Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HRhoA5KWjD2IAjL1jj4AskdVCMU.roa
File: HRhoA5KWjD2IAjL1jj4AskdVCMU.roa (raw, json)
Hash identifier: vYLm1aPzT+CTodwi/2TY/Q2VizlLYcXfUvzIJUWV7rU=
Subject key identifier: 1D:18:68:03:92:96:8C:3D:88:02:32:F5:8E:3E:00:B2:47:55:08:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018880A49F54BE2B6EFD59CE654322C106A4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HRhoA5KWjD2IAjL1jj4AskdVCMU.roa
Signing time: Sat 03 Jun 2023 09:44:12 +0000
ROA not before: Sat 03 Jun 2023 09:44:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200605
IP address blocks: 2a0e:97c0:370::/44 maxlen: 48
2a0e:97c0:370::/48 maxlen: 48
2a0e:97c0:371::/48 maxlen: 48
2a0e:97c0:372::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:a4:9f:54:be:2b:6e:fd:59:ce:65:43:22:c1:06:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 3 09:44:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d18680392968c3d880232f58e3e00b2475508c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:c3:ae:cc:28:17:7d:22:24:ea:b1:66:c1:
6d:31:3b:ef:a0:9e:d3:7f:f7:bf:0d:c3:cc:42:25:
a1:43:c7:df:ed:51:bb:f1:3e:10:e3:c6:c3:61:24:
85:80:61:01:57:f2:bd:44:67:25:fe:3d:29:a6:b0:
22:35:49:4f:c7:59:f8:f4:33:a2:2b:bc:44:f7:e0:
41:27:1a:79:48:fc:d5:24:3d:df:bc:90:37:60:f7:
3c:31:88:65:56:aa:73:ac:16:e6:cd:50:aa:af:b9:
ca:18:82:c3:20:8e:c8:df:30:41:11:fc:be:16:f8:
22:e4:4f:17:b0:71:ee:96:b0:3f:45:f6:fe:ca:3b:
25:9d:30:dd:60:5a:13:16:b1:cf:e2:4b:1f:31:4f:
85:cf:48:a9:9a:34:57:93:24:c1:ba:46:58:93:97:
d1:c9:33:c3:21:6c:ac:c3:6b:0c:85:7e:ce:ab:12:
d6:3e:6b:d1:fd:7e:ca:c7:b8:e4:cb:05:36:af:e5:
a7:aa:e4:1d:03:b8:18:4a:44:75:77:b5:ad:22:95:
3e:ba:36:7b:de:fb:2b:a1:8a:58:b2:de:a7:c6:6e:
93:3a:11:9b:13:a7:5c:f8:f3:1e:e3:17:b8:a8:0a:
fa:9d:9c:0c:c9:5e:c6:64:ca:93:63:4a:e3:1c:4d:
ab:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:18:68:03:92:96:8C:3D:88:02:32:F5:8E:3E:00:B2:47:55:08:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HRhoA5KWjD2IAjL1jj4AskdVCMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:370::/44
Signature Algorithm: sha256WithRSAEncryption
cc:4a:da:ab:61:0e:aa:4b:74:43:78:d5:a5:3d:5f:e4:ff:1b:
3a:7c:b0:78:70:ff:12:cc:53:0f:23:dd:2c:72:41:f9:11:98:
95:d6:b2:b0:4a:11:fe:37:53:c1:68:63:40:9a:c1:e6:f0:64:
ee:a3:61:48:c9:34:94:b9:fc:76:9d:e7:a7:94:6b:70:c0:62:
4f:55:c6:14:e5:52:0a:51:f7:e5:94:d8:56:f8:17:b7:e7:89:
aa:b2:02:1a:ec:e1:c3:db:d8:bf:9d:52:f2:c9:82:fa:15:09:
da:b3:00:2f:d5:37:08:84:49:67:4c:05:9d:13:3e:a0:b0:49:
16:f4:84:3e:59:af:be:f9:a2:19:1f:5c:0a:98:62:dd:93:4b:
29:9d:f9:f9:ff:9e:e8:d6:a0:4e:c4:dc:e8:31:a9:20:a2:63:
b0:b8:9d:8c:95:1d:74:8d:40:6b:7c:e0:2f:9c:1f:bb:00:48:
13:e8:60:0e:90:12:1c:3b:73:18:f9:ad:23:5f:e8:81:ad:75:
4a:7f:c0:a8:18:40:03:5a:8a:bc:92:fb:7b:b9:02:9d:f2:32:
65:4f:df:39:13:5d:f1:3c:09:4f:9a:76:be:97:2c:9f:97:57:
dc:a7:41:be:a4:79:ad:66:3d:2b:c7:6c:e1:74:d9:68:c5:97:
02:38:8f:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYiApJ9Uvitu/VnOZUMiwQakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNjAzMDk0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE4NjgwMzkyOTY4YzNkODgwMjMyZjU4ZTNlMDBiMjQ3NTUwOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxDDrswoF30iJOqxZsFtMTvvoJ7T
f/e/DcPMQiWhQ8ff7VG78T4Q48bDYSSFgGEBV/K9RGcl/j0pprAiNUlPx1n49DOi
K7xE9+BBJxp5SPzVJD3fvJA3YPc8MYhlVqpzrBbmzVCqr7nKGILDII7I3zBBEfy+
Fvgi5E8XsHHulrA/Rfb+yjslnTDdYFoTFrHP4ksfMU+Fz0ipmjRXkyTBukZYk5fR
yTPDIWysw2sMhX7OqxLWPmvR/X7Kx7jkywU2r+WnquQdA7gYSkR1d7WtIpU+ujZ7
3vsroYpYst6nxm6TOhGbE6dc+PMe4xe4qAr6nZwMyV7GZMqTY0rjHE2rkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB0YaAOSlow9iAIy9Y4+ALJHVQjFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSFJob0E1S1dqRDJJQWpMMWpqNEFza2RWQ01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwANw
MA0GCSqGSIb3DQEBCwUAA4IBAQDMStqrYQ6qS3RDeNWlPV/k/xs6fLB4cP8SzFMP
I90sckH5EZiV1rKwShH+N1PBaGNAmsHm8GTuo2FIyTSUufx2neenlGtwwGJPVcYU
5VIKUffllNhW+Be354mqsgIa7OHD29i/nVLyyYL6FQnaswAv1TcIhElnTAWdEz6g
sEkW9IQ+Wa+++aIZH1wKmGLdk0spnfn5/57o1qBOxNzoMakgomOwuJ2MlR10jUBr
fOAvnB+7AEgT6GAOkBIcO3MY+a0jX+iBrXVKf8CoGEADWoq8kvt7uQKd8jJlT985
E13xPAlPmna+lyyfl1fcp0G+pHmtZj0rx2zhdNloxZcCOI/w
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org