Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CQHE7aGGCokhnVzwsSY-dYN8PtA.roa
File: CQHE7aGGCokhnVzwsSY-dYN8PtA.roa (raw, json)
Hash identifier: Rtwqt/Qyg6H4Dv7Qq4VZ4h3EZa5w4EL5kTEJh2Grw3k=
Subject key identifier: 09:01:C4:ED:A1:86:0A:89:21:9D:5C:F0:B1:26:3E:75:83:7C:3E:D0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01874D6FA8B96436F239F1899E65B3897F0C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CQHE7aGGCokhnVzwsSY-dYN8PtA.roa
Signing time: Tue 04 Apr 2023 18:02:55 +0000
ROA not before: Tue 04 Apr 2023 18:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199310
IP address blocks: 2a0e:97c0:220::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Apr 2023 08:58:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:6f:a8:b9:64:36:f2:39:f1:89:9e:65:b3:89:7f:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 4 18:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0901c4eda1860a89219d5cf0b1263e75837c3ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:67:cd:ae:79:78:11:19:01:1f:aa:17:23:
3f:8d:7a:77:3d:01:07:19:93:a3:3f:43:f4:b0:9e:
33:5a:d5:a3:06:71:86:b1:56:a6:d2:72:26:1b:a2:
fd:71:fd:b0:99:00:8b:c3:c2:7d:32:09:4e:ff:02:
4a:a7:65:d2:d6:5e:4b:36:25:44:72:3b:e5:ae:e1:
b1:2f:ca:58:1e:dc:21:29:7f:ad:bf:15:8c:79:9d:
0b:d4:0e:33:a1:6c:15:65:67:b9:a2:f6:6d:4a:b8:
35:0e:7d:02:b7:75:22:43:eb:fd:e2:91:c7:4d:d9:
bd:aa:fc:21:09:93:a3:81:c9:58:ad:83:fb:9b:d5:
f6:ec:c9:03:a1:f0:b1:7e:bf:73:c8:ba:48:a5:76:
6c:e8:8a:91:66:4d:bf:7e:5a:ae:39:8b:50:da:cf:
31:8d:04:2b:45:4b:e7:27:45:52:95:93:93:b4:fb:
00:dd:4f:85:8b:20:65:11:8c:bb:b8:4d:6a:13:a7:
75:75:b0:3e:3c:da:01:68:7f:b6:62:ee:88:67:d2:
87:4a:bd:31:60:7f:7f:1c:77:1d:45:f1:f1:a8:a2:
d5:ad:f5:83:00:3e:5d:24:44:c2:97:0d:9f:7d:4b:
c9:4e:08:f4:1b:68:d3:f3:59:c1:9f:6f:27:64:09:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:C4:ED:A1:86:0A:89:21:9D:5C:F0:B1:26:3E:75:83:7C:3E:D0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CQHE7aGGCokhnVzwsSY-dYN8PtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:220::/44
Signature Algorithm: sha256WithRSAEncryption
b5:c5:28:e1:ba:2c:9e:97:af:a4:68:24:2d:6c:f3:61:e5:7c:
9e:df:39:3c:4d:78:88:69:3c:71:69:49:9b:9c:6a:54:88:17:
c6:f6:db:21:2e:06:1b:0c:76:01:5e:bc:16:e4:7b:03:21:8f:
72:49:e8:90:bd:9c:fc:06:61:22:59:56:64:d6:e5:69:92:f7:
15:86:98:c7:2e:73:b4:bd:da:cb:0d:31:ad:8e:83:50:16:d1:
fb:df:fc:20:c8:e4:61:5d:bc:13:75:ff:12:9b:79:c4:1b:d8:
bd:c7:bf:12:97:ec:f2:54:d8:78:1c:fb:c9:1c:43:4d:e1:cd:
cc:92:5b:4c:62:10:89:8c:54:07:be:82:1b:6e:c3:9e:80:ed:
d4:c9:74:ba:27:69:96:74:57:70:d6:21:2e:d4:18:ad:11:26:
91:b9:98:c0:f3:b7:76:04:8e:31:75:04:1d:85:3d:ef:cb:ec:
45:d6:ef:13:54:2b:7e:60:4e:2b:f5:f7:3e:2c:c9:55:76:4d:
73:17:33:bc:49:26:67:f9:bd:8a:bb:b1:d8:d7:55:7c:64:7d:
35:c2:ed:1f:9e:da:67:cb:e3:fb:cb:1a:eb:61:ff:bc:36:dd:
f8:46:f3:b0:4c:22:67:b1:e1:dc:ce:87:ec:63:e8:40:45:53:
3d:44:f4:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYdNb6i5ZDbyOfGJnmWziX8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDA0MTgwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAxYzRlZGExODYwYTg5MjE5ZDVjZjBiMTI2M2U3NTgzN2MzZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mhnza55eBEZAR+qFyM/jXp3PQEH
GZOjP0P0sJ4zWtWjBnGGsVam0nImG6L9cf2wmQCLw8J9MglO/wJKp2XS1l5LNiVE
cjvlruGxL8pYHtwhKX+tvxWMeZ0L1A4zoWwVZWe5ovZtSrg1Dn0Ct3UiQ+v94pHH
Tdm9qvwhCZOjgclYrYP7m9X27MkDofCxfr9zyLpIpXZs6IqRZk2/flquOYtQ2s8x
jQQrRUvnJ0VSlZOTtPsA3U+FiyBlEYy7uE1qE6d1dbA+PNoBaH+2Yu6IZ9KHSr0x
YH9/HHcdRfHxqKLVrfWDAD5dJETClw2ffUvJTgj0G2jT81nBn28nZAkdKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAkBxO2hhgqJIZ1c8LEmPnWDfD7QMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1FIRTdhR0dDb2toblZ6d3NTWS1kWU44UHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAIg
MA0GCSqGSIb3DQEBCwUAA4IBAQC1xSjhuiyel6+kaCQtbPNh5Xye3zk8TXiIaTxx
aUmbnGpUiBfG9tshLgYbDHYBXrwW5HsDIY9ySeiQvZz8BmEiWVZk1uVpkvcVhpjH
LnO0vdrLDTGtjoNQFtH73/wgyORhXbwTdf8Sm3nEG9i9x78Sl+zyVNh4HPvJHENN
4c3MkltMYhCJjFQHvoIbbsOegO3UyXS6J2mWdFdw1iEu1BitESaRuZjA87d2BI4x
dQQdhT3vy+xF1u8TVCt+YE4r9fc+LMlVdk1zFzO8SSZn+b2Ku7HY11V8ZH01wu0f
ntpny+P7yxrrYf+8Nt34RvOwTCJnseHczofsY+hARVM9RPT8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:57 2024 by rpki-client on console-ams.rpki-client.org