Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ACMwlP51GDepF0gN9bCHrLjt2Vk.roa
File: ACMwlP51GDepF0gN9bCHrLjt2Vk.roa (raw, json)
Hash identifier: rex1r0lXz1UmJnXsMZEKFsTuS7ji/TpddD+TeFYrpVU=
Subject key identifier: 00:23:30:94:FE:75:18:37:A9:17:48:0D:F5:B0:87:AC:B8:ED:D9:59
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7A8E86EFB820E3D2337CDC14AE88A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ACMwlP51GDepF0gN9bCHrLjt2Vk.roa
Signing time: Mon 02 Jan 2023 05:15:08 +0000
ROA not before: Mon 02 Jan 2023 05:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202340
IP address blocks: 2a10:cc40:212::/48 maxlen: 48
2a10:cc40:215::/48 maxlen: 48
2a10:cc40:210::/44 maxlen: 48
2a10:cc40:213::/48 maxlen: 48
2a10:cc40:211::/48 maxlen: 48
2a10:cc40:214::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:a8:e8:6e:fb:82:0e:3d:23:37:cd:c1:4a:e8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00233094fe751837a917480df5b087acb8edd959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:36:9c:12:ec:ed:27:4e:b1:6b:28:6a:c9:
d8:70:86:83:b4:e0:26:97:13:7c:40:a4:94:73:1f:
22:fc:6a:5e:1b:29:60:cf:24:0a:dd:66:b8:0f:f9:
b0:01:89:86:29:c2:aa:e7:e8:6d:79:5e:c6:92:2e:
1f:d0:1a:81:28:6d:a2:d5:0d:b4:2a:02:29:c1:0c:
de:ab:8e:29:dc:fb:d5:cc:6d:62:64:7f:40:66:d2:
1e:ee:96:e6:fd:40:d1:cc:c5:c0:74:4e:0c:e4:22:
a6:16:13:87:fa:62:42:4e:55:48:ca:61:73:3e:e6:
b7:dd:33:50:bd:cb:e8:8f:17:b3:88:e1:86:dd:e9:
0a:ce:fe:2e:17:89:17:4b:2a:c0:0a:61:f7:83:69:
3f:9f:f3:7d:80:c3:16:99:88:2e:b5:52:79:07:c1:
19:1a:95:6d:5d:be:1f:d4:13:60:c6:c3:39:58:76:
ca:8a:4f:a7:6e:71:33:4d:2d:26:81:62:34:c3:e6:
ec:a6:f2:b8:6b:55:d1:14:d5:2f:7c:89:73:42:14:
6b:42:37:55:e3:ec:31:12:ab:c8:82:4b:49:11:64:
de:d7:ab:a1:c2:07:30:8f:13:d3:bb:f7:e5:b1:2f:
8a:a4:60:38:57:cf:4e:2d:73:08:95:aa:16:0e:55:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:23:30:94:FE:75:18:37:A9:17:48:0D:F5:B0:87:AC:B8:ED:D9:59
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ACMwlP51GDepF0gN9bCHrLjt2Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:210::/44
Signature Algorithm: sha256WithRSAEncryption
7d:10:ba:d8:b9:4f:95:c5:8b:c6:47:3a:8e:4b:0b:26:e1:06:
d1:34:91:13:49:30:a5:fa:17:06:5d:42:92:57:fb:28:79:b7:
24:02:6c:ef:a7:9e:93:1c:a2:1a:fc:af:7a:6d:ff:9c:9b:8b:
a7:34:e4:7a:4d:8b:f1:17:02:64:b4:0b:89:b6:e0:40:c3:f0:
45:24:58:0f:4e:ed:73:fd:64:c0:3a:ec:42:14:9e:74:de:87:
83:8b:76:e2:53:ed:7f:be:27:74:0a:31:2d:94:9a:ce:ad:e2:
f5:df:ca:78:35:ae:55:6a:75:af:ac:f5:04:a0:11:e8:82:33:
4a:30:c6:35:1e:ac:0d:e3:d4:43:e7:94:28:a7:9f:4c:47:4a:
6d:79:8e:f9:0d:5e:21:c3:33:3f:dc:29:84:2b:b0:89:92:1a:
d3:04:14:b1:0c:a6:f8:1e:d8:bb:17:9e:70:3d:2e:aa:d2:df:
f6:41:b7:8f:2b:54:bf:51:ac:4b:71:57:bb:96:94:32:98:d2:
42:ad:b5:39:18:76:cc:82:5e:52:f6:05:3b:6c:ed:f3:6f:6b:
35:0e:f9:5a:2a:df:33:45:49:20:8a:e3:ad:b6:ea:0e:2c:88:
48:29:da:8c:6d:45:41:a9:1d:f9:f2:85:7a:29:fb:9c:21:a3:
9c:14:3f:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56jobvuCDj0jN83BSuiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDIzMzA5NGZlNzUxODM3YTkxNzQ4MGRmNWIwODdhY2I4ZWRkOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzg2nBLs7SdOsWsoasnYcIaDtOAm
lxN8QKSUcx8i/GpeGylgzyQK3Wa4D/mwAYmGKcKq5+hteV7Gki4f0BqBKG2i1Q20
KgIpwQzeq44p3PvVzG1iZH9AZtIe7pbm/UDRzMXAdE4M5CKmFhOH+mJCTlVIymFz
Pua33TNQvcvojxeziOGG3ekKzv4uF4kXSyrACmH3g2k/n/N9gMMWmYgutVJ5B8EZ
GpVtXb4f1BNgxsM5WHbKik+nbnEzTS0mgWI0w+bspvK4a1XRFNUvfIlzQhRrQjdV
4+wxEqvIgktJEWTe16uhwgcwjxPTu/flsS+KpGA4V89OLXMIlaoWDlVS+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAAjMJT+dRg3qRdIDfWwh6y47dlZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQUNNd2xQNTFHRGVwRjBnTjliQ0hyTGp0MlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMQAIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB9ELrYuU+VxYvGRzqOSwsm4QbRNJETSTCl+hcG
XUKSV/soebckAmzvp56THKIa/K96bf+cm4unNOR6TYvxFwJktAuJtuBAw/BFJFgP
Tu1z/WTAOuxCFJ503oeDi3biU+1/vid0CjEtlJrOreL138p4Na5VanWvrPUEoBHo
gjNKMMY1HqwN49RD55Qop59MR0pteY75DV4hwzM/3CmEK7CJkhrTBBSxDKb4Hti7
F55wPS6q0t/2QbePK1S/UaxLcVe7lpQymNJCrbU5GHbMgl5S9gU7bO3zb2s1Dvla
Kt8zRUkgiuOttuoOLIhIKdqMbUVBqR358oV6KfucIaOcFD9T
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org