Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AqxjmgQTBTVCnIhudLIDjBuIgBQ.roa
File: AqxjmgQTBTVCnIhudLIDjBuIgBQ.roa (raw, json)
Hash identifier: ltNfGdrXaYFJDBIWuwy/x4Ib8vEovkexfty7dlwfleI=
Subject key identifier: 02:AC:63:9A:04:13:05:35:42:9C:88:6E:74:B2:03:8C:1B:88:80:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7F094E4996C783F5EDE86F23EF018
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AqxjmgQTBTVCnIhudLIDjBuIgBQ.roa
Signing time: Mon 02 Jan 2023 05:15:26 +0000
ROA not before: Mon 02 Jan 2023 05:15:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210661
IP address blocks: 2a0e:97c0:570::/44 maxlen: 48
2a10:cc47:2000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:f0:94:e4:99:6c:78:3f:5e:de:86:f2:3e:f0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02ac639a04130535429c886e74b2038c1b888014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9d:10:46:c8:e7:16:93:cb:a2:93:da:92:d7:
ad:9b:73:aa:66:ef:f6:05:c3:97:d0:1d:39:eb:ce:
12:0b:21:df:90:7a:e7:0b:8d:6a:30:d6:71:b5:70:
2e:ca:30:2e:6d:f4:d0:4a:f5:06:62:11:07:73:d0:
56:c5:2f:b2:0e:77:f7:28:c3:55:f4:fd:7a:d0:78:
b4:c4:6f:06:01:e1:fb:d1:37:f3:77:f9:f8:c9:e6:
e7:e4:35:a7:d0:65:17:e4:aa:ad:3e:ae:a8:e1:90:
7e:21:4e:38:5d:44:6c:f8:60:90:f5:7d:3f:72:ad:
2e:34:c6:a8:11:00:4f:31:0b:57:dd:1a:c7:f9:48:
ba:b3:63:d8:e0:62:10:e7:f6:e5:41:2d:c6:43:50:
43:fe:11:fc:4a:bc:de:e7:f8:43:a1:4d:11:b5:19:
98:44:34:d6:c8:1b:d4:21:4a:5c:0c:79:d8:8a:84:
bd:7e:9f:52:24:02:f9:9e:5c:12:81:4c:19:92:06:
d3:03:d4:86:d2:7c:21:7b:29:bd:3e:5b:52:d0:72:
36:b9:48:75:5b:8e:18:43:66:e8:8e:97:77:eb:a1:
c0:79:ba:6c:aa:5b:b1:17:fe:2b:23:81:d6:83:83:
89:c8:44:6e:07:7d:d0:c8:bd:7c:8a:51:49:4b:f6:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AC:63:9A:04:13:05:35:42:9C:88:6E:74:B2:03:8C:1B:88:80:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AqxjmgQTBTVCnIhudLIDjBuIgBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:570::/44
2a10:cc47:2000::/36
Signature Algorithm: sha256WithRSAEncryption
89:da:87:b1:bb:3a:ef:8d:40:b8:51:7e:15:50:a5:b5:ac:3d:
b8:60:16:1f:58:dc:95:04:eb:d3:c3:f3:67:cb:c7:18:b3:c1:
39:be:e3:2e:c9:5d:72:e3:f5:50:0e:26:f8:d8:5a:80:74:b7:
94:00:09:be:48:4a:2c:05:d9:33:5f:09:81:1a:77:f0:af:d5:
ee:a4:23:59:ae:1a:f1:64:16:a8:f2:e5:8c:07:ac:b3:c2:61:
61:05:57:40:c0:25:e4:15:a1:9b:10:6d:87:23:eb:18:fb:7e:
01:de:fc:e2:cd:b2:fc:72:28:d7:ce:9c:64:a2:ef:6c:11:71:
99:7a:f7:3a:0e:4c:7a:bb:88:01:9a:09:b2:a7:76:29:cb:66:
33:1b:bb:27:46:5d:0c:6c:1a:19:41:44:06:05:eb:b2:1f:af:
c1:a9:ac:c8:0c:8b:50:5c:b6:90:81:c3:e8:06:03:c7:ff:0e:
11:4f:11:e1:43:ae:85:a4:fa:fb:08:5b:64:24:58:b7:a5:92:
44:22:7f:c5:76:0f:94:6e:0a:8b:db:35:bf:a2:b1:c6:ea:b3:
a4:1b:bc:f8:3c:68:60:97:74:8f:0a:e7:e6:96:67:2e:2f:29:
f7:04:82:dc:f9:50:b8:99:63:80:2d:07:2e:fb:af:78:f1:2c:
1a:1e:fe:b8
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVw5/CU5JlseD9e3obyPvAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFjNjM5YTA0MTMwNTM1NDI5Yzg4NmU3NGIyMDM4YzFiODg4MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ0QRsjnFpPLopPaktetm3OqZu/2
BcOX0B05684SCyHfkHrnC41qMNZxtXAuyjAubfTQSvUGYhEHc9BWxS+yDnf3KMNV
9P160Hi0xG8GAeH70Tfzd/n4yebn5DWn0GUX5KqtPq6o4ZB+IU44XURs+GCQ9X0/
cq0uNMaoEQBPMQtX3RrH+Ui6s2PY4GIQ5/blQS3GQ1BD/hH8Srze5/hDoU0RtRmY
RDTWyBvUIUpcDHnYioS9fp9SJAL5nlwSgUwZkgbTA9SG0nwheym9PltS0HI2uUh1
W44YQ2bojpd366HAebpsqluxF/4rI4HWg4OJyERuB33QyL18ilFJS/Y3fwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFAKsY5oEEwU1QpyIbnSyA4wbiIAUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQXF4am1nUVRCVFZDbklodWRMSURqQnVJZ0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKg6XwAVw
AwYEKhDMRyAwDQYJKoZIhvcNAQELBQADggEBAInah7G7Ou+NQLhRfhVQpbWsPbhg
Fh9Y3JUE69PD82fLxxizwTm+4y7JXXLj9VAOJvjYWoB0t5QACb5ISiwF2TNfCYEa
d/Cv1e6kI1muGvFkFqjy5YwHrLPCYWEFV0DAJeQVoZsQbYcj6xj7fgHe/OLNsvxy
KNfOnGSi72wRcZl69zoOTHq7iAGaCbKndinLZjMbuydGXQxsGhlBRAYF67Ifr8Gp
rMgMi1BctpCBw+gGA8f/DhFPEeFDroWk+vsIW2QkWLelkkQif8V2D5RuCovbNb+i
scbqs6QbvPg8aGCXdI8K5+aWZy4vKfcEgtz5ULiZY4AtBy77r3jxLBoe/rg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org