Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FJhR7s8agGbiPkOtmcaRt55VdP4.roa
File: FJhR7s8agGbiPkOtmcaRt55VdP4.roa (raw, json)
Hash identifier: oauRhaORoEIaCnFALAC0ptrCRL6xoe/e544TI1Mnb1Y=
Subject key identifier: 14:98:51:EE:CF:1A:80:66:E2:3E:43:AD:99:C6:91:B7:9E:55:74:FE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018875FD8476CD6D35FA161C11185E2F85B0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FJhR7s8agGbiPkOtmcaRt55VdP4.roa
Signing time: Thu 01 Jun 2023 08:05:28 +0000
ROA not before: Thu 01 Jun 2023 08:05:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 2a10:ccc2:9c00::/38 maxlen: 48
2a06:de01:400::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:75:fd:84:76:cd:6d:35:fa:16:1c:11:18:5e:2f:85:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 1 08:05:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149851eecf1a8066e23e43ad99c691b79e5574fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:dc:21:75:20:07:6e:f4:14:1a:97:8a:7e:2e:
26:7a:dd:6a:2f:35:20:e8:dc:07:8b:77:15:cd:e4:
89:92:a3:79:cf:32:a8:8f:93:85:90:7e:16:e8:c4:
48:d1:73:2b:38:1a:a1:e3:98:96:75:16:8b:ba:25:
a3:14:f5:50:2b:0c:1b:51:47:b1:8e:a9:7a:e0:0a:
fe:22:43:a7:80:f4:1c:f7:4e:b5:34:25:3e:e6:ec:
8f:84:fd:e8:67:c7:22:06:09:fb:97:b1:e2:d3:27:
23:91:06:dc:b5:b1:bf:6b:59:e6:64:21:1b:53:b6:
7f:84:a6:30:89:3d:fa:51:70:b6:26:b7:72:3e:fe:
f9:d9:75:a6:4b:f6:aa:f8:24:8a:d8:c4:77:0d:ec:
12:db:bd:cd:5c:98:a2:f5:a9:b7:50:48:46:6a:b5:
54:63:81:b5:47:ae:a4:39:ae:4a:7a:38:25:42:85:
a1:13:30:fd:bc:e5:26:0c:da:bf:a2:8b:88:ba:33:
33:2b:71:6e:eb:a4:80:d5:21:d2:c4:8c:5f:c0:c5:
98:13:a4:ac:f4:51:63:af:f9:40:cd:a8:93:f1:e6:
b7:3f:fb:57:26:c1:00:bc:63:9c:8e:f0:47:cb:da:
b5:9e:16:58:bd:7a:9a:d7:92:07:66:89:53:3d:5f:
ae:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:98:51:EE:CF:1A:80:66:E2:3E:43:AD:99:C6:91:B7:9E:55:74:FE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FJhR7s8agGbiPkOtmcaRt55VdP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:400::/38
2a10:ccc2:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
ca:99:6d:f2:a3:3b:cd:a1:4b:1b:fb:07:fd:15:8f:85:98:14:
1f:23:5b:d6:23:f4:25:d4:72:62:85:37:4c:61:94:f8:49:65:
1a:a6:91:d5:87:57:f1:f3:d6:6b:1a:2c:6c:12:1b:05:05:0c:
4f:31:6b:bd:a4:35:0a:ee:e7:a3:90:eb:ab:1d:e0:fc:38:13:
37:31:3c:56:f2:66:ad:4d:88:a9:ae:3d:2f:8b:7a:f2:ba:98:
d3:97:00:f0:96:94:d3:d8:a8:60:22:47:e7:aa:2f:08:7b:d0:
fb:be:22:91:d8:14:84:a5:e9:f0:ca:8b:41:77:e7:f0:28:3b:
b7:66:d8:23:72:7d:e7:a1:f1:35:91:4b:bd:46:87:5c:0c:75:
f8:5e:88:be:d9:98:c8:bb:0b:25:a3:e6:16:8a:7c:8a:9a:1d:
d3:ae:74:ce:3d:59:8b:00:4d:c0:86:34:c6:06:2b:4b:28:e1:
4c:15:5b:89:9c:dc:8c:8e:21:6c:b4:f8:8f:b6:b4:ef:85:dd:
a2:8d:88:bc:72:6f:2d:97:23:44:e4:bf:27:54:5a:ae:9d:14:
87:4e:77:9b:87:99:c6:d2:f7:a5:03:01:6e:55:de:9e:c3:40:
19:c8:75:b4:cc:50:b8:57:0b:17:c0:f2:d7:6f:16:a7:e5:4c:
04:59:3b:38
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYh1/YR2zW01+hYcERheL4WwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAxMDgwNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk4NTFlZWNmMWE4MDY2ZTIzZTQzYWQ5OWM2OTFiNzllNTU3NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdwhdSAHbvQUGpeKfi4met1qLzUg
6NwHi3cVzeSJkqN5zzKoj5OFkH4W6MRI0XMrOBqh45iWdRaLuiWjFPVQKwwbUUex
jql64Ar+IkOngPQc9061NCU+5uyPhP3oZ8ciBgn7l7Hi0ycjkQbctbG/a1nmZCEb
U7Z/hKYwiT36UXC2JrdyPv752XWmS/aq+CSK2MR3DewS273NXJii9am3UEhGarVU
Y4G1R66kOa5KejglQoWhEzD9vOUmDNq/oouIujMzK3Fu66SA1SHSxIxfwMWYE6Ss
9FFjr/lAzaiT8ea3P/tXJsEAvGOcjvBHy9q1nhZYvXqa15IHZolTPV+ubwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFBSYUe7PGoBm4j5DrZnGkbeeVXT+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRkpoUjdzOGFnR2JpUGtPdG1jYVJ0NTVWZFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgbeAQQD
BgIqEMzCnDANBgkqhkiG9w0BAQsFAAOCAQEAyplt8qM7zaFLG/sH/RWPhZgUHyNb
1iP0JdRyYoU3TGGU+EllGqaR1YdX8fPWaxosbBIbBQUMTzFrvaQ1Cu7no5Drqx3g
/DgTNzE8VvJmrU2Iqa49L4t68rqY05cA8JaU09ioYCJH56ovCHvQ+74ikdgUhKXp
8MqLQXfn8Cg7t2bYI3J956HxNZFLvUaHXAx1+F6IvtmYyLsLJaPmFop8ipod0650
zj1ZiwBNwIY0xgYrSyjhTBVbiZzcjI4hbLT4j7a074Xdoo2IvHJvLZcjROS/J1Ra
rp0Uh053m4eZxtL3pQMBblXensNAGch1tMxQuFcLF8Dy128Wp+VMBFk7OA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-fra.rpki-client.org