Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AFvjRX7yi16vldGzD_Yc68XDgq4.roa
File: AFvjRX7yi16vldGzD_Yc68XDgq4.roa (raw, json)
Hash identifier: zRxJLOvegX6/gKRlhnhFnnS38weQfFg4TJE3t3H1mko=
Subject key identifier: 00:5B:E3:45:7E:F2:8B:5E:AF:95:D1:B3:0F:F6:1C:EB:C5:C3:82:AE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018987B8E0A9EE0BEF5BFE5AF0633943CC77
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AFvjRX7yi16vldGzD_Yc68XDgq4.roa
Signing time: Mon 24 Jul 2023 11:46:27 +0000
ROA not before: Mon 24 Jul 2023 11:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197634
IP address blocks: 2a0e:97c0:ce0::/44 maxlen: 48
2a0e:97c0:ce0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jul 2023 15:39:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:b8:e0:a9:ee:0b:ef:5b:fe:5a:f0:63:39:43:cc:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 24 11:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=005be3457ef28b5eaf95d1b30ff61cebc5c382ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b3:14:5a:d0:7f:b4:21:60:4f:b6:86:4e:54:
e2:3e:1f:06:69:f4:d5:28:55:ca:8f:ed:60:57:3b:
1e:4d:4f:1b:9f:13:8c:47:3c:ee:c4:fc:41:92:36:
4a:d4:ef:2a:d9:a1:c4:ee:dc:96:3c:3f:5f:36:08:
c5:50:6f:31:57:a0:37:da:b7:92:22:af:b2:70:e4:
e9:a3:d2:63:c4:b2:2e:d8:92:7f:46:9b:2a:15:f0:
48:16:c9:eb:58:86:b2:17:e1:c7:95:53:b7:59:be:
75:b6:7b:61:f5:8f:e7:8d:e6:f5:05:09:01:e7:1c:
76:89:74:c9:0c:87:eb:8d:ba:9a:7a:44:91:1b:b0:
d5:36:55:36:58:2e:22:98:e0:69:18:56:df:46:06:
f1:53:7d:fe:93:50:d1:ad:76:18:06:6f:f3:ba:08:
48:12:db:50:e9:07:e7:35:21:4c:69:83:ea:0a:98:
cc:21:be:41:ac:0a:cb:a6:9e:38:f4:52:9d:53:ad:
24:e8:c4:86:81:b4:6a:7b:f1:da:24:50:0a:d7:72:
0b:41:e7:2c:90:e6:61:90:01:e4:90:a8:b4:43:7a:
5f:3a:7f:c6:ad:97:b8:22:b8:91:d3:ed:73:0e:a3:
d6:67:04:95:3b:ea:8b:ad:b4:d6:55:74:3d:23:2d:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5B:E3:45:7E:F2:8B:5E:AF:95:D1:B3:0F:F6:1C:EB:C5:C3:82:AE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AFvjRX7yi16vldGzD_Yc68XDgq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:ce0::/44
Signature Algorithm: sha256WithRSAEncryption
0d:0c:49:51:98:46:af:4b:e8:6d:3a:3a:df:3b:71:1c:af:36:
27:ce:e6:a5:58:81:49:32:32:63:f7:72:ca:2f:4d:08:2e:d8:
5a:5e:10:ca:05:cd:34:b1:db:78:5e:7e:09:56:31:8c:19:fb:
f7:d7:fc:81:4e:ee:e6:21:42:0f:1e:dd:12:96:36:df:e7:fa:
bd:e2:a8:27:da:50:57:f6:94:43:fc:b7:e3:c3:3f:73:23:9d:
cb:b7:98:b8:dd:cf:db:14:74:fc:ca:82:a7:b3:db:1f:2e:7c:
2b:6d:29:cd:b4:35:3c:bb:7a:24:b4:5a:5b:01:18:85:be:b9:
ab:ce:29:a0:9b:16:48:1f:4c:25:66:02:1d:98:ba:ff:e1:7d:
8b:70:96:80:55:3c:7a:d4:35:7a:5c:39:3e:df:73:b0:bb:04:
71:72:4d:2c:a6:6e:52:ce:62:cd:ae:11:a0:5e:f5:02:ff:ea:
44:75:87:23:46:57:78:b6:2f:96:5e:c1:19:69:8d:ec:06:4b:
00:65:ed:35:af:88:72:2f:e8:62:12:49:32:c5:f1:d4:92:31:
a6:8c:62:92:c0:ea:63:68:a5:08:a4:cb:e9:e4:14:b6:38:57:
c7:73:d2:be:33:f2:10:56:e0:af:3d:f1:a8:62:04:2c:c1:ad:
17:6b:53:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmHuOCp7gvvW/5a8GM5Q8x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI0MTE0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDViZTM0NTdlZjI4YjVlYWY5NWQxYjMwZmY2MWNlYmM1YzM4MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbMUWtB/tCFgT7aGTlTiPh8GafTV
KFXKj+1gVzseTU8bnxOMRzzuxPxBkjZK1O8q2aHE7tyWPD9fNgjFUG8xV6A32reS
Iq+ycOTpo9JjxLIu2JJ/RpsqFfBIFsnrWIayF+HHlVO3Wb51tnth9Y/njeb1BQkB
5xx2iXTJDIfrjbqaekSRG7DVNlU2WC4imOBpGFbfRgbxU33+k1DRrXYYBm/zughI
EttQ6QfnNSFMaYPqCpjMIb5BrArLpp449FKdU60k6MSGgbRqe/HaJFAK13ILQecs
kOZhkAHkkKi0Q3pfOn/GrZe4IriR0+1zDqPWZwSVO+qLrbTWVXQ9Iy2RMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFABb40V+8oter5XRsw/2HOvFw4KuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQUZ2alJYN3lpMTZ2bGRHekRfWWM2OFhEZ3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAzg
MA0GCSqGSIb3DQEBCwUAA4IBAQANDElRmEavS+htOjrfO3EcrzYnzualWIFJMjJj
93LKL00ILthaXhDKBc00sdt4Xn4JVjGMGfv31/yBTu7mIUIPHt0Sljbf5/q94qgn
2lBX9pRD/Lfjwz9zI53Lt5i43c/bFHT8yoKns9sfLnwrbSnNtDU8u3oktFpbARiF
vrmrzimgmxZIH0wlZgIdmLr/4X2LcJaAVTx61DV6XDk+33OwuwRxck0spm5SzmLN
rhGgXvUC/+pEdYcjRld4ti+WXsEZaY3sBksAZe01r4hyL+hiEkkyxfHUkjGmjGKS
wOpjaKUIpMvp5BS2OFfHc9K+M/IQVuCvPfGoYgQswa0Xa1OR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:26 2024 by rpki-client on console-fra.rpki-client.org