Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DPyY8EJAp0oQJjDwzyiXPSjgpik.roa
File: DPyY8EJAp0oQJjDwzyiXPSjgpik.roa (raw, json)
Hash identifier: 2G9+2tzpB5ARV3b3Ctu9jhY49nKKgHSFed4REcZJBRM=
Subject key identifier: 0C:FC:98:F0:42:40:A7:4A:10:26:30:F0:CF:28:97:3D:28:E0:A6:29
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E78801BFAAA1CEF29B86CAE8406940
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DPyY8EJAp0oQJjDwzyiXPSjgpik.roa
Signing time: Mon 02 Jan 2023 05:14:59 +0000
ROA not before: Mon 02 Jan 2023 05:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58015
IP address blocks: 2a0e:b107:11d0::/47 maxlen: 48
2a0e:b107:11d2::/47 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:88:01:bf:aa:a1:ce:f2:9b:86:ca:e8:40:69:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cfc98f04240a74a102630f0cf28973d28e0a629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:39:14:6e:6d:47:5c:0a:25:51:03:b2:11:28:
5b:6d:fe:c5:3c:a9:c1:6a:f7:47:61:b1:c9:24:25:
c1:4f:54:f7:d1:e8:0f:e2:49:f3:0c:5f:05:91:89:
96:16:6d:34:1f:67:6f:15:31:fc:c0:76:18:03:bb:
93:33:00:c5:3c:cc:97:72:aa:d0:f2:91:78:b2:76:
25:d3:b1:55:b0:b7:5d:fd:96:9e:3d:4d:1c:73:f5:
3a:65:24:5c:57:6b:b5:0f:3a:0c:5b:07:26:12:40:
b7:c4:e9:a6:53:80:69:fa:5e:11:f2:4a:ed:4b:3c:
b6:6a:aa:5c:7c:e1:41:7d:8c:a6:46:24:f3:ac:3f:
62:68:6b:38:55:ce:5a:c3:74:45:e7:d5:8f:d0:a2:
f4:99:92:e6:c3:b4:84:c6:5e:55:32:da:f0:d6:33:
8a:cd:e0:f8:75:aa:e1:3e:6f:19:e7:bc:de:4e:8b:
cf:e5:19:d2:e9:a9:6f:a6:ea:62:fb:ec:84:ae:19:
10:6a:6b:0e:d0:42:e3:ad:ec:13:44:0f:42:a1:ef:
3d:bf:f9:8f:b2:5c:16:80:8f:5c:f3:3f:8f:60:6e:
d1:eb:4d:da:66:42:47:98:20:30:fb:71:e6:c0:32:
21:64:6f:7b:93:74:62:c6:ac:69:a5:75:7b:34:6b:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:FC:98:F0:42:40:A7:4A:10:26:30:F0:CF:28:97:3D:28:E0:A6:29
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DPyY8EJAp0oQJjDwzyiXPSjgpik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:11d0::/46
Signature Algorithm: sha256WithRSAEncryption
af:fd:9f:a3:7f:81:a4:98:ad:84:da:b4:8a:87:cc:93:20:f9:
97:d3:4d:4e:fe:2e:93:25:0c:37:8a:86:4a:4d:0b:00:fc:f2:
8b:5a:61:d0:8f:c3:4b:18:4f:45:ec:b3:20:10:41:fa:b0:4e:
79:a0:7c:e2:ab:63:0c:68:7c:ed:1c:6b:3b:47:62:92:ba:2c:
84:5f:61:d4:5a:95:01:7a:07:dd:a6:37:67:a5:5f:f9:ee:fd:
bb:ee:d0:36:9a:58:da:4b:37:6e:9d:6d:ec:73:3c:ea:31:2f:
11:2e:b2:fa:fa:34:e9:7c:74:a6:0b:e6:7e:9c:ce:2f:46:ec:
eb:dd:0b:1c:92:10:e1:ac:59:bf:d8:43:78:36:3f:d7:33:dd:
bf:5c:a7:45:09:b9:10:be:ff:6b:fc:f3:3e:36:84:58:7f:8e:
59:d9:66:d0:55:d3:bf:b1:2f:46:63:6f:e3:2f:93:d4:5c:17:
53:8f:04:eb:ce:95:ed:23:4a:b2:95:02:e8:91:3b:49:b5:06:
86:74:d5:95:72:90:06:ca:15:0e:eb:89:3e:02:8c:d9:2a:19:
fe:ed:7b:4d:b0:41:7a:b9:4b:01:5b:04:f8:b9:42:fa:b0:67:
50:17:d5:ec:ab:50:f7:7c:f8:1a:24:1b:d3:78:ac:04:48:d8:
76:e9:07:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw54gBv6qhzvKbhsroQGlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ZjOThmMDQyNDBhNzRhMTAyNjMwZjBjZjI4OTczZDI4ZTBhNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzkUbm1HXAolUQOyEShbbf7FPKnB
avdHYbHJJCXBT1T30egP4knzDF8FkYmWFm00H2dvFTH8wHYYA7uTMwDFPMyXcqrQ
8pF4snYl07FVsLdd/ZaePU0cc/U6ZSRcV2u1DzoMWwcmEkC3xOmmU4Bp+l4R8krt
Szy2aqpcfOFBfYymRiTzrD9iaGs4Vc5aw3RF59WP0KL0mZLmw7SExl5VMtrw1jOK
zeD4darhPm8Z57zeTovP5RnS6alvpupi++yErhkQamsO0ELjrewTRA9Coe89v/mP
slwWgI9c8z+PYG7R603aZkJHmCAw+3HmwDIhZG97k3RixqxppXV7NGt4BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAz8mPBCQKdKECYw8M8olz0o4KYpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRFB5WThFSkFwMG9RSmpEd3p5aVhQU2pncGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKg6xBxHQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCv/Z+jf4GkmK2E2rSKh8yTIPmX001O/i6TJQw3
ioZKTQsA/PKLWmHQj8NLGE9F7LMgEEH6sE55oHziq2MMaHztHGs7R2KSuiyEX2HU
WpUBegfdpjdnpV/57v277tA2mljaSzdunW3sczzqMS8RLrL6+jTpfHSmC+Z+nM4v
Ruzr3QsckhDhrFm/2EN4Nj/XM92/XKdFCbkQvv9r/PM+NoRYf45Z2WbQVdO/sS9G
Y2/jL5PUXBdTjwTrzpXtI0qylQLokTtJtQaGdNWVcpAGyhUO64k+AozZKhn+7XtN
sEF6uUsBWwT4uUL6sGdQF9Xsq1D3fPgaJBvTeKwESNh26QcI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org