:4a:8e:26:71:23:a1:cb:f9:e5:49:81:dc:de:5a:
75:74:f5:9b:55:fa:36:d9:50:b8:ef:9f:54:ed:64:72:58:57:
41:c3:63:cd:6b:ed:96:2f:2c:48:80:1e:73:7d:4e:71:91:00:
92:94:04:11:28:05:40:18:fb:6c:fb:6d:d8:53:9f:89:a0:8c:
46:1a:07:bd:9a:2f:2d:76:9e:f6:d8:26:a1:c6:6d:38:07:4d:
0e:9f:12:7f:d6:de:18:80:b1:e6:34:4e:cf:33:c3:f9:5f:82:
37:82:0d:23:92:ec:72:a3:25:4d:56:4b:83:4d:d2:a1:5a:ab:
f2:5e:72:7a:5f:61:85:db:ab:ca:63:8f:07:e6:45:d2:79:f2:
5a:47:89:bc:e6:bc:86:10:51:61:f7:76:a1:83:02:74:73:a5:
bf:f3:ea:6c:f0:e2:f8:d4:b2:c1:46:50:2f:df:33:1e:b4:9a:
98:be:fd:94:bd:2b:cc:d7:47:75:52:52:41:f2:c7:3b:81:44:
db:4e:8b:0c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXkisW1FpO+DjxXJLdUgSBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTc2NTIwMGRlNDNlMTYzZTZlMGQ1MTZhMmI2MWU3NzUwODEyYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+kd7XySaEV6H2U2ZGJLAMbG9Vjh
o/8Rr/6Q4+hqVEvjL0xoZYMEhKFAKY0Y8I8Rcj0JTgA0nFM/YwOeoy8l/xOdZXHJ
L7+TSYiIAxSeLuLQrx/5DKqSX9QrZFBYO0kTiesKll1G+6VivLkSQ1VfP50kTNrD
VZpybgjkC+b/mM2P2AiWDxcxdhuvLLbvKVEmLQHdv47viGJr5UwbjPFvW3flEfGL
W0uhf491nSyC+kZqWS6Esm24TsxoJPZ2CNaJXee0eK9pJ/CtTEU1t1SV/WJLjHaH
DpcC/SFPpdNwIlVfybAdLv2aIlPPHMHhmF0py++ImQ9ZlXwQVJAAm+dgvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPF2UgDeQ+Fj5uDVFqK2HndQgStZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOFhaU0FONUQ0V1BtNE5VV29yWWVkMUNCSzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg6xBwnc
AwcAKg6xBw3xMBIDBwAqDrEHDfMDBwAqDrEHDfQwDQYJKoZIhvcNAQELBQADggEB
AAtmxdiroHgAtgVwK/abj3oomfUDdttjesuf8NoZ0+BH+b9RRiFrg4sjyz1zr6Th
uvINzzcWLYqU5/dKjiZxI6HL+eVJgdzeWnV09ZtV+jbZULjvn1TtZHJYV0HDY81r
7ZYvLEiAHnN9TnGRAJKUBBEoBUAY+2z7bdhTn4mgjEYaB72aLy12nvbYJqHGbTgH
TQ6fEn/W3hiAseY0Ts8zw/lfgjeCDSOS7HKjJU1WS4NN0qFaq/JecnpfYYXbq8pj
jwfmRdJ58lpHibzmvIYQUWH3dqGDAnRzpb/z6mzw4vjUssFGUC/fMx60mpi+/ZS9
K8zXR3VSUkHyxzuBRNtOiww=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org