Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DzHPni0my0hAbJiBIe4CbeG2YH0.roa
File: DzHPni0my0hAbJiBIe4CbeG2YH0.roa (raw, json)
Hash identifier: ctmOaqQ+llzxIEsxOcKH7PnlliE+Z2HZbpXl4wA/yUI=
Subject key identifier: 0F:31:CF:9E:2D:26:CB:48:40:6C:98:81:21:EE:02:6D:E1:B6:60:7D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7DF9C115634F471A614AB853B234A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DzHPni0my0hAbJiBIe4CbeG2YH0.roa
Signing time: Mon 02 Jan 2023 05:15:22 +0000
ROA not before: Mon 02 Jan 2023 05:15:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209669
IP address blocks: 2a10:cc40:152::/48 maxlen: 48
2a10:cc40:150::/48 maxlen: 48
2a0e:97c0:a1f::/48 maxlen: 48
2a10:cc40:151::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:df:9c:11:56:34:f4:71:a6:14:ab:85:3b:23:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f31cf9e2d26cb48406c988121ee026de1b6607d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:6b:36:a1:3d:7d:c3:c3:12:92:35:dd:8d:
0a:0c:b8:9d:92:bf:97:67:df:2e:cf:37:ff:5d:e7:
c0:ba:1e:74:4d:91:de:34:48:33:77:d0:b7:7c:8f:
ad:da:c7:19:05:3d:7b:b2:1f:b1:4f:4f:38:99:33:
52:fe:17:d9:d0:5b:4c:29:4b:b9:1c:a1:12:60:bb:
0c:14:65:4a:1d:6a:0a:f4:d7:f6:7a:58:fd:c4:2a:
88:d1:99:69:89:55:e8:0d:76:cb:09:b2:8d:20:98:
0d:f3:0c:6d:b5:58:52:1c:b9:84:8e:b3:23:61:3c:
d6:ea:af:12:b3:9f:17:d9:43:41:a3:cf:e1:4c:76:
e4:3b:6e:0e:c3:64:01:2b:4e:7b:2e:4b:71:5b:69:
43:c9:56:38:f7:30:34:26:ef:23:70:c2:c2:b4:1e:
5a:2b:ed:92:89:30:56:37:b1:ba:12:59:92:85:d6:
86:0a:9c:bd:f6:6a:dd:51:49:b1:c7:50:b4:34:60:
00:2b:29:c0:aa:28:37:45:81:ed:30:c2:c8:12:f2:
76:ef:f2:88:67:be:86:db:df:be:dc:f6:d4:7b:bb:
94:dc:08:92:8f:be:fc:3c:62:7a:be:bc:fa:b4:2b:
84:8e:e3:b5:d8:7d:c4:97:b8:54:bf:dd:2a:85:13:
53:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:31:CF:9E:2D:26:CB:48:40:6C:98:81:21:EE:02:6D:E1:B6:60:7D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/DzHPni0my0hAbJiBIe4CbeG2YH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a1f::/48
2a10:cc40:150::-2a10:cc40:152:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:6d:76:12:4b:4a:40:35:08:b3:7d:02:c2:68:20:e9:cc:22:
81:e4:d0:b1:a3:83:68:b7:92:5b:60:ea:99:91:d5:11:8a:cd:
ba:6a:1b:41:b0:61:08:d4:10:58:65:15:62:90:cf:c3:16:c3:
c3:10:2f:79:91:c3:dd:ac:bf:e5:4b:67:0e:31:f8:e3:7b:7d:
3e:2c:70:af:9b:d2:e4:9c:04:8a:d0:b0:90:36:64:20:9a:cc:
cf:63:e8:c3:1b:30:57:51:cd:41:eb:df:98:c8:42:19:7d:9c:
a4:d5:30:4d:01:e3:ee:33:0e:18:ea:2c:8c:13:67:1c:02:88:
87:08:50:cb:2b:35:58:9f:f5:49:40:8e:5f:14:18:46:87:02:
9f:93:5f:50:69:e1:02:5c:6c:e0:e5:2d:d0:cc:32:fc:da:b6:
4e:2e:00:51:b3:1b:2d:78:da:94:a4:eb:9c:fe:67:35:8d:16:
f2:e0:42:97:f1:d5:c4:20:b7:e8:1f:7a:31:87:8b:c6:dc:48:
35:d2:94:7c:57:25:12:bc:e3:8e:25:61:31:2f:57:69:82:86:
47:34:1e:23:35:fc:ae:01:0c:83:1c:71:25:1b:e1:1b:3f:d9:
ab:a2:50:68:ea:ab:6d:cd:97:7b:95:1f:e0:78:7f:9d:29:f6:
40:59:fe:fd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVw59+cEVY09HGmFKuFOyNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjMxY2Y5ZTJkMjZjYjQ4NDA2Yzk4ODEyMWVlMDI2ZGUxYjY2MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAtrNqE9fcPDEpI13Y0KDLidkr+X
Z98uzzf/XefAuh50TZHeNEgzd9C3fI+t2scZBT17sh+xT084mTNS/hfZ0FtMKUu5
HKESYLsMFGVKHWoK9Nf2elj9xCqI0ZlpiVXoDXbLCbKNIJgN8wxttVhSHLmEjrMj
YTzW6q8Ss58X2UNBo8/hTHbkO24Ow2QBK057LktxW2lDyVY49zA0Ju8jcMLCtB5a
K+2SiTBWN7G6ElmShdaGCpy99mrdUUmxx1C0NGAAKynAqig3RYHtMMLIEvJ27/KI
Z76G29++3PbUe7uU3AiSj778PGJ6vrz6tCuEjuO12H3El7hUv90qhRNTUwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFA8xz54tJstIQGyYgSHuAm3htmB9MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRHpIUG5pMG15MGhBYkppQkllNENiZUcyWUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6XwAof
MBIDBwQqEMxAAVADBwAqEMxAAVIwDQYJKoZIhvcNAQELBQADggEBAGBtdhJLSkA1
CLN9AsJoIOnMIoHk0LGjg2i3kltg6pmR1RGKzbpqG0GwYQjUEFhlFWKQz8MWw8MQ
L3mRw92sv+VLZw4x+ON7fT4scK+b0uScBIrQsJA2ZCCazM9j6MMbMFdRzUHr35jI
Qhl9nKTVME0B4+4zDhjqLIwTZxwCiIcIUMsrNVif9UlAjl8UGEaHAp+TX1Bp4QJc
bODlLdDMMvzatk4uAFGzGy142pSk65z+ZzWNFvLgQpfx1cQgt+gfejGHi8bcSDXS
lHxXJRK8444lYTEvV2mChkc0HiM1/K4BDIMccSUb4Rs/2auiUGjqq23Nl3uVH+B4
f50p9kBZ/v0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org