Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa
File: A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa (raw, json)
Hash identifier: 4NZPnm+HO1XEo55t9kvjKDYf9RWX3xskk/LZzULkLx8=
Subject key identifier: 03:60:E6:F7:D1:A1:BF:96:5B:DF:98:98:3D:DC:B5:22:27:43:14:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186CCA42554CF8AD0971D1D60C3DDE27644
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa
Signing time: Fri 10 Mar 2023 17:49:14 +0000
ROA not before: Fri 10 Mar 2023 17:49:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210397
IP address blocks: 2a0e:97c0:780::/48 maxlen: 48
2a0e:97c0:781::/48 maxlen: 48
2a0e:97c0:78f::/48 maxlen: 48
2a0e:97c0:78a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:a4:25:54:cf:8a:d0:97:1d:1d:60:c3:dd:e2:76:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 10 17:49:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0360e6f7d1a1bf965bdf98983ddcb5222743149b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:42:d6:7a:9e:9a:71:f5:54:55:dd:ba:b4:
e4:6b:67:ff:7c:11:8a:a8:33:63:45:b9:29:6c:3c:
e8:ad:b5:85:ba:a3:5a:53:ea:44:e0:dc:8f:11:70:
f1:5b:0a:b4:9b:ab:1c:ac:92:4f:a6:fa:39:eb:f8:
96:44:1a:88:c8:4d:10:da:9e:63:e4:6c:14:19:04:
bc:9a:03:f2:2c:38:fc:19:fc:13:ff:7c:3e:42:92:
51:d2:c0:bc:48:99:4f:d0:2f:7e:bf:63:ea:b0:92:
0c:41:56:f8:76:28:12:16:a2:54:a8:31:c3:61:ec:
45:90:b8:f3:48:51:95:2a:49:e8:d3:60:6b:e4:df:
3c:77:4a:d0:a2:b7:57:71:11:2b:e6:25:e0:e2:67:
07:b1:6c:5d:e0:46:73:02:e7:bd:d6:1a:48:e8:dc:
0e:bf:5d:3c:22:7f:46:1c:ac:4a:c5:03:e5:60:11:
d9:c6:14:85:b4:66:3b:04:f8:56:13:11:fe:fa:9e:
6d:46:6d:33:06:b2:fc:6c:26:f3:fe:46:ad:79:f7:
57:76:9a:2c:ee:cb:d4:11:20:6e:41:34:29:93:4a:
e2:47:db:3f:dc:66:72:2d:07:78:5a:bc:d9:e7:d9:
e7:6b:86:d3:4d:81:52:a1:62:5b:2e:fe:80:56:ad:
55:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:60:E6:F7:D1:A1:BF:96:5B:DF:98:98:3D:DC:B5:22:27:43:14:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/A2Dm99Ghv5Zb35iYPdy1IidDFJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:780::/47
2a0e:97c0:78a::/48
2a0e:97c0:78f::/48
Signature Algorithm: sha256WithRSAEncryption
64:15:55:dc:9c:89:c9:9f:ad:e8:0e:db:08:39:22:41:33:47:
33:92:8a:ea:95:87:34:3d:30:e3:db:af:49:81:b7:bd:78:32:
09:37:32:cf:b3:a3:12:65:c1:54:1c:35:cd:6d:12:f0:43:f7:
95:90:55:7e:aa:4d:29:36:11:de:50:15:3d:42:5a:30:d0:a0:
ec:0a:89:f5:d7:21:f2:d0:59:a1:46:5a:da:25:9f:62:04:37:
92:08:65:24:b4:1b:49:91:1c:1e:2a:b8:e7:da:be:7b:69:db:
bb:82:23:24:0b:24:92:d8:4d:1a:14:98:cd:28:a3:e2:22:cb:
bc:53:13:ea:40:3a:41:55:68:73:c0:3f:f1:1d:d4:50:3e:a8:
28:f4:97:69:6b:ef:cf:11:c4:dc:ca:72:c5:0b:75:ed:b0:50:
e3:7a:b7:c2:04:fd:3e:37:6d:6d:99:00:67:4d:41:58:b5:2f:
a0:65:f0:91:36:5b:0d:bf:58:7f:02:e9:0c:f4:24:61:7a:4d:
81:de:f8:0c:78:9f:b6:83:b3:48:9b:8a:57:d8:e8:97:19:a8:
1d:76:cb:60:5e:5b:5d:0e:a9:24:c1:68:f2:ff:05:35:68:0e:
77:69:3b:8d:07:75:ef:9b:0f:ca:26:6a:ba:8e:9f:76:ad:20:
ff:c7:05:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbMpCVUz4rQlx0dYMPd4nZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzEwMTc0OTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzYwZTZmN2QxYTFiZjk2NWJkZjk4OTgzZGRjYjUyMjI3NDMxNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9C1nqemnH1VFXdurTka2f/fBGK
qDNjRbkpbDzorbWFuqNaU+pE4NyPEXDxWwq0m6scrJJPpvo56/iWRBqIyE0Q2p5j
5GwUGQS8mgPyLDj8GfwT/3w+QpJR0sC8SJlP0C9+v2PqsJIMQVb4digSFqJUqDHD
YexFkLjzSFGVKkno02Br5N88d0rQordXcREr5iXg4mcHsWxd4EZzAue91hpI6NwO
v108In9GHKxKxQPlYBHZxhSFtGY7BPhWExH++p5tRm0zBrL8bCbz/katefdXdpos
7svUESBuQTQpk0riR9s/3GZyLQd4WrzZ59nna4bTTYFSoWJbLv6AVq1VPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFANg5vfRob+WW9+YmD3ctSInQxSbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQTJEbTk5R2h2NVpiMzVpWVBkeTFJaWRERkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAeA
AwcAKg6XwAeKAwcAKg6XwAePMA0GCSqGSIb3DQEBCwUAA4IBAQBkFVXcnInJn63o
DtsIOSJBM0czkorqlYc0PTDj269Jgbe9eDIJNzLPs6MSZcFUHDXNbRLwQ/eVkFV+
qk0pNhHeUBU9Qlow0KDsCon11yHy0FmhRlraJZ9iBDeSCGUktBtJkRweKrjn2r57
adu7giMkCySS2E0aFJjNKKPiIsu8UxPqQDpBVWhzwD/xHdRQPqgo9Jdpa+/PEcTc
ynLFC3XtsFDjerfCBP0+N21tmQBnTUFYtS+gZfCRNlsNv1h/AukM9CRhek2B3vgM
eJ+2g7NIm4pX2OiXGagddstgXltdDqkkwWjy/wU1aA53aTuNB3Xvmw/KJmq6jp92
rSD/xwWJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org