Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BkqczfDnOARabHgtkDP333F9YCw.roa
File: BkqczfDnOARabHgtkDP333F9YCw.roa (raw, json)
Hash identifier: 9klUlTaBIqAWCXU+nybxSSUtqIvn++yf1/wJhiky/2Y=
Subject key identifier: 06:4A:9C:CD:F0:E7:38:04:5A:6C:78:2D:90:33:F7:DF:71:7D:60:2C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0188F6FD05E331EA87310BBF1A21F6FF29EA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BkqczfDnOARabHgtkDP333F9YCw.roa
Signing time: Mon 26 Jun 2023 09:15:57 +0000
ROA not before: Mon 26 Jun 2023 09:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198016
IP address blocks: 2a0e:97c0:d00::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:fd:05:e3:31:ea:87:31:0b:bf:1a:21:f6:ff:29:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 26 09:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=064a9ccdf0e738045a6c782d9033f7df717d602c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:4b:00:c9:21:17:0b:54:3c:9f:03:a9:29:
6e:2a:22:c3:33:1f:cc:fc:05:bf:2a:2f:2c:dd:61:
e9:2c:b4:5c:bc:6d:10:68:d6:aa:a9:2e:09:5b:f7:
e6:99:e7:27:36:31:21:d3:3b:4e:e4:c7:35:ad:ad:
a0:ff:0c:26:a4:74:55:38:a4:14:8d:88:5b:d0:d1:
41:96:82:ee:eb:57:83:bb:1a:f7:42:1f:34:38:9a:
89:0a:60:04:62:ea:2d:ac:00:27:fa:65:bd:1c:1a:
26:0d:0e:a5:13:20:19:fb:64:7a:b2:e4:3c:b8:15:
a9:db:7e:b5:1f:4b:c4:68:8d:33:4f:f1:d6:51:ca:
02:ff:64:38:ba:1a:13:a1:54:89:7c:d0:ab:d5:18:
b7:63:be:09:66:97:fd:0a:6b:61:7c:86:da:68:aa:
2c:c4:e7:9b:b1:15:d4:22:55:f0:9c:4e:39:18:29:
1b:64:c6:87:71:2a:ac:45:41:67:c6:05:f1:c6:5d:
7a:80:eb:19:c7:5a:3a:77:85:58:dd:a9:58:c1:89:
9d:88:bc:5f:e7:ec:9e:cc:4a:42:4a:e2:94:b2:9b:
41:83:c1:e3:3c:9d:c7:a1:bd:b5:94:23:ee:4d:54:
fe:b2:cd:09:3d:19:83:8b:ba:94:50:fb:83:fc:73:
00:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4A:9C:CD:F0:E7:38:04:5A:6C:78:2D:90:33:F7:DF:71:7D:60:2C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BkqczfDnOARabHgtkDP333F9YCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:d00::/44
Signature Algorithm: sha256WithRSAEncryption
00:e8:8d:b6:e5:8a:f9:a7:c2:3d:56:bc:58:ec:73:38:bf:f1:
59:7e:02:03:6d:a6:ef:79:ed:09:35:38:a9:db:3c:2c:6f:05:
0e:9b:a1:4b:37:de:b7:6a:21:a0:c3:52:7e:ba:83:2e:dc:1a:
e1:2b:61:87:c5:c8:2c:30:e9:10:52:6a:a0:ea:fd:68:b5:b0:
c4:e9:7b:d0:8f:55:e8:65:60:10:a7:d0:d5:e4:2d:c4:14:3e:
ac:f2:c1:c1:e0:ae:39:2c:af:52:bc:10:83:1b:7c:e9:06:90:
6f:0e:b0:58:66:b5:50:00:7b:a6:e9:db:4e:a3:d9:13:7c:a3:
4a:12:9f:4b:a2:89:72:5a:0c:04:13:20:72:80:9e:1d:dd:de:
85:1c:a3:79:87:f2:68:56:fa:97:2a:c7:25:a5:aa:aa:c1:bf:
f1:ec:0c:7d:22:75:8b:30:94:5e:02:84:e4:c3:d0:e2:67:68:
3f:3e:7e:26:a6:d3:7d:b2:eb:45:fa:9d:86:57:ee:73:3a:0a:
61:a9:3a:77:db:28:9f:56:15:12:a8:e4:9c:a2:86:1a:7f:d7:
96:eb:af:43:36:f7:a2:38:01:b0:68:43:30:24:a3:ba:99:ee:
fd:65:59:32:81:1e:ad:b7:a5:11:3d:c3:b5:78:a5:9a:08:0e:
15:a0:14:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYj2/QXjMeqHMQu/GiH2/ynqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjI2MDkxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjRhOWNjZGYwZTczODA0NWE2Yzc4MmQ5MDMzZjdkZjcxN2Q2MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT9LAMkhFwtUPJ8DqSluKiLDMx/M
/AW/Ki8s3WHpLLRcvG0QaNaqqS4JW/fmmecnNjEh0ztO5Mc1ra2g/wwmpHRVOKQU
jYhb0NFBloLu61eDuxr3Qh80OJqJCmAEYuotrAAn+mW9HBomDQ6lEyAZ+2R6suQ8
uBWp2361H0vEaI0zT/HWUcoC/2Q4uhoToVSJfNCr1Ri3Y74JZpf9CmthfIbaaKos
xOebsRXUIlXwnE45GCkbZMaHcSqsRUFnxgXxxl16gOsZx1o6d4VY3alYwYmdiLxf
5+yezEpCSuKUsptBg8HjPJ3Hob21lCPuTVT+ss0JPRmDi7qUUPuD/HMAGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAZKnM3w5zgEWmx4LZAz999xfWAsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQmtxY3pmRG5PQVJhYkhndGtEUDMzM0Y5WUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwA0A
MA0GCSqGSIb3DQEBCwUAA4IBAQAA6I225Yr5p8I9VrxY7HM4v/FZfgIDbabvee0J
NTip2zwsbwUOm6FLN963aiGgw1J+uoMu3BrhK2GHxcgsMOkQUmqg6v1otbDE6XvQ
j1XoZWAQp9DV5C3EFD6s8sHB4K45LK9SvBCDG3zpBpBvDrBYZrVQAHum6dtOo9kT
fKNKEp9LoolyWgwEEyBygJ4d3d6FHKN5h/JoVvqXKsclpaqqwb/x7Ax9InWLMJRe
AoTkw9DiZ2g/Pn4mptN9sutF+p2GV+5zOgphqTp32yifVhUSqOScooYaf9eW669D
NveiOAGwaEMwJKO6me79ZVkygR6tt6URPcO1eKWaCA4VoBTU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org