Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8rDq5qfLiWgjaiztSJ2IplvezyA.roa
File: 8rDq5qfLiWgjaiztSJ2IplvezyA.roa (raw, json)
Hash identifier: VyPMULwlnlliz8ae0M/Fpytnpv8euZsQy9pkrbx1UAI=
Subject key identifier: F2:B0:EA:E6:A7:CB:89:68:23:6A:2C:ED:48:9D:88:A6:5B:DE:CF:20
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7E6BB730C0A3E6F6C63D713B80292
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8rDq5qfLiWgjaiztSJ2IplvezyA.roa
Signing time: Mon 02 Jan 2023 05:15:23 +0000
ROA not before: Mon 02 Jan 2023 05:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210354
IP address blocks: 2a0e:97c0:690::/44 maxlen: 48
2a0e:97c0:690::/48 maxlen: 48
2a0e:97c0:693::/48 maxlen: 48
2a0e:97c0:691::/48 maxlen: 48
2a0e:97c0:692::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:e6:bb:73:0c:0a:3e:6f:6c:63:d7:13:b8:02:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b0eae6a7cb8968236a2ced489d88a65bdecf20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fa:df:22:d1:e1:ee:c0:37:b8:c7:80:5b:ea:
19:b4:bb:f7:02:31:6f:32:06:04:19:48:b7:e2:96:
e5:88:aa:cc:d7:d1:48:49:89:a5:97:57:ed:5a:3e:
2c:e7:f2:38:42:76:03:dc:bc:01:17:18:ad:3e:a1:
52:4b:69:e0:68:88:89:05:43:18:4d:53:c6:20:a4:
d8:22:a7:1c:b2:31:c2:d3:5c:40:64:61:e9:d7:3e:
ee:3d:fe:0d:fa:9a:bd:8b:3e:9f:c4:84:21:04:7c:
fb:4e:25:76:ac:e7:f5:3a:6f:22:01:8b:67:be:c0:
09:16:8a:63:71:3b:b7:5a:6c:d3:47:30:e5:25:92:
cd:9e:06:20:80:cb:71:db:b2:05:2d:9d:8e:15:77:
5a:cb:aa:3c:88:79:c9:70:83:61:81:25:17:2c:3d:
66:2d:55:6f:83:a4:55:2f:1f:31:da:82:dc:37:b3:
4b:ab:98:b9:e9:5b:2c:e3:2a:b2:35:84:ee:52:f8:
a3:04:0b:6e:d1:a5:9c:30:a7:44:46:52:de:25:1a:
54:a3:94:fa:37:c7:95:9b:84:87:8c:91:45:79:cd:
cb:66:cd:ed:b0:b5:23:43:e7:db:06:77:ec:5d:23:
99:d2:9a:91:b9:7e:33:14:8e:9b:0a:a4:bf:9f:7a:
e5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B0:EA:E6:A7:CB:89:68:23:6A:2C:ED:48:9D:88:A6:5B:DE:CF:20
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/8rDq5qfLiWgjaiztSJ2IplvezyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:690::/44
Signature Algorithm: sha256WithRSAEncryption
81:3c:3c:c9:25:70:0f:a7:b7:f7:b9:32:9e:c9:c3:c1:4d:6a:
96:ff:65:f0:16:e6:81:76:82:f6:e7:aa:de:29:8f:35:fd:8f:
a9:d3:75:09:38:09:41:8f:5c:a3:fb:47:ee:83:52:92:04:9a:
7b:67:ed:e9:dd:6c:79:8b:31:da:44:d1:13:65:01:8b:06:16:
fb:30:b2:16:f0:86:95:77:da:ae:eb:63:1c:25:a8:ad:f3:a7:
40:68:26:88:23:7b:bc:88:54:a8:ed:11:2f:68:24:ed:ac:29:
62:35:4a:e8:e4:55:04:26:d6:26:f7:44:c7:d5:79:7c:cd:89:
de:1e:a5:6e:96:96:0c:23:51:07:77:a4:b5:43:50:91:b7:db:
03:aa:59:4e:e5:70:a5:39:27:b3:f0:a3:09:af:50:62:78:15:
78:4d:7a:86:08:43:fb:3f:40:f2:ea:9b:6e:be:0a:98:30:41:
1a:47:ac:8b:7b:09:92:b0:7e:09:fb:66:c0:92:48:73:40:68:
a9:6e:50:fc:97:b5:e8:4c:51:77:ab:84:90:ca:05:d3:71:cc:
3e:53:12:2f:0d:8d:34:8c:ad:18:57:4a:33:21:8f:45:dd:d4:
3c:9e:81:4e:1d:e2:c3:af:6a:c6:91:22:48:7c:12:a6:89:98:
a2:cf:e9:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+a7cwwKPm9sY9cTuAKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIwZWFlNmE3Y2I4OTY4MjM2YTJjZWQ0ODlkODhhNjViZGVjZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/rfItHh7sA3uMeAW+oZtLv3AjFv
MgYEGUi34pbliKrM19FISYmll1ftWj4s5/I4QnYD3LwBFxitPqFSS2ngaIiJBUMY
TVPGIKTYIqccsjHC01xAZGHp1z7uPf4N+pq9iz6fxIQhBHz7TiV2rOf1Om8iAYtn
vsAJFopjcTu3WmzTRzDlJZLNngYggMtx27IFLZ2OFXday6o8iHnJcINhgSUXLD1m
LVVvg6RVLx8x2oLcN7NLq5i56Vss4yqyNYTuUvijBAtu0aWcMKdERlLeJRpUo5T6
N8eVm4SHjJFFec3LZs3tsLUjQ+fbBnfsXSOZ0pqRuX4zFI6bCqS/n3rlDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPKw6uany4loI2os7UidiKZb3s8gMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOHJEcTVxZkxpV2dqYWl6dFNKMklwbHZlenlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCBPDzJJXAPp7f3uTKeycPBTWqW/2XwFuaBdoL2
56reKY81/Y+p03UJOAlBj1yj+0fug1KSBJp7Z+3p3Wx5izHaRNETZQGLBhb7MLIW
8IaVd9qu62McJait86dAaCaII3u8iFSo7REvaCTtrCliNUro5FUEJtYm90TH1Xl8
zYneHqVulpYMI1EHd6S1Q1CRt9sDqllO5XClOSez8KMJr1BieBV4TXqGCEP7P0Dy
6ptuvgqYMEEaR6yLewmSsH4J+2bAkkhzQGipblD8l7XoTFF3q4SQygXTccw+UxIv
DY00jK0YV0ozIY9F3dQ8noFOHeLDr2rGkSJIfBKmiZiiz+lj
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:29 2024 by rpki-client on console-fra.rpki-client.org