Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ALQAoA6xKkP0cA-akZ3ATTGwUKk.roa
File: ALQAoA6xKkP0cA-akZ3ATTGwUKk.roa (raw, json)
Hash identifier: DE/pJsDQwrgL2TjXtiIFSx+EvSR+kKhozkhw4pq9OL4=
Subject key identifier: 00:B4:00:A0:0E:B1:2A:43:F4:70:0F:9A:91:9D:C0:4D:31:B0:50:A9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E77A7917B997F84DE12E66279C44B8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ALQAoA6xKkP0cA-akZ3ATTGwUKk.roa
Signing time: Mon 02 Jan 2023 05:14:56 +0000
ROA not before: Mon 02 Jan 2023 05:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39282
IP address blocks: 2a0e:b107:e80::/44 maxlen: 48
2a10:2f00:15d::/48 maxlen: 48
2a10:cc47:100::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:7a:79:17:b9:97:f8:4d:e1:2e:66:27:9c:44:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b400a00eb12a43f4700f9a919dc04d31b050a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dc:b1:75:75:64:16:63:98:dd:01:4f:5a:65:
28:20:4c:22:8f:58:5f:26:36:93:0e:be:90:77:49:
bf:9d:6d:66:29:5b:ea:45:9c:d7:35:2d:83:44:cd:
95:35:42:ff:6e:36:ef:79:cb:2d:8c:18:dc:f3:c0:
05:04:05:7f:d4:66:d3:2a:c5:30:6d:63:a5:8c:a5:
71:54:10:9b:f2:52:ad:fe:1f:30:96:68:d0:94:13:
36:19:6e:85:46:0c:cf:86:b4:2d:82:e6:41:93:a9:
ce:85:67:5a:86:3d:d4:17:b6:07:87:4e:c8:c3:ad:
e0:8e:99:56:ec:b4:fe:54:70:6b:09:ef:06:b9:66:
51:65:25:fa:47:90:61:e3:33:5b:50:01:21:4e:af:
89:22:62:25:41:73:02:0d:a5:39:3b:4c:ba:42:ba:
21:78:10:ac:0b:02:09:a0:55:89:7b:25:6a:3b:03:
d3:31:e3:f9:d1:f2:9c:eb:35:55:7b:fb:c2:e5:4e:
52:c0:96:08:3d:0d:97:13:e0:af:4b:e5:fd:27:55:
1b:3c:b3:39:3d:5a:9e:2c:82:2f:10:ff:fd:9c:24:
c5:c4:eb:97:b8:ef:99:cd:ed:1a:e5:82:f7:6d:e4:
8d:0c:70:15:58:ad:50:3f:a5:44:95:d6:22:0a:0f:
94:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B4:00:A0:0E:B1:2A:43:F4:70:0F:9A:91:9D:C0:4D:31:B0:50:A9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ALQAoA6xKkP0cA-akZ3ATTGwUKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:e80::/44
2a10:2f00:15d::/48
2a10:cc47:100::/40
Signature Algorithm: sha256WithRSAEncryption
7f:c9:27:78:a8:87:36:f7:d0:0d:70:e0:18:3a:5e:4f:25:8f:
3b:e4:c1:97:4d:10:c7:ae:e7:30:d3:0b:60:96:bc:98:44:29:
e4:d1:3f:5b:67:59:31:fb:19:97:64:81:a1:4a:b8:a1:c0:ba:
af:62:a2:65:1c:d7:92:6d:2f:f0:2f:df:64:16:83:d8:5b:b3:
b0:cb:07:58:33:6e:f0:e3:c9:e5:fc:e0:19:48:a6:5d:87:c1:
8f:7b:aa:8f:5a:17:07:a8:75:59:d8:57:ea:28:2c:86:4f:16:
69:2a:04:a7:eb:03:71:28:79:61:5d:7b:e7:d5:ad:1d:1b:4f:
15:ca:e7:d9:b9:0c:68:b1:53:c6:12:94:3c:68:78:2b:80:9b:
87:fe:ac:ac:1b:f3:81:9e:83:02:e4:f5:df:70:98:ed:be:0c:
ce:5a:d1:39:1a:e0:8d:c8:42:1e:6e:d5:05:20:21:8e:14:11:
42:8d:f3:f1:04:e7:11:ab:43:b2:0b:36:a0:14:89:3d:bc:95:
be:b6:e4:84:96:e1:fc:f5:de:82:bb:47:01:5c:a3:a8:68:0d:
e4:e1:ad:d6:48:1f:28:1e:b8:76:2b:d7:e9:66:0b:fe:d6:59:
c0:ce:8b:a6:6d:bb:70:c8:a8:22:e8:0b:ca:23:70:6f:7c:ce:
3d:6f:a8:be
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVw53p5F7mX+E3hLmYnnES4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI0MDBhMDBlYjEyYTQzZjQ3MDBmOWE5MTlkYzA0ZDMxYjA1MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29yxdXVkFmOY3QFPWmUoIEwij1hf
JjaTDr6Qd0m/nW1mKVvqRZzXNS2DRM2VNUL/bjbvecstjBjc88AFBAV/1GbTKsUw
bWOljKVxVBCb8lKt/h8wlmjQlBM2GW6FRgzPhrQtguZBk6nOhWdahj3UF7YHh07I
w63gjplW7LT+VHBrCe8GuWZRZSX6R5Bh4zNbUAEhTq+JImIlQXMCDaU5O0y6Qroh
eBCsCwIJoFWJeyVqOwPTMeP50fKc6zVVe/vC5U5SwJYIPQ2XE+CvS+X9J1UbPLM5
PVqeLIIvEP/9nCTFxOuXuO+Zze0a5YL3beSNDHAVWK1QP6VEldYiCg+UmwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAC0AKAOsSpD9HAPmpGdwE0xsFCpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQUxRQW9BNnhLa1AwY0EtYWtaM0FUVEd3VUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKg6xBw6A
AwcAKhAvAAFdAwYAKhDMRwEwDQYJKoZIhvcNAQELBQADggEBAH/JJ3iohzb30A1w
4Bg6Xk8ljzvkwZdNEMeu5zDTC2CWvJhEKeTRP1tnWTH7GZdkgaFKuKHAuq9iomUc
15JtL/Av32QWg9hbs7DLB1gzbvDjyeX84BlIpl2HwY97qo9aFweodVnYV+ooLIZP
FmkqBKfrA3EoeWFde+fVrR0bTxXK59m5DGixU8YSlDxoeCuAm4f+rKwb84GegwLk
9d9wmO2+DM5a0Tka4I3IQh5u1QUgIY4UEUKN8/EE5xGrQ7ILNqAUiT28lb625ISW
4fz13oK7RwFco6hoDeThrdZIHygeuHYr1+lmC/7WWcDOi6Ztu3DIqCLoC8ojcG98
zj1vqL4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org