Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D5W-gk2aGWlbiMj1VEoj2lMnaCg.roa
File: D5W-gk2aGWlbiMj1VEoj2lMnaCg.roa (raw, json)
Hash identifier: 9m2QOHTfWxKZOsNulKQisseWKNWHyuAdGnzIelKmStg=
Subject key identifier: 0F:95:BE:82:4D:9A:19:69:5B:88:C8:F5:54:4A:23:DA:53:27:68:28
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ABE34EAACD212D9E7B3C7B1E735E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D5W-gk2aGWlbiMj1VEoj2lMnaCg.roa
Signing time: Tue 24 Jan 2023 16:09:35 +0000
ROA not before: Tue 24 Jan 2023 16:09:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42394
IP address blocks: 2a0e:b107:ff0::/48 maxlen: 48
2a0e:b107:1110::/44 maxlen: 48
2a0e:b107:fff::/48 maxlen: 48
2a0e:97c7:160::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:be:34:ea:ac:d2:12:d9:e7:b3:c7:b1:e7:35:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f95be824d9a19695b88c8f5544a23da53276828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:40:4c:c7:8f:58:30:18:e5:ff:16:15:7d:5b:
13:7d:ac:e1:cc:28:2f:eb:80:81:1e:34:12:24:a5:
ee:54:64:9d:f2:38:d1:9d:7b:92:e1:09:c2:d4:f8:
08:34:d5:25:27:c9:5a:42:cf:50:68:19:47:a0:0f:
3e:bb:e7:70:d9:f9:25:40:ac:9e:dc:3f:83:c8:f0:
bc:9e:59:9d:31:90:9b:03:74:83:bb:65:f2:2e:7c:
ba:f2:b9:ce:a8:e0:e2:92:91:a4:9b:e0:9f:86:58:
7f:34:30:db:d4:7e:81:b8:d9:70:79:16:d5:2c:d5:
02:3e:3c:43:d3:03:0f:33:5c:bf:fa:f1:a4:65:45:
98:0a:0e:e2:76:46:9b:f4:a4:a7:fb:4f:b5:df:a1:
18:d9:62:36:98:47:57:b9:8e:a6:d2:ef:46:76:42:
35:c3:7c:ba:95:61:d9:06:ae:0c:02:46:e8:f8:d8:
b2:d2:26:f7:cc:03:32:34:ee:fe:93:a4:ed:51:79:
aa:0f:e7:35:bc:6b:0b:2d:fc:69:8d:56:8e:83:da:
a3:56:10:89:6e:67:c2:a9:b2:3e:79:dd:98:6e:70:
d2:d1:b4:4d:b8:a7:2a:76:fc:f4:32:89:ba:92:50:
2b:a4:9f:2d:f1:05:53:76:c4:a1:8f:a2:2e:18:15:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:95:BE:82:4D:9A:19:69:5B:88:C8:F5:54:4A:23:DA:53:27:68:28
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/D5W-gk2aGWlbiMj1VEoj2lMnaCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c7:160::/44
2a0e:b107:ff0::/48
2a0e:b107:fff::/48
2a0e:b107:1110::/44
Signature Algorithm: sha256WithRSAEncryption
22:b1:bd:74:9e:b5:a1:88:fb:0b:a8:2d:c3:2f:74:8c:fe:4d:
04:c2:be:71:5d:02:2a:b6:1c:c3:de:02:10:ec:ea:0a:2f:c0:
6b:37:8d:d2:f8:e1:de:66:c2:42:47:a2:5f:cd:f9:25:5c:a7:
b8:0c:e9:5c:e1:01:fc:9f:39:f9:17:ab:33:b5:ac:48:06:4d:
18:d0:c1:a8:55:9a:1b:33:c5:07:74:50:14:ac:f9:81:ea:3e:
e0:1d:5c:0f:c7:9d:b7:9e:9a:7b:a7:ba:b6:96:34:17:2f:83:
1a:5e:e1:dc:51:c7:ff:b9:56:1a:27:52:b0:af:17:a8:2a:f0:
d0:9d:63:b3:04:15:a4:4f:8d:d0:6c:55:bf:10:9c:8e:44:12:
d8:4e:09:ff:f7:4a:6b:4b:82:d6:f1:e4:2a:ec:6e:a6:34:bf:
48:a5:86:b2:a3:76:25:9b:de:b8:81:35:80:72:9b:be:aa:f3:
89:73:45:a6:ba:9a:40:b4:18:b4:e0:f7:35:c8:5e:2b:8c:14:
a5:07:5f:c5:fa:ae:ed:60:c5:49:f5:f1:40:9e:b8:63:72:2f:
8c:f8:89:14:5e:97:07:e5:3c:6c:98:99:d9:7b:62:7f:b2:05:
35:7a:b4:e3:e6:66:63:92:a7:63:84:be:79:8d:7a:bb:79:12:
e8:58:ed:9c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXkir406qzSEtnns8ex5zXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk1YmU4MjRkOWExOTY5NWI4OGM4ZjU1NDRhMjNkYTUzMjc2ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEBMx49YMBjl/xYVfVsTfazhzCgv
64CBHjQSJKXuVGSd8jjRnXuS4QnC1PgINNUlJ8laQs9QaBlHoA8+u+dw2fklQKye
3D+DyPC8nlmdMZCbA3SDu2XyLny68rnOqODikpGkm+Cfhlh/NDDb1H6BuNlweRbV
LNUCPjxD0wMPM1y/+vGkZUWYCg7idkab9KSn+0+136EY2WI2mEdXuY6m0u9GdkI1
w3y6lWHZBq4MAkbo+Niy0ib3zAMyNO7+k6TtUXmqD+c1vGsLLfxpjVaOg9qjVhCJ
bmfCqbI+ed2YbnDS0bRNuKcqdvz0Mom6klArpJ8t8QVTdsShj6IuGBWuqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA+VvoJNmhlpW4jI9VRKI9pTJ2goMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRDVXLWdrMmFHV2xiaU1qMVZFb2oybE1uYUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XxwFg
AwcAKg6xBw/wAwcAKg6xBw//AwcEKg6xBxEQMA0GCSqGSIb3DQEBCwUAA4IBAQAi
sb10nrWhiPsLqC3DL3SM/k0Ewr5xXQIqthzD3gIQ7OoKL8BrN43S+OHeZsJCR6Jf
zfklXKe4DOlc4QH8nzn5F6sztaxIBk0Y0MGoVZobM8UHdFAUrPmB6j7gHVwPx523
npp7p7q2ljQXL4MaXuHcUcf/uVYaJ1KwrxeoKvDQnWOzBBWkT43QbFW/EJyORBLY
Tgn/90prS4LW8eQq7G6mNL9IpYayo3Ylm964gTWAcpu+qvOJc0WmuppAtBi04Pc1
yF4rjBSlB1/F+q7tYMVJ9fFAnrhjci+M+IkUXpcH5TxsmJnZe2J/sgU1erTj5mZj
kqdjhL55jXq7eRLoWO2c
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org