Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dqt_0O1qBkb-l_yLzf0lj3z4qtk.roa
File: Dqt_0O1qBkb-l_yLzf0lj3z4qtk.roa (raw, json)
Hash identifier: XPeLVODrYIWuN3DSSUgiYH91lD2pkBU4qjYCwl4uZYc=
Subject key identifier: 0E:AB:7F:D0:ED:6A:06:46:FE:97:FC:8B:CD:FD:25:8F:7C:F8:AA:D9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01867A3AB72A36B850EF3C90234465D90A37
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dqt_0O1qBkb-l_yLzf0lj3z4qtk.roa
Signing time: Wed 22 Feb 2023 17:45:13 +0000
ROA not before: Wed 22 Feb 2023 17:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210617
IP address blocks: 2a0e:97c0:5a0::/48 maxlen: 48
2a0e:97c0:5a1::/48 maxlen: 48
2a0e:97c0:5af::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:3a:b7:2a:36:b8:50:ef:3c:90:23:44:65:d9:0a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 22 17:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eab7fd0ed6a0646fe97fc8bcdfd258f7cf8aad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:1f:ef:9b:ba:ab:38:44:df:57:d5:ff:b9:
d1:fb:b9:5a:d8:e3:47:44:05:ab:cc:2d:f5:71:64:
9f:14:79:c4:5b:99:11:42:db:a5:a9:6c:f3:23:95:
66:71:b9:51:66:0d:2b:64:d2:04:19:46:c3:20:ae:
1f:44:ed:a0:9f:0e:84:33:de:13:55:a4:a4:0c:a8:
e5:d2:56:5d:45:e2:13:ca:89:4c:4c:5a:bf:6b:d9:
f5:8c:2d:2a:ae:82:af:3f:b6:87:11:0d:56:56:a4:
49:b6:ba:3c:d8:f1:20:e3:58:ca:ae:20:0f:0c:7f:
16:43:4c:7f:e8:92:24:45:ee:14:97:ca:ce:7e:5a:
00:95:67:3a:5a:14:e6:41:fb:2c:f5:18:67:cf:82:
3f:6c:f2:26:47:d0:af:2d:bc:c5:c6:22:6a:90:3d:
bf:21:64:16:60:49:fe:e9:71:47:2f:74:fb:aa:94:
b7:61:df:f2:7d:c8:f6:d0:89:1e:71:df:81:8d:71:
b6:17:7b:25:cb:53:29:88:23:86:df:62:20:12:dc:
d9:97:05:aa:57:53:fc:6d:d2:31:25:82:04:9c:34:
3b:6b:76:d0:1b:42:57:fb:e6:aa:0f:bf:46:b1:b3:
28:54:58:10:ee:2d:8c:66:b7:65:a8:64:a3:8f:ec:
45:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AB:7F:D0:ED:6A:06:46:FE:97:FC:8B:CD:FD:25:8F:7C:F8:AA:D9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Dqt_0O1qBkb-l_yLzf0lj3z4qtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5a0::/47
2a0e:97c0:5af::/48
Signature Algorithm: sha256WithRSAEncryption
13:9e:ac:96:ad:5d:90:4b:15:6d:17:35:a1:55:44:1b:b2:61:
41:bb:fa:14:4c:f9:f1:d9:42:94:90:a8:23:20:ca:87:11:fb:
f1:89:de:d9:42:9b:13:a9:d8:8d:06:88:8f:ce:7e:3f:12:17:
e7:c1:0c:fa:9c:61:51:e0:d2:a4:82:fd:90:58:7a:77:79:c3:
f4:54:a6:12:0d:5d:83:65:3d:b1:39:e1:be:7d:36:71:41:7a:
29:dc:12:af:73:a8:57:5f:98:b5:18:f5:39:2b:db:89:b5:b9:
13:ee:56:10:97:9c:1f:ca:7e:9f:e2:3c:31:bf:7e:e9:fc:cf:
ab:16:cd:ff:00:f6:90:5e:b3:59:25:a0:e7:92:55:6f:bc:e2:
a4:c0:a0:d2:a4:2c:62:0c:a2:23:1a:c4:f6:c7:3a:c1:76:ac:
ac:37:bd:96:0b:6e:46:81:0f:50:b5:21:9e:8d:2e:24:0c:42:
39:46:53:c5:75:39:13:74:b8:d7:50:a5:35:6d:4f:3f:94:ad:
eb:a7:b0:51:fb:2b:38:ca:44:61:f0:32:4a:8e:88:8d:37:6c:
1d:cf:61:70:51:65:78:36:7d:56:1e:fc:2e:c7:a4:47:8a:6b:
f9:57:1c:c5:ae:3b:da:f3:81:c7:f6:3f:97:a6:0b:ff:4b:83:
43:a8:cc:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ6OrcqNrhQ7zyQI0Rl2Qo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIyMTc0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFiN2ZkMGVkNmEwNjQ2ZmU5N2ZjOGJjZGZkMjU4ZjdjZjhhYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSIf75u6qzhE31fV/7nR+7la2ONH
RAWrzC31cWSfFHnEW5kRQtulqWzzI5VmcblRZg0rZNIEGUbDIK4fRO2gnw6EM94T
VaSkDKjl0lZdReITyolMTFq/a9n1jC0qroKvP7aHEQ1WVqRJtro82PEg41jKriAP
DH8WQ0x/6JIkRe4Ul8rOfloAlWc6WhTmQfss9Rhnz4I/bPImR9CvLbzFxiJqkD2/
IWQWYEn+6XFHL3T7qpS3Yd/yfcj20Ikecd+BjXG2F3sly1MpiCOG32IgEtzZlwWq
V1P8bdIxJYIEnDQ7a3bQG0JX++aqD79GsbMoVFgQ7i2MZrdlqGSjj+xFTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA6rf9DtagZG/pf8i839JY98+KrZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRHF0XzBPMXFCa2ItbF95THpmMGxqM3o0cXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKg6XwAWg
AwcAKg6XwAWvMA0GCSqGSIb3DQEBCwUAA4IBAQATnqyWrV2QSxVtFzWhVUQbsmFB
u/oUTPnx2UKUkKgjIMqHEfvxid7ZQpsTqdiNBoiPzn4/EhfnwQz6nGFR4NKkgv2Q
WHp3ecP0VKYSDV2DZT2xOeG+fTZxQXop3BKvc6hXX5i1GPU5K9uJtbkT7lYQl5wf
yn6f4jwxv37p/M+rFs3/APaQXrNZJaDnklVvvOKkwKDSpCxiDKIjGsT2xzrBdqys
N72WC25GgQ9QtSGejS4kDEI5RlPFdTkTdLjXUKU1bU8/lK3rp7BR+ys4ykRh8DJK
joiNN2wdz2FwUWV4Nn1WHvwux6RHimv5VxzFrjva84HH9j+Xpgv/S4NDqMzr
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org