Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8foNVbYzr2NZ_8TuxTkCBYQrFbY.roa
File: 8foNVbYzr2NZ_8TuxTkCBYQrFbY.roa (raw, json)
Hash identifier: 96j7kasRH7MBE65Q8YZHwlRDpQyW+e3uasxniQRWIzM=
Subject key identifier: F1:FA:0D:55:B6:33:AF:63:59:FF:C4:EE:C5:39:02:05:84:2B:15:B6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40AA1B06301367AF68767F8A334ECD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8foNVbYzr2NZ_8TuxTkCBYQrFbY.roa
Signing time: Mon 23 Jan 2023 10:50:57 +0000
ROA not before: Mon 23 Jan 2023 10:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58336
IP address blocks: 2a0e:97c0:550::/44 maxlen: 48
2a10:cc44:100::/44 maxlen: 48
2a10:cc42:120::/44 maxlen: 48
2a10:cc42:130::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:aa:1b:06:30:13:67:af:68:76:7f:8a:33:4e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1fa0d55b633af6359ffc4eec5390205842b15b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d8:25:07:37:39:43:90:1d:30:5d:58:f8:97:
70:c5:b2:67:fc:93:8f:60:15:ec:be:0d:77:ee:79:
48:ed:29:96:2f:ae:62:4c:08:be:c4:4e:1f:23:fa:
72:47:df:3d:e6:c9:e5:f6:67:9c:14:7e:57:8a:de:
c9:b7:9b:7d:36:f3:b8:59:8a:ae:ab:df:2f:3b:10:
ea:81:8a:e2:41:b8:01:98:0a:21:91:c9:c7:1c:23:
f5:ed:34:76:f0:90:45:3f:4e:56:2d:7e:88:2f:6f:
07:4f:37:6f:5d:ef:e7:8c:99:4b:6f:18:c5:43:5b:
66:d4:4d:fd:a5:92:5e:f3:e6:41:99:7e:26:5f:59:
42:d6:80:69:71:a7:43:7c:f5:65:ec:de:35:cc:38:
4f:b8:94:32:0a:5d:f5:d7:83:1d:0f:0f:43:5e:ba:
9a:42:12:c6:c0:6e:c4:fe:51:ae:3d:d7:a4:f6:42:
e3:97:cb:cf:40:27:a8:4d:89:7b:47:4d:cb:50:e9:
e3:df:6d:1b:66:0c:f6:70:b7:36:01:33:a6:12:e5:
69:86:4d:46:16:af:be:27:3e:06:f9:31:16:b1:6f:
23:84:e0:ef:c1:d6:c6:3b:57:6d:d1:b8:75:0b:1e:
16:af:e7:e9:9f:52:d2:a7:82:d3:75:ea:28:40:10:
bd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:FA:0D:55:B6:33:AF:63:59:FF:C4:EE:C5:39:02:05:84:2B:15:B6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8foNVbYzr2NZ_8TuxTkCBYQrFbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:550::/44
2a10:cc42:120::/43
2a10:cc44:100::/44
Signature Algorithm: sha256WithRSAEncryption
42:a7:e2:09:f1:53:e1:d9:1a:51:86:71:c5:a4:12:20:df:99:
b8:6c:68:68:f9:c4:73:15:b9:1e:2f:e8:1f:06:33:b7:08:39:
8d:2a:74:a7:a8:1d:51:f7:8d:d7:ed:1b:52:5a:00:25:01:8c:
4f:ee:06:1f:67:27:58:11:6a:ad:39:7b:9a:1a:81:35:72:4f:
b0:5b:24:66:e6:39:56:1b:67:e0:02:5a:18:af:f2:cf:70:1e:
1e:1a:b9:cd:43:2e:c5:9b:9e:a9:21:6c:61:30:4a:ad:a3:d9:
76:6a:c0:e7:a3:6a:de:b7:2c:ce:f5:60:33:d4:84:e5:62:2d:
a4:ad:f2:32:f8:8b:f0:f5:fa:48:8a:99:cb:0e:28:e2:ad:d9:
3e:ea:09:a9:4d:51:71:cb:d5:c8:1a:cf:dc:c9:1f:68:29:65:
2b:05:95:c4:14:fc:d1:a6:96:2f:e5:6b:a0:bf:1f:fe:81:06:
3a:e5:61:94:74:78:42:1b:16:0e:ef:df:a4:42:84:c6:93:03:
5a:f9:9c:1f:7a:c1:e7:3f:34:80:b9:db:35:70:d4:33:d1:47:
4b:77:e5:55:b1:16:db:af:c4:ab:77:e8:0e:94:9d:74:8d:86:
a1:c8:7e:6b:5d:7c:34:74:a8:9f:cf:e1:7f:81:de:45:34:b5:
93:20:db:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXeQKobBjATZ69odn+KM07NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWZhMGQ1NWI2MzNhZjYzNTlmZmM0ZWVjNTM5MDIwNTg0MmIxNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9glBzc5Q5AdMF1Y+JdwxbJn/JOP
YBXsvg137nlI7SmWL65iTAi+xE4fI/pyR9895snl9mecFH5Xit7Jt5t9NvO4WYqu
q98vOxDqgYriQbgBmAohkcnHHCP17TR28JBFP05WLX6IL28HTzdvXe/njJlLbxjF
Q1tm1E39pZJe8+ZBmX4mX1lC1oBpcadDfPVl7N41zDhPuJQyCl3114MdDw9DXrqa
QhLGwG7E/lGuPdek9kLjl8vPQCeoTYl7R03LUOnj320bZgz2cLc2ATOmEuVphk1G
Fq++Jz4G+TEWsW8jhODvwdbGO1dt0bh1Cx4Wr+fpn1LSp4LTdeooQBC9gQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPH6DVW2M69jWf/E7sU5AgWEKxW2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOGZvTlZiWXpyMk5aXzhUdXhUa0NCWVFyRmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAVQ
AwcFKhDMQgEgAwcEKhDMRAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBCp+IJ8VPh2RpR
hnHFpBIg35m4bGho+cRzFbkeL+gfBjO3CDmNKnSnqB1R943X7RtSWgAlAYxP7gYf
ZydYEWqtOXuaGoE1ck+wWyRm5jlWG2fgAloYr/LPcB4eGrnNQy7Fm56pIWxhMEqt
o9l2asDno2retyzO9WAz1ITlYi2krfIy+Ivw9fpIipnLDijirdk+6gmpTVFxy9XI
Gs/cyR9oKWUrBZXEFPzRppYv5Wugvx/+gQY65WGUdHhCGxYO79+kQoTGkwNa+Zwf
esHnPzSAuds1cNQz0UdLd+VVsRbbr8Srd+gOlJ10jYahyH5rXXw0dKifz+F/gd5F
NLWTINsU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org