Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CaZ-McPvGvab5vlKTyhWSDBthXg.roa
File: CaZ-McPvGvab5vlKTyhWSDBthXg.roa (raw, json)
Hash identifier: BgFZvQNVy9mv28lLrIFLuz3zDq7fUzocBpQLrTVfrnk=
Subject key identifier: 09:A6:7E:31:C3:EF:1A:F6:9B:E6:F9:4A:4F:28:56:48:30:6D:85:78
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C73F7C3F955E5F512C8BB7C0BAE811B98
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CaZ-McPvGvab5vlKTyhWSDBthXg.roa
Signing time: Sat 16 Dec 2023 18:51:06 +0000
ROA not before: Sat 16 Dec 2023 18:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211484
IP address blocks: 2a0e:97c0:360::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:f7:c3:f9:55:e5:f5:12:c8:bb:7c:0b:ae:81:1b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 16 18:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09a67e31c3ef1af69be6f94a4f285648306d8578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:95:25:be:18:77:14:e1:f0:5c:a6:4b:f5:4f:
f4:98:8f:f5:78:46:41:eb:8a:d6:87:c4:0c:6d:5b:
c7:f6:19:3f:76:ce:94:f7:05:3d:c7:65:33:c9:23:
da:67:4c:95:bd:b3:77:cb:5e:0b:b0:11:df:67:8b:
b2:47:28:03:c6:e8:dd:9d:d4:16:10:6a:0c:9d:7b:
85:43:8d:57:e0:00:c5:a2:f0:13:6f:4b:48:9c:6c:
85:3a:a9:c5:7a:07:10:8c:41:8a:11:aa:85:d5:82:
82:36:ad:78:fc:d1:fa:1d:7f:9b:65:9e:00:9f:70:
38:ed:f6:56:26:fb:64:ff:ff:43:ac:34:05:f4:a5:
fa:a9:3e:9e:92:fa:26:f6:1c:63:22:77:12:99:d1:
ee:fb:c3:49:7f:9d:7e:f1:eb:5a:bb:3d:3f:27:c1:
b6:31:f1:9e:5f:fe:6f:83:74:ab:4b:5d:7b:d8:d6:
59:97:54:0f:20:0a:97:2c:9c:53:ad:88:98:85:aa:
5f:4d:54:5e:73:a3:9e:c4:f0:05:45:19:ec:85:cb:
a2:3f:aa:0c:55:ca:b0:cc:08:3d:48:f4:6b:7e:3f:
72:46:7a:cf:95:8b:49:31:ca:c5:3f:e7:03:18:e4:
14:49:10:a5:18:71:5c:a0:12:bc:16:a4:e1:75:c1:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A6:7E:31:C3:EF:1A:F6:9B:E6:F9:4A:4F:28:56:48:30:6D:85:78
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CaZ-McPvGvab5vlKTyhWSDBthXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:360::/48
Signature Algorithm: sha256WithRSAEncryption
23:78:c0:25:79:68:f9:1d:b5:ea:40:3a:ff:c9:cc:99:1c:3f:
28:66:d4:04:42:08:04:35:0f:64:83:18:0b:b7:c0:4f:0a:b1:
5d:f5:3d:0a:bf:33:ff:35:98:33:d3:2e:c2:4d:fc:37:d9:37:
b8:72:ab:8e:9f:cf:d5:8b:24:84:c0:14:14:5e:b6:50:4a:04:
c3:8f:a2:10:10:4d:cc:e3:f6:92:e0:6c:17:a7:aa:09:9e:05:
89:8d:0d:d3:7c:6e:de:84:91:5c:38:aa:8e:ba:7b:84:ac:b2:
40:15:7c:8b:cb:46:3d:14:71:44:17:bc:f8:64:5a:4b:4c:24:
2f:b1:5d:64:20:c9:1e:04:e7:15:3c:4c:dd:ef:25:ed:01:63:
f2:bf:c8:a2:df:18:c2:cd:54:93:bd:8e:b5:e1:65:fe:3e:ff:
f3:07:49:5a:02:13:ff:f6:a9:c3:eb:46:82:f0:db:17:10:97:
92:52:48:8b:06:9b:c9:dd:6e:36:14:38:66:0f:66:b8:3c:ca:
9a:d1:77:4c:34:0e:e8:ec:05:8a:59:1e:1f:d4:ff:70:6e:f5:
ea:03:4d:36:38:a4:e1:a0:be:2d:11:89:5a:de:70:6e:5d:28:
d7:ae:78:aa:35:90:b7:41:35:71:4d:81:fd:7d:4a:68:76:73:
1a:d5:c1:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYxz98P5VeX1Esi7fAuugRuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE2MTg1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWE2N2UzMWMzZWYxYWY2OWJlNmY5NGE0ZjI4NTY0ODMwNmQ4NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45Ulvhh3FOHwXKZL9U/0mI/1eEZB
64rWh8QMbVvH9hk/ds6U9wU9x2UzySPaZ0yVvbN3y14LsBHfZ4uyRygDxujdndQW
EGoMnXuFQ41X4ADFovATb0tInGyFOqnFegcQjEGKEaqF1YKCNq14/NH6HX+bZZ4A
n3A47fZWJvtk//9DrDQF9KX6qT6ekvom9hxjIncSmdHu+8NJf51+8etauz0/J8G2
MfGeX/5vg3SrS1172NZZl1QPIAqXLJxTrYiYhapfTVRec6OexPAFRRnshcuiP6oM
VcqwzAg9SPRrfj9yRnrPlYtJMcrFP+cDGOQUSRClGHFcoBK8FqThdcEiWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAmmfjHD7xr2m+b5Sk8oVkgwbYV4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ2FaLU1jUHZHdmFiNXZsS1R5aFdTREJ0aFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwANg
MA0GCSqGSIb3DQEBCwUAA4IBAQAjeMAleWj5HbXqQDr/ycyZHD8oZtQEQggENQ9k
gxgLt8BPCrFd9T0KvzP/NZgz0y7CTfw32Te4cquOn8/ViySEwBQUXrZQSgTDj6IQ
EE3M4/aS4GwXp6oJngWJjQ3TfG7ehJFcOKqOunuErLJAFXyLy0Y9FHFEF7z4ZFpL
TCQvsV1kIMkeBOcVPEzd7yXtAWPyv8ii3xjCzVSTvY614WX+Pv/zB0laAhP/9qnD
60aC8NsXEJeSUkiLBpvJ3W42FDhmD2a4PMqa0XdMNA7o7AWKWR4f1P9wbvXqA002
OKThoL4tEYla3nBuXSjXrniqNZC3QTVxTYH9fUpodnMa1cFf
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org