Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8pfznB9wnAXM0OLCj9aTlSr5aRs.roa
File: 8pfznB9wnAXM0OLCj9aTlSr5aRs.roa (raw, json)
Hash identifier: g7Fjg5hoEMI2BBqqScFQjCctiJ7pW8ejyN1mZH3EOaI=
Subject key identifier: F2:97:F3:9C:1F:70:9C:05:CC:D0:E2:C2:8F:D6:93:95:2A:F9:69:1B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0189F5254B4598EE6AEE2C19FCFB8A97DB51
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8pfznB9wnAXM0OLCj9aTlSr5aRs.roa
Signing time: Mon 14 Aug 2023 17:43:29 +0000
ROA not before: Mon 14 Aug 2023 17:43:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210631
IP address blocks: 2a0e:97c0:900::/40 maxlen: 48
2a10:cc40:1e0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:25:4b:45:98:ee:6a:ee:2c:19:fc:fb:8a:97:db:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 14 17:43:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f297f39c1f709c05ccd0e2c28fd693952af9691b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fc:e8:96:d6:55:6c:88:bd:61:f3:8d:68:5d:
40:b7:6f:1a:31:90:7a:90:3d:4f:c5:ba:4b:14:1c:
26:77:ee:40:e9:49:f2:49:4f:86:da:f7:68:27:5d:
41:61:d7:ba:36:41:53:25:18:62:a0:29:2d:f7:2e:
b4:5a:57:97:1e:6a:3a:9d:35:41:f0:e8:8d:a6:8a:
c5:ab:9c:e8:9c:0f:b3:91:3c:d0:fa:bf:04:3a:7f:
ff:b6:ee:3f:db:a5:8d:6f:d9:2c:51:8d:01:eb:11:
cc:fb:58:b6:7e:cb:0c:f3:71:9c:54:0d:43:ef:e4:
be:62:17:88:e0:35:48:f8:4c:8c:2c:67:ad:3e:98:
e9:1f:c8:18:a9:77:53:b2:2a:ad:05:be:ac:bc:a3:
3f:b3:b4:3b:05:84:3b:ec:73:f9:dd:d6:04:cd:e2:
1f:7f:c1:e5:39:d5:a8:44:8b:38:90:0b:d9:35:60:
b7:d1:2e:cf:20:f4:b0:49:2c:de:01:e3:c8:ce:56:
5b:9c:bb:8c:02:b4:a3:dd:71:85:83:df:33:09:b2:
d1:21:67:19:af:25:cf:0c:42:60:a5:58:49:94:5e:
cb:a6:05:8a:76:f9:60:1a:68:b3:72:7e:e7:61:ac:
d5:90:39:b9:bc:08:f8:d5:be:57:55:07:c8:91:19:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:F3:9C:1F:70:9C:05:CC:D0:E2:C2:8F:D6:93:95:2A:F9:69:1B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8pfznB9wnAXM0OLCj9aTlSr5aRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:900::/40
2a10:cc40:1e0::/44
Signature Algorithm: sha256WithRSAEncryption
31:5a:02:0b:f5:95:1c:07:fd:03:a5:4e:b6:63:e7:eb:b6:5f:
3c:9e:b1:1a:e3:56:94:7f:1c:d8:da:ae:06:7d:58:c0:8e:c7:
7a:83:f3:0b:84:c1:f1:8f:ea:0b:01:c8:09:7d:48:2c:17:1f:
56:ee:df:a4:21:28:0f:56:98:61:3e:b3:3c:13:ab:9e:16:83:
cc:d7:71:c5:f8:df:fa:e7:46:2f:72:1b:f5:cc:55:66:48:53:
5a:97:be:20:42:a1:7b:4e:e7:e2:4a:c5:7c:58:bd:8e:62:4d:
6d:ed:bd:85:82:11:67:38:85:5f:8b:60:20:f0:3d:f0:3d:4f:
ac:b0:ed:36:c3:96:90:28:91:7c:64:23:b4:72:f0:03:2a:c8:
32:f5:08:2f:39:6c:1f:88:c9:1a:c6:ee:a0:89:64:ae:a6:1a:
0e:44:4b:e2:f6:1d:4e:05:9e:37:94:50:cd:54:e3:5b:15:44:
e9:2c:ed:a5:d0:c5:4f:c9:80:eb:7a:41:e0:6c:ca:c8:d9:ac:
fd:28:f0:29:0f:0f:fa:e7:02:02:ce:04:f6:03:03:4d:8a:41:
82:51:1f:92:8a:e4:7c:e7:82:85:1a:ef:a8:97:10:96:97:c1:
6c:28:97:a9:dd:c9:d9:67:07:3e:97:79:e5:1c:1d:fb:d0:b2:
84:03:ba:fc
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYn1JUtFmO5q7iwZ/PuKl9tRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODE0MTc0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk3ZjM5YzFmNzA5YzA1Y2NkMGUyYzI4ZmQ2OTM5NTJhZjk2OTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/zoltZVbIi9YfONaF1At28aMZB6
kD1PxbpLFBwmd+5A6UnySU+G2vdoJ11BYde6NkFTJRhioCkt9y60WleXHmo6nTVB
8OiNporFq5zonA+zkTzQ+r8EOn//tu4/26WNb9ksUY0B6xHM+1i2fssM83GcVA1D
7+S+YheI4DVI+EyMLGetPpjpH8gYqXdTsiqtBb6svKM/s7Q7BYQ77HP53dYEzeIf
f8HlOdWoRIs4kAvZNWC30S7PIPSwSSzeAePIzlZbnLuMArSj3XGFg98zCbLRIWcZ
ryXPDEJgpVhJlF7LpgWKdvlgGmizcn7nYazVkDm5vAj41b5XVQfIkRnMjQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFPKX85wfcJwFzNDiwo/Wk5Uq+WkbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOHBmem5COXduQVhNME9MQ2o5YVRsU3I1YVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg6XwAkD
BwQqEMxAAeAwDQYJKoZIhvcNAQELBQADggEBADFaAgv1lRwH/QOlTrZj5+u2Xzye
sRrjVpR/HNjargZ9WMCOx3qD8wuEwfGP6gsByAl9SCwXH1bu36QhKA9WmGE+szwT
q54Wg8zXccX43/rnRi9yG/XMVWZIU1qXviBCoXtO5+JKxXxYvY5iTW3tvYWCEWc4
hV+LYCDwPfA9T6yw7TbDlpAokXxkI7Ry8AMqyDL1CC85bB+IyRrG7qCJZK6mGg5E
S+L2HU4FnjeUUM1U41sVROks7aXQxU/JgOt6QeBsysjZrP0o8CkPD/rnAgLOBPYD
A02KQYJRH5KK5HzngoUa76iXEJaXwWwol6ndydlnBz6XeeUcHfvQsoQDuvw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org