Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AWraKrwbuC5b1cCiW468dqV5wNE.roa
File: AWraKrwbuC5b1cCiW468dqV5wNE.roa (raw, json)
Hash identifier: 5B+StyhWzY6lU2CQWdp+ZSgp/UKMGNNG19a572vFc1c=
Subject key identifier: 01:6A:DA:2A:BC:1B:B8:2E:5B:D5:C0:A2:5B:8E:BC:76:A5:79:C0:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AFAE0D7DC138076F130CF40DCF905
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AWraKrwbuC5b1cCiW468dqV5wNE.roa
Signing time: Tue 24 Jan 2023 16:09:51 +0000
ROA not before: Tue 24 Jan 2023 16:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211840
IP address blocks: 2a0e:97c0:1ba::/47 maxlen: 48
2a0e:97c0:1bd::/48 maxlen: 48
2a0e:97c0:1b0::/48 maxlen: 48
2a0e:b107:862::/48 maxlen: 48
2a0e:b107:86c::/48 maxlen: 48
2a0e:b107:861::/48 maxlen: 48
2a0e:97c0:1bc::/48 maxlen: 48
2a0e:97c0:1b2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:fa:e0:d7:dc:13:80:76:f1:30:cf:40:dc:f9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=016ada2abc1bb82e5bd5c0a25b8ebc76a579c0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:fa:13:d3:d9:74:38:2e:f2:87:89:56:ec:
b3:db:be:91:3f:25:d5:1e:ff:ff:ec:82:fb:18:5c:
2a:be:15:bf:c4:5a:cf:13:8c:06:14:ef:44:dd:74:
cb:91:60:35:91:17:2c:30:68:87:ee:63:dd:68:34:
1d:95:e5:84:f2:74:8f:b0:f4:47:be:50:97:50:cb:
a7:a5:a5:81:67:c1:02:c9:0e:b0:3e:ac:11:71:90:
b3:42:aa:09:49:60:73:d1:07:55:f1:44:91:ce:f2:
b3:69:55:ae:0d:3e:12:a3:98:6e:87:3e:4c:57:77:
d0:c8:69:1d:f9:e4:ce:37:8f:a3:bb:a6:1e:8f:09:
92:cc:30:8a:e5:d4:19:0b:78:37:5e:98:61:6c:17:
e9:fb:e3:c3:b8:75:d1:80:d2:a4:18:61:cc:38:2e:
df:f1:0b:27:50:08:33:56:97:0f:fb:0e:5a:ef:77:
7a:6c:e1:c4:b1:09:65:80:07:9c:56:d1:3c:19:fb:
ad:31:c0:3f:63:10:89:74:63:04:97:6f:56:1f:c2:
43:42:46:b1:e0:d2:23:de:01:92:ec:9d:1c:be:7c:
59:c1:e9:f9:75:9a:37:91:4b:df:a5:61:66:0f:0e:
7e:0d:21:12:75:cd:da:9d:2b:64:e8:6c:6c:86:f1:
be:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6A:DA:2A:BC:1B:B8:2E:5B:D5:C0:A2:5B:8E:BC:76:A5:79:C0:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AWraKrwbuC5b1cCiW468dqV5wNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1b0::/48
2a0e:97c0:1b2::/48
2a0e:97c0:1ba::-2a0e:97c0:1bd:ffff:ffff:ffff:ffff:ffff
2a0e:b107:861::-2a0e:b107:862:ffff:ffff:ffff:ffff:ffff
2a0e:b107:86c::/48
Signature Algorithm: sha256WithRSAEncryption
5d:e3:9a:dd:e0:06:44:c7:fe:fa:74:f7:a0:e8:58:cb:02:68:
fc:44:29:8e:a2:5c:51:a5:1a:56:2f:bf:48:e2:84:a2:52:00:
3d:aa:51:ed:18:08:72:0d:24:4b:38:9d:6b:a2:db:de:f2:25:
a8:d0:b8:70:02:a6:57:06:8f:ff:eb:2f:d4:22:32:90:ef:55:
7a:73:e7:90:30:23:2c:9e:05:58:19:9d:70:8d:4b:db:f4:20:
97:d1:cc:3e:e0:1d:27:4f:dc:0d:44:f9:fa:dd:56:ae:7a:fb:
6c:14:d1:80:1d:05:92:90:00:f7:76:a1:b5:9d:b8:f4:83:86:
a7:04:3b:f8:e6:82:bc:45:95:3b:c0:8a:2d:57:c0:c6:c8:1b:
63:5a:52:c7:fa:8e:9e:2e:46:69:f9:f2:e9:61:34:83:fc:e0:
40:cc:ce:ff:8a:95:34:93:ff:1e:e4:f8:9d:a6:23:8c:8b:7b:
ca:b2:fc:b2:e7:24:09:cc:56:21:47:58:e8:07:c4:66:51:8a:
b3:f9:22:3a:1f:94:5d:7b:50:99:d6:40:55:82:87:80:66:d5:
4e:23:b2:79:59:bf:03:65:60:85:59:f8:0b:ed:b6:22:60:f9:
b5:9a:8e:49:4f:1a:4e:9b:58:05:28:3f:5d:39:e2:0c:c2:47:
bb:fc:36:1e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYXkivrg19wTgHbxMM9A3PkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZhZGEyYWJjMWJiODJlNWJkNWMwYTI1YjhlYmM3NmE1NzljMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrr6E9PZdDgu8oeJVuyz276RPyXV
Hv//7IL7GFwqvhW/xFrPE4wGFO9E3XTLkWA1kRcsMGiH7mPdaDQdleWE8nSPsPRH
vlCXUMunpaWBZ8ECyQ6wPqwRcZCzQqoJSWBz0QdV8USRzvKzaVWuDT4So5huhz5M
V3fQyGkd+eTON4+ju6YejwmSzDCK5dQZC3g3XphhbBfp++PDuHXRgNKkGGHMOC7f
8QsnUAgzVpcP+w5a73d6bOHEsQllgAecVtE8GfutMcA/YxCJdGMEl29WH8JDQkax
4NIj3gGS7J0cvnxZwen5dZo3kUvfpWFmDw5+DSESdc3anStk6GxshvG+lwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFAFq2iq8G7guW9XAoluOvHalecDRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQVdyYUtyd2J1QzViMWNDaVc0NjhkcVY1d05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcAKg6XwAGw
AwcAKg6XwAGyMBIDBwEqDpfAAboDBwEqDpfAAbwwEgMHACoOsQcIYQMHACoOsQcI
YgMHACoOsQcIbDANBgkqhkiG9w0BAQsFAAOCAQEAXeOa3eAGRMf++nT3oOhYywJo
/EQpjqJcUaUaVi+/SOKEolIAPapR7RgIcg0kSzida6Lb3vIlqNC4cAKmVwaP/+sv
1CIykO9VenPnkDAjLJ4FWBmdcI1L2/Qgl9HMPuAdJ0/cDUT5+t1Wrnr7bBTRgB0F
kpAA93ahtZ249IOGpwQ7+OaCvEWVO8CKLVfAxsgbY1pSx/qOni5Gafny6WE0g/zg
QMzO/4qVNJP/HuT4naYjjIt7yrL8suckCcxWIUdY6AfEZlGKs/kiOh+UXXtQmdZA
VYKHgGbVTiOyeVm/A2VghVn4C+22ImD5tZqOSU8aTptYBSg/XTniDMJHu/w2Hg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org