Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GwdSLCxqSseog0xk7ulbEpohGYg.roa
File: GwdSLCxqSseog0xk7ulbEpohGYg.roa (raw, json)
Hash identifier: 5qKpfSYcIyz+kKBnBbkfy2Ls/U0I8G2t+YTBjmRWfnM=
Subject key identifier: 1B:07:52:2C:2C:6A:4A:C7:A8:83:4C:64:EE:E9:5B:12:9A:21:19:88
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01894C4DC15A867E00F188E033B4834000F9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GwdSLCxqSseog0xk7ulbEpohGYg.roa
Signing time: Wed 12 Jul 2023 22:51:51 +0000
ROA not before: Wed 12 Jul 2023 22:51:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209225
IP address blocks: 2a10:cc40:102::/48 maxlen: 48
2a10:cc40:100::/44 maxlen: 48
2a10:2f00:17e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4c:4d:c1:5a:86:7e:00:f1:88:e0:33:b4:83:40:00:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 12 22:51:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b07522c2c6a4ac7a8834c64eee95b129a211988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:7f:e5:f6:d3:00:22:b2:41:56:f6:76:0f:
84:5f:bf:e3:f9:f5:6e:d5:fe:60:0a:78:80:0f:f6:
52:fc:4e:6c:4f:ba:51:41:1f:57:45:53:60:78:72:
2b:bb:5c:6f:d2:25:a4:1f:02:96:c5:e8:15:f8:c6:
25:b6:ea:bc:3a:6a:9e:ef:b6:22:cf:ad:70:14:3d:
a1:79:7b:7a:b0:d8:05:07:1f:49:1d:e8:7a:a9:d8:
53:68:9d:de:57:18:ae:9d:06:03:75:85:b4:a4:d8:
63:17:52:03:83:65:8a:69:10:30:ff:a2:68:04:f9:
2b:7c:2b:63:e3:79:4b:a6:2c:af:f1:ec:60:5e:ba:
36:e0:f8:a9:56:07:40:85:29:af:ad:68:a5:e2:d0:
d2:a6:87:ec:97:a5:15:4c:7a:d0:b0:52:91:da:e5:
4c:11:e9:d8:cb:80:6c:c8:9e:80:27:18:6f:4f:bb:
47:cd:cf:b8:48:03:70:38:37:7e:98:61:bd:bf:8b:
47:96:83:d5:2a:af:a9:0e:75:61:11:bf:3d:c2:f2:
f6:51:f7:a2:a5:8c:2f:d9:f7:26:83:22:60:8f:85:
7e:d4:d9:a1:51:50:53:ce:63:1c:7b:fd:a4:b6:5a:
82:41:7a:d3:e8:2b:e1:b7:5d:4f:6c:e9:7f:f8:7e:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:07:52:2C:2C:6A:4A:C7:A8:83:4C:64:EE:E9:5B:12:9A:21:19:88
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GwdSLCxqSseog0xk7ulbEpohGYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:17e::/48
2a10:cc40:100::/44
Signature Algorithm: sha256WithRSAEncryption
0b:c8:21:f5:f3:c4:f1:ac:c2:f2:cb:b8:d7:10:b5:23:a3:21:
63:2c:6c:f9:e6:0d:cc:9a:5f:71:d4:32:32:ef:36:17:85:5f:
b5:ef:fe:16:83:2e:7c:79:dd:9f:cc:9f:5b:de:b2:84:d6:bf:
c7:56:54:44:ac:eb:4d:8f:31:cd:82:58:f1:7f:ea:13:3d:6a:
36:40:45:fe:3b:b0:27:d9:da:84:97:3f:33:6c:83:c3:59:44:
0f:89:c5:cb:ec:a1:f6:d6:38:77:32:34:57:d2:31:ef:25:14:
cb:f0:32:3b:93:57:ed:3f:34:48:f1:da:ce:a3:8f:fd:44:9e:
a7:7c:8a:57:e6:53:d0:e4:5a:cd:1e:e1:38:63:99:f4:71:18:
9b:59:cb:54:d8:c4:51:48:75:0f:d1:6f:e7:d8:f6:79:af:0f:
58:89:cb:63:e0:e6:f8:8d:d0:03:ba:f0:16:dc:4e:7e:8f:5c:
e1:74:8f:86:84:db:3c:d4:b6:b2:46:35:b6:99:24:ce:03:4a:
9a:84:83:9c:0c:9e:1d:27:4c:54:d3:40:27:10:11:01:2b:c7:
30:73:d3:b9:0f:05:52:89:0a:c1:ee:19:b9:57:de:37:7f:37:
75:e4:cf:c1:31:0d:1a:03:66:7c:2a:6e:36:3c:cc:7d:13:45:
ef:fe:6e:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlMTcFahn4A8YjgM7SDQAD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzEyMjI1MTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjA3NTIyYzJjNmE0YWM3YTg4MzRjNjRlZWU5NWIxMjlhMjExOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLp/5fbTACKyQVb2dg+EX7/j+fVu
1f5gCniAD/ZS/E5sT7pRQR9XRVNgeHIru1xv0iWkHwKWxegV+MYltuq8Omqe77Yi
z61wFD2heXt6sNgFBx9JHeh6qdhTaJ3eVxiunQYDdYW0pNhjF1IDg2WKaRAw/6Jo
BPkrfCtj43lLpiyv8exgXro24PipVgdAhSmvrWil4tDSpofsl6UVTHrQsFKR2uVM
EenYy4BsyJ6AJxhvT7tHzc+4SANwODd+mGG9v4tHloPVKq+pDnVhEb89wvL2Ufei
pYwv2fcmgyJgj4V+1NmhUVBTzmMce/2ktlqCQXrT6Cvht11PbOl/+H7F5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBsHUiwsakrHqINMZO7pWxKaIRmIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3dkU0xDeHFTc2VvZzB4azd1bGJFcG9oR1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhAvAAF+
AwcEKhDMQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQALyCH188TxrMLyy7jXELUjoyFj
LGz55g3Mml9x1DIy7zYXhV+17/4Wgy58ed2fzJ9b3rKE1r/HVlRErOtNjzHNgljx
f+oTPWo2QEX+O7An2dqElz8zbIPDWUQPicXL7KH21jh3MjRX0jHvJRTL8DI7k1ft
PzRI8drOo4/9RJ6nfIpX5lPQ5FrNHuE4Y5n0cRibWctU2MRRSHUP0W/n2PZ5rw9Y
ictj4Ob4jdADuvAW3E5+j1zhdI+GhNs81LayRjW2mSTOA0qahIOcDJ4dJ0xU00An
EBEBK8cwc9O5DwVSiQrB7hm5V943fzd15M/BMQ0aA2Z8Km42PMx9E0Xv/m4m
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org