Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CXVMpy1xIsM25v9S5DhO9_BG7YA.roa
File: CXVMpy1xIsM25v9S5DhO9_BG7YA.roa (raw, json)
Hash identifier: fGLtWJBU28dWPuwvCpL2wVfG+vv/10NYzOOGMKyyuxo=
Subject key identifier: 09:75:4C:A7:2D:71:22:C3:36:E6:FF:52:E4:38:4E:F7:F0:46:ED:80
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01870CF3A7D421B4F358788CDF9726D286BC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CXVMpy1xIsM25v9S5DhO9_BG7YA.roa
Signing time: Thu 23 Mar 2023 05:31:47 +0000
ROA not before: Thu 23 Mar 2023 05:31:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210659
IP address blocks: 2a0e:97c0:560::/44 maxlen: 48
2a10:cc40:130::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0c:f3:a7:d4:21:b4:f3:58:78:8c:df:97:26:d2:86:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 23 05:31:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09754ca72d7122c336e6ff52e4384ef7f046ed80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:e5:80:2d:33:53:d4:58:92:b9:5b:9d:f6:
e3:b1:4e:03:04:1c:dd:df:7f:b3:8b:1f:7a:3c:1f:
dc:99:bf:06:0d:8f:3a:bb:e1:11:38:c3:b1:a1:18:
cf:c8:75:7e:27:8d:0f:c1:01:4d:f1:3d:e4:c6:03:
de:27:2c:1f:61:13:c2:b7:74:04:c4:c4:d7:9b:d6:
0c:5a:44:71:7d:a5:59:c1:ae:e7:48:fd:16:27:8a:
78:e6:cf:13:79:ed:3b:51:f0:3a:60:6d:87:df:7f:
7f:67:6e:69:b3:87:ab:c6:24:32:62:d5:0a:ca:92:
0b:ad:1f:2e:27:4b:7d:96:ca:06:e6:1e:4e:08:7d:
72:38:fd:45:9c:58:1d:a9:92:4f:c3:a6:68:be:bb:
9d:4e:e8:6b:a6:73:81:9a:1f:c9:3f:04:e7:04:71:
e2:34:b5:ce:49:b3:7f:eb:b8:fd:20:f0:f1:c7:9e:
bd:b6:66:10:88:6f:8d:ab:97:e8:39:4c:21:f9:78:
8c:3e:93:c2:b0:d2:3f:3e:78:36:50:6c:8f:16:ee:
35:60:7e:75:43:60:ba:43:af:2a:90:09:81:62:d9:
0a:1a:eb:7f:1e:4b:f3:fe:2d:72:e9:c7:66:d0:3b:
23:81:11:4a:a2:31:27:37:fd:08:d5:4b:ab:80:72:
36:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:75:4C:A7:2D:71:22:C3:36:E6:FF:52:E4:38:4E:F7:F0:46:ED:80
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CXVMpy1xIsM25v9S5DhO9_BG7YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:560::/44
2a10:cc40:130::/44
Signature Algorithm: sha256WithRSAEncryption
6f:d7:03:14:05:5b:d9:af:a9:15:c6:b4:97:bb:3f:e8:fd:7a:
5f:27:83:f4:58:49:3a:86:c4:29:5a:8b:96:2e:91:90:6a:38:
bd:b2:a4:72:ce:71:fa:35:f1:50:f7:52:7f:eb:12:56:41:5b:
dc:c7:3a:07:56:f0:2a:27:32:db:2e:ad:e9:b6:ac:85:38:04:
9e:29:0d:5d:dd:88:ee:ab:52:06:04:8d:df:74:bf:88:46:e7:
b3:2d:7e:10:5f:8a:c9:07:99:b1:9b:6e:c7:fa:9a:47:1e:f0:
30:1e:fd:1e:3d:68:37:98:45:88:90:3a:f1:15:f8:60:32:4e:
41:09:9c:29:22:5d:3b:80:b0:cf:77:b7:ee:67:4b:ec:d8:14:
2f:c7:a4:9c:05:b2:06:ee:df:29:d5:46:0e:70:b2:bd:f9:2d:
37:3d:85:67:68:2e:57:6e:07:87:fa:dd:0e:20:ad:ea:0a:b8:
bb:3d:f0:16:50:95:0a:aa:42:d3:9d:76:93:82:e0:5c:3e:00:
72:30:d8:f8:83:e5:13:7d:d3:14:50:a4:6b:b1:43:ea:c3:42:
b4:0e:39:7e:e5:6b:48:93:2d:0c:30:eb:d6:29:f1:bb:d8:a6:
fc:9d:c6:04:a9:64:fb:a3:3c:65:b8:9b:a1:ed:76:fe:91:82:
b5:22:eb:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcM86fUIbTzWHiM35cm0oa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzIzMDUzMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc1NGNhNzJkNzEyMmMzMzZlNmZmNTJlNDM4NGVmN2YwNDZlZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSblgC0zU9RYkrlbnfbjsU4DBBzd
33+zix96PB/cmb8GDY86u+EROMOxoRjPyHV+J40PwQFN8T3kxgPeJywfYRPCt3QE
xMTXm9YMWkRxfaVZwa7nSP0WJ4p45s8Tee07UfA6YG2H339/Z25ps4erxiQyYtUK
ypILrR8uJ0t9lsoG5h5OCH1yOP1FnFgdqZJPw6ZovrudTuhrpnOBmh/JPwTnBHHi
NLXOSbN/67j9IPDxx569tmYQiG+Nq5foOUwh+XiMPpPCsNI/Png2UGyPFu41YH51
Q2C6Q68qkAmBYtkKGut/Hkvz/i1y6cdm0DsjgRFKojEnN/0I1UurgHI2vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAl1TKctcSLDNub/UuQ4TvfwRu2AMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1hWTXB5MXhJc00yNXY5UzVEaE85X0JHN1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAVg
AwcEKhDMQAEwMA0GCSqGSIb3DQEBCwUAA4IBAQBv1wMUBVvZr6kVxrSXuz/o/Xpf
J4P0WEk6hsQpWouWLpGQaji9sqRyznH6NfFQ91J/6xJWQVvcxzoHVvAqJzLbLq3p
tqyFOASeKQ1d3Yjuq1IGBI3fdL+IRuezLX4QX4rJB5mxm27H+ppHHvAwHv0ePWg3
mEWIkDrxFfhgMk5BCZwpIl07gLDPd7fuZ0vs2BQvx6ScBbIG7t8p1UYOcLK9+S03
PYVnaC5XbgeH+t0OIK3qCri7PfAWUJUKqkLTnXaTguBcPgByMNj4g+UTfdMUUKRr
sUPqw0K0Djl+5WtIky0MMOvWKfG72Kb8ncYEqWT7ozxluJuh7Xb+kYK1Ius/
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org