Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GfzCqY59TP5zhjyZpcsYpOzW0WU.roa
File: GfzCqY59TP5zhjyZpcsYpOzW0WU.roa (raw, json)
Hash identifier: zQNoamAc6ThudABz3oVfx4eJBkunOOCP1Zh8KV4oXAI=
Subject key identifier: 19:FC:C2:A9:8E:7D:4C:FE:73:86:3C:99:A5:CB:18:A4:EC:D6:D1:65
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BE048618007C28A228D4AD51E835309FE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GfzCqY59TP5zhjyZpcsYpOzW0WU.roa
Signing time: Sat 18 Nov 2023 02:35:21 +0000
ROA not before: Sat 18 Nov 2023 02:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c5::/48 maxlen: 48
2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:5c3::/48 maxlen: 48
2a0e:97c0:5ce::/48 maxlen: 48
2a0e:97c0:5c1::/48 maxlen: 48
2a0e:97c0:5cf::/48 maxlen: 48
2a0e:97c0:5ca::/48 maxlen: 48
2a0e:97c0:5c2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e0:48:61:80:07:c2:8a:22:8d:4a:d5:1e:83:53:09:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 18 02:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19fcc2a98e7d4cfe73863c99a5cb18a4ecd6d165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:52:96:cd:c9:78:b5:9f:fa:d9:a7:4c:84:
89:ff:22:2a:65:f1:bf:ef:b4:4a:d7:6a:bd:ea:98:
4a:02:ee:9f:1a:97:ee:68:03:d4:93:f9:ab:0c:09:
cb:ba:bc:98:12:ba:b6:9a:20:5e:65:87:9d:1b:ed:
f6:f8:34:75:be:38:06:08:ce:ea:29:c0:84:f0:23:
82:dc:c1:83:14:09:95:f9:04:3f:fe:bc:20:4d:34:
a8:20:c3:c8:b3:86:10:74:dc:a8:1c:93:4f:e2:7b:
1c:89:38:c0:e8:e5:ed:2c:53:d8:d8:f4:2c:6c:46:
e6:8b:b7:ff:85:84:4b:32:41:a5:6f:63:06:d2:41:
63:32:4d:f0:28:76:3b:55:c7:dd:eb:4c:37:90:04:
69:48:db:8c:2c:7d:2c:09:15:80:3f:60:79:bc:21:
87:5b:cd:aa:94:f3:75:b0:ac:70:5d:9a:09:4c:0a:
40:a8:c7:0a:25:70:3c:a1:ff:ce:fc:5f:40:f5:ac:
82:95:1c:e5:c8:7c:c8:e8:75:e4:e4:5c:19:08:c3:
06:f9:7b:a8:ac:1d:44:9e:4a:91:91:42:54:54:c2:
5f:1e:0f:9f:60:06:88:10:42:41:98:cc:76:42:73:
dc:f2:24:b3:85:3a:f7:ed:24:9d:00:71:75:7c:91:
48:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FC:C2:A9:8E:7D:4C:FE:73:86:3C:99:A5:CB:18:A4:EC:D6:D1:65
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GfzCqY59TP5zhjyZpcsYpOzW0WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
56:9b:1f:54:3f:ff:e5:05:d7:23:f6:bf:d9:dd:3c:e0:3d:ae:
71:15:91:6d:b7:59:41:6a:ef:13:63:ea:1d:3e:34:11:d9:5c:
f9:60:9a:b8:5c:3b:4e:c9:b5:92:d9:f6:44:8a:33:c4:6a:85:
da:a6:76:fc:14:01:57:16:db:f6:10:14:a3:1b:36:72:03:bf:
ea:46:25:52:93:5c:10:05:0f:38:d2:8d:61:25:56:44:05:0a:
9b:7d:52:7e:1d:1b:c3:bb:70:8b:ac:5c:a9:fc:4a:30:93:db:
4c:9a:9a:b7:f0:5d:6e:ec:b0:d0:60:b5:40:76:3e:c0:9e:ec:
dd:d5:90:35:29:06:15:16:1b:d6:d2:b0:47:58:73:09:f3:81:
a1:d0:77:fe:ed:46:7b:71:a7:bf:8f:66:fb:5c:98:46:b7:7f:
f7:2e:38:56:fe:f5:8c:db:7d:a6:ed:88:6e:b2:c6:eb:36:63:
d0:b9:59:4f:26:1a:71:ee:bb:89:4d:15:60:28:7c:20:1a:fc:
5d:ba:20:66:3f:9c:fc:f3:88:49:98:ab:91:a5:4d:64:5d:f7:
ca:01:e6:2f:68:5e:ea:5b:32:08:db:1f:6a:8f:0f:5d:ba:3c:
28:2e:70:a3:13:da:52:58:24:ca:ff:00:d8:bd:26:55:6c:0a:
25:d1:2e:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvgSGGAB8KKIo1K1R6DUwn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE4MDIzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZjYzJhOThlN2Q0Y2ZlNzM4NjNjOTlhNWNiMThhNGVjZDZkMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7FSls3JeLWf+tmnTISJ/yIqZfG/
77RK12q96phKAu6fGpfuaAPUk/mrDAnLuryYErq2miBeZYedG+32+DR1vjgGCM7q
KcCE8COC3MGDFAmV+QQ//rwgTTSoIMPIs4YQdNyoHJNP4nsciTjA6OXtLFPY2PQs
bEbmi7f/hYRLMkGlb2MG0kFjMk3wKHY7Vcfd60w3kARpSNuMLH0sCRWAP2B5vCGH
W82qlPN1sKxwXZoJTApAqMcKJXA8of/O/F9A9ayClRzlyHzI6HXk5FwZCMMG+Xuo
rB1EnkqRkUJUVMJfHg+fYAaIEEJBmMx2QnPc8iSzhTr37SSdAHF1fJFIKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBn8wqmOfUz+c4Y8maXLGKTs1tFlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR2Z6Q3FZNTlUUDV6aGp5WnBjc1lwT3pXMFdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQBWmx9UP//lBdcj9r/Z3TzgPa5xFZFtt1lBau8T
Y+odPjQR2Vz5YJq4XDtOybWS2fZEijPEaoXapnb8FAFXFtv2EBSjGzZyA7/qRiVS
k1wQBQ840o1hJVZEBQqbfVJ+HRvDu3CLrFyp/Eowk9tMmpq38F1u7LDQYLVAdj7A
nuzd1ZA1KQYVFhvW0rBHWHMJ84Gh0Hf+7UZ7cae/j2b7XJhGt3/3LjhW/vWM232m
7YhussbrNmPQuVlPJhpx7ruJTRVgKHwgGvxduiBmP5z884hJmKuRpU1kXffKAeYv
aF7qWzII2x9qjw9dujwoLnCjE9pSWCTK/wDYvSZVbAol0S5v
-----END CERTIFICATE-----
Generated at Sat Nov 18 23:03:12 2023 by rpki-client on console-fra.rpki-client.org