Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EW4hCtbMiDWgv8rlwAjA9TqeNTQ.roa
File: EW4hCtbMiDWgv8rlwAjA9TqeNTQ.roa (raw, json)
Hash identifier: eoLf5+l8oAas1uV7JtO7w0Jq3Hv6msqFz18hObgeD4A=
Subject key identifier: 11:6E:21:0A:D6:CC:88:35:A0:BF:CA:E5:C0:08:C0:F5:3A:9E:35:34
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BF0AE26F0799DB84A1E9603CCCD79DCDA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EW4hCtbMiDWgv8rlwAjA9TqeNTQ.roa
Signing time: Tue 21 Nov 2023 07:00:26 +0000
ROA not before: Tue 21 Nov 2023 07:00:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41732
IP address blocks: 2a0e:b107:820::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:ae:26:f0:79:9d:b8:4a:1e:96:03:cc:cd:79:dc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 21 07:00:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=116e210ad6cc8835a0bfcae5c008c0f53a9e3534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7a:b3:74:6a:4c:98:b2:33:d4:e6:dc:4f:65:
02:f3:87:8e:30:7f:37:39:19:f1:cf:7c:32:76:21:
7a:40:e0:49:f2:ea:0b:c4:b3:59:da:0a:ef:a3:7f:
67:8e:c2:ed:0d:7d:ed:65:25:1c:5e:c8:3a:5c:65:
24:af:4a:2b:32:2d:79:4a:ab:9f:ec:91:e0:a8:bb:
7e:98:ef:c5:76:ea:37:1f:65:08:17:4f:67:de:5e:
65:86:f2:29:40:b0:68:fa:91:80:86:90:86:5e:ea:
fd:37:0c:aa:95:df:03:9a:65:33:e4:24:d8:c9:d6:
16:6b:cc:12:6e:b3:a2:2f:16:05:41:f7:85:07:6e:
12:b3:74:2b:92:a1:b9:bf:ef:ab:60:56:14:65:2c:
ee:a3:d6:bb:f5:39:d6:49:6b:20:67:00:a6:1d:07:
ed:30:27:b1:a9:72:02:ac:f4:2a:8a:29:77:3b:a0:
21:0c:dd:50:2f:dc:2d:d6:6f:e2:de:b3:38:17:a7:
61:db:fb:38:26:9f:bd:41:ea:80:91:d5:d0:27:ce:
b9:46:ab:f0:6c:35:b0:4d:46:47:7c:93:13:1f:dd:
0c:f9:eb:6f:3f:a9:de:08:13:40:7f:7a:04:36:f5:
5a:0d:fb:af:60:cb:5f:86:a8:8c:ab:5b:74:17:fc:
8f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6E:21:0A:D6:CC:88:35:A0:BF:CA:E5:C0:08:C0:F5:3A:9E:35:34
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EW4hCtbMiDWgv8rlwAjA9TqeNTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:820::/44
Signature Algorithm: sha256WithRSAEncryption
8a:eb:5a:18:fb:53:13:ae:8a:74:df:09:36:21:6d:44:b9:5d:
92:39:3e:e8:f8:61:f5:83:94:6c:75:6a:f7:f4:77:46:8b:7f:
fa:df:2a:11:e9:c3:a8:b2:f7:4a:ee:44:c1:d6:2a:2a:92:66:
97:c0:7a:fd:95:9a:a9:5e:92:fb:cf:d5:19:8f:e3:6a:01:00:
d7:2e:43:7c:a0:38:5c:1d:84:ec:93:5a:7f:c9:6a:52:c5:fc:
6b:49:be:63:bb:12:97:6d:5f:45:fd:f9:0b:42:ee:dc:dc:b5:
e9:2f:8b:26:00:42:ee:e6:09:5e:21:f6:24:a1:67:71:71:af:
b0:33:05:33:ae:c0:cb:7c:8c:28:54:ed:fd:e1:9d:e1:e2:6c:
37:fb:89:89:23:06:c3:28:ee:c7:c9:05:e6:35:94:7a:ba:f1:
62:7c:43:53:89:d9:9d:6a:92:31:c2:53:cf:ba:7a:b8:d0:0c:
4c:c2:d0:cb:0e:d6:b3:3c:9a:d2:d3:d8:ff:d1:8f:4c:e2:1b:
01:a1:ca:8d:a8:d0:ae:6e:da:69:36:38:71:89:2a:aa:7f:e8:
0d:0f:b0:a6:00:9c:1d:a8:2e:9e:12:26:32:b0:ac:af:5e:73:
7e:e5:e3:65:a6:ae:39:38:27:8c:a0:47:86:b6:01:36:18:07:
8e:cb:77:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvwribweZ24Sh6WA8zNedzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTIxMDcwMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTZlMjEwYWQ2Y2M4ODM1YTBiZmNhZTVjMDA4YzBmNTNhOWUzNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXqzdGpMmLIz1ObcT2UC84eOMH83
ORnxz3wydiF6QOBJ8uoLxLNZ2grvo39njsLtDX3tZSUcXsg6XGUkr0orMi15Squf
7JHgqLt+mO/Fduo3H2UIF09n3l5lhvIpQLBo+pGAhpCGXur9Nwyqld8DmmUz5CTY
ydYWa8wSbrOiLxYFQfeFB24Ss3QrkqG5v++rYFYUZSzuo9a79TnWSWsgZwCmHQft
MCexqXICrPQqiil3O6AhDN1QL9wt1m/i3rM4F6dh2/s4Jp+9QeqAkdXQJ865Rqvw
bDWwTUZHfJMTH90M+etvP6neCBNAf3oENvVaDfuvYMtfhqiMq1t0F/yPoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBFuIQrWzIg1oL/K5cAIwPU6njU0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRVc0aEN0Yk1pRFdndjhybHdBakE5VHFlTlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwgg
MA0GCSqGSIb3DQEBCwUAA4IBAQCK61oY+1MTrop03wk2IW1EuV2SOT7o+GH1g5Rs
dWr39HdGi3/63yoR6cOosvdK7kTB1ioqkmaXwHr9lZqpXpL7z9UZj+NqAQDXLkN8
oDhcHYTsk1p/yWpSxfxrSb5juxKXbV9F/fkLQu7c3LXpL4smAELu5gleIfYkoWdx
ca+wMwUzrsDLfIwoVO394Z3h4mw3+4mJIwbDKO7HyQXmNZR6uvFifENTidmdapIx
wlPPunq40AxMwtDLDtazPJrS09j/0Y9M4hsBocqNqNCubtppNjhxiSqqf+gND7Cm
AJwdqC6eEiYysKyvXnN+5eNlpq45OCeMoEeGtgE2GAeOy3fl
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:49 2024 by rpki-client on console-ams.rpki-client.org