Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ec2eGxNRNe_qHUPrJZn7PZUuP-Q.roa
File: Ec2eGxNRNe_qHUPrJZn7PZUuP-Q.roa (raw, json)
Hash identifier: w4Q3nX5N6MGlArrh8gjQrmaOYs18wqGcbxPhc38wdAA=
Subject key identifier: 11:CD:9E:1B:13:51:35:EF:EA:1D:43:EB:25:99:FB:3D:95:2E:3F:E4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185DE40B004E14280AC46DAD05CCBCA54E4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ec2eGxNRNe_qHUPrJZn7PZUuP-Q.roa
Signing time: Mon 23 Jan 2023 10:50:59 +0000
ROA not before: Mon 23 Jan 2023 10:50:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a48::/48 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a44::/48 maxlen: 48
2a0e:97c0:a47::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:40:b0:04:e1:42:80:ac:46:da:d0:5c:cb:ca:54:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 23 10:50:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11cd9e1b135135efea1d43eb2599fb3d952e3fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:e3:97:76:ac:2f:d3:7f:cc:3e:d4:80:e5:
10:79:8b:a8:ad:b1:f6:dd:14:a0:0e:18:21:78:62:
d2:f6:a4:c6:33:71:d6:8b:23:62:d9:c1:24:78:ef:
a2:59:3f:cd:4d:42:08:c4:92:45:70:1e:4b:c4:19:
6d:22:6c:a0:50:06:79:a3:f8:39:b2:9c:b0:2e:4f:
90:35:e7:03:5b:04:73:af:b1:81:d6:94:fd:cd:6d:
ac:de:1d:1d:18:9c:29:ba:7d:2d:d5:f1:a1:bb:77:
1f:93:80:1f:07:49:43:58:2b:66:0e:5c:03:72:ec:
63:a4:96:ef:e6:0e:c5:85:41:8b:82:16:37:15:b8:
73:ee:2f:92:01:9a:f1:68:65:d1:07:6e:ff:a4:50:
32:39:fd:fa:9d:d0:f4:c4:18:e0:af:e8:83:6d:a8:
98:6b:38:63:aa:32:b1:f9:7c:cf:16:af:f8:19:58:
6c:59:26:ae:77:62:37:02:df:3b:8d:ac:e3:33:e9:
e1:2a:54:26:17:6a:1f:c9:a3:fe:1d:4b:02:db:34:
1c:d0:91:99:3f:27:af:e5:ca:c3:d8:10:73:c8:50:
b8:8a:37:5b:b3:d4:02:58:4b:70:94:cf:34:00:06:
49:6a:4c:57:cc:43:af:1a:c6:b9:04:7a:9e:eb:35:
4d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CD:9E:1B:13:51:35:EF:EA:1D:43:EB:25:99:FB:3D:95:2E:3F:E4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ec2eGxNRNe_qHUPrJZn7PZUuP-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
Signature Algorithm: sha256WithRSAEncryption
54:2d:b1:aa:4f:48:b2:29:f0:e6:8b:f8:54:57:f7:33:de:05:
af:ad:07:bf:91:d0:41:db:a3:e1:45:77:25:0e:db:82:ed:33:
b8:57:1e:20:db:5d:a3:9e:c1:97:41:58:82:3e:5e:a0:9d:8e:
e6:64:db:fa:1a:f8:8a:ee:92:ef:eb:1f:85:8f:d6:61:9e:79:
71:6d:f9:d8:4e:81:f4:47:c7:3a:2e:f7:40:51:f3:48:b7:f8:
5e:51:eb:45:4a:fe:86:d2:14:a9:43:34:69:a4:78:26:50:eb:
17:98:48:5e:a2:ff:b8:29:dc:c6:c1:88:49:62:68:17:a7:42:
a8:19:69:25:db:97:ac:e0:42:b9:2a:28:4c:12:b0:b8:f3:10:
b9:6d:a2:fb:63:0e:6a:98:9a:a7:ec:85:22:4d:48:85:b7:94:
3e:dc:5f:5e:32:39:d8:a4:de:fb:89:c9:9b:01:1f:0a:ad:e5:
8e:9d:bf:c1:f3:80:bc:be:9d:e2:4d:35:10:b7:51:ec:6a:2b:
51:ba:af:67:91:74:1a:69:4f:51:1d:5a:a0:13:f0:74:8e:63:
0b:1f:bd:a3:a2:3f:17:6b:55:68:64:4e:ee:3e:0a:aa:29:f5:
e1:b9:52:e5:7d:b3:d1:d1:d4:5c:bd:b2:99:8a:bc:fd:3d:d7:
2d:8e:0a:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXeQLAE4UKArEba0FzLylTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTIzMTA1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNkOWUxYjEzNTEzNWVmZWExZDQzZWIyNTk5ZmIzZDk1MmUzZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNrjl3asL9N/zD7UgOUQeYuorbH2
3RSgDhgheGLS9qTGM3HWiyNi2cEkeO+iWT/NTUIIxJJFcB5LxBltImygUAZ5o/g5
spywLk+QNecDWwRzr7GB1pT9zW2s3h0dGJwpun0t1fGhu3cfk4AfB0lDWCtmDlwD
cuxjpJbv5g7FhUGLghY3Fbhz7i+SAZrxaGXRB27/pFAyOf36ndD0xBjgr+iDbaiY
azhjqjKx+XzPFq/4GVhsWSaud2I3At87jazjM+nhKlQmF2ofyaP+HUsC2zQc0JGZ
Pyev5crD2BBzyFC4ijdbs9QCWEtwlM80AAZJakxXzEOvGsa5BHqe6zVNuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBHNnhsTUTXv6h1D6yWZ+z2VLj/kMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRWMyZUd4TlJOZV9xSFVQckpabjdQWlV1UC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwApA
MA0GCSqGSIb3DQEBCwUAA4IBAQBULbGqT0iyKfDmi/hUV/cz3gWvrQe/kdBB26Ph
RXclDtuC7TO4Vx4g212jnsGXQViCPl6gnY7mZNv6GviK7pLv6x+Fj9ZhnnlxbfnY
ToH0R8c6LvdAUfNIt/heUetFSv6G0hSpQzRppHgmUOsXmEheov+4KdzGwYhJYmgX
p0KoGWkl25es4EK5KihMErC48xC5baL7Yw5qmJqn7IUiTUiFt5Q+3F9eMjnYpN77
icmbAR8KreWOnb/B84C8vp3iTTUQt1HsaitRuq9nkXQaaU9RHVqgE/B0jmMLH72j
oj8Xa1VoZE7uPgqqKfXhuVLlfbPR0dRcvbKZirz9Pdctjgpm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org