Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IcldRa6bzPZhmcMJMsC1uPV76YU.roa
File: IcldRa6bzPZhmcMJMsC1uPV76YU.roa (raw, json)
Hash identifier: dTzTVzApygn+4thaYp0y3r77p82LI/as7EbP+S1wgdc=
Subject key identifier: 21:C9:5D:45:AE:9B:CC:F6:61:99:C3:09:32:C0:B5:B8:F5:7B:E9:85
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185F6AFD4DCB36553855DFE7072C35F8195
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IcldRa6bzPZhmcMJMsC1uPV76YU.roa
Signing time: Sat 28 Jan 2023 04:43:16 +0000
ROA not before: Sat 28 Jan 2023 04:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:900::/44 maxlen: 48
2a0e:b107:800::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 28 Jan 2023 06:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f6:af:d4:dc:b3:65:53:85:5d:fe:70:72:c3:5f:81:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 04:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21c95d45ae9bccf66199c30932c0b5b8f57be985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:a6:a2:c2:fe:75:3e:5e:23:a2:6b:ff:ca:
cb:8e:1b:43:9e:65:8e:a2:9f:bb:73:11:ad:b5:d2:
77:d0:56:f7:dd:fd:98:5a:ee:e1:4a:bf:5c:26:3d:
a8:88:0c:47:40:47:04:e8:33:4a:08:ec:8a:20:03:
59:e6:ef:ea:06:54:0d:42:5e:79:13:05:4a:d3:c0:
d6:3e:e1:00:d5:91:41:45:fb:c2:43:38:cd:d1:7e:
64:3a:52:6f:26:6e:6e:77:b3:af:a4:16:fa:eb:1a:
e8:ba:0c:9c:28:1b:6f:73:e2:29:5c:33:f2:b5:4a:
f1:0e:38:e1:da:c8:1b:9b:df:1f:3f:44:13:81:3e:
36:fd:7e:87:b5:5a:39:b0:c1:90:34:01:5f:e4:45:
ee:4c:34:be:07:c9:8b:d0:b3:35:48:5e:b2:c7:a0:
be:b5:25:c2:2d:81:88:07:2e:c9:61:71:8b:24:0e:
75:80:0d:79:12:0f:10:f9:63:99:3f:1e:cb:3d:e2:
ec:7e:5e:a8:82:c2:d0:38:68:17:17:1e:29:35:09:
7d:40:7a:04:fb:48:24:4b:4b:c9:78:b6:96:6b:7c:
14:d0:fb:39:d1:6a:51:5a:77:5a:25:75:28:19:62:
2f:62:9e:bb:57:f6:55:a9:ad:06:7e:4e:68:1d:f9:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C9:5D:45:AE:9B:CC:F6:61:99:C3:09:32:C0:B5:B8:F5:7B:E9:85
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IcldRa6bzPZhmcMJMsC1uPV76YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:800::/44
2a0e:b107:900::/44
2a0e:b107:bb0::/44
Signature Algorithm: sha256WithRSAEncryption
24:e2:b4:95:0e:43:13:41:4d:52:a0:79:8c:2f:27:e1:f2:7a:
c9:6d:75:84:fd:a5:dd:58:c3:4d:59:1b:e2:b9:8c:a6:bc:37:
3d:36:6c:ca:61:67:9d:d2:e9:76:d1:2d:3b:a5:25:46:6f:24:
8c:ee:b5:7e:08:02:fb:a1:79:e6:a9:a3:aa:8c:d4:bc:dd:6c:
d1:4e:6f:f8:9c:47:5f:3d:22:20:61:fd:4c:13:d2:b7:0c:26:
09:20:99:d6:03:ca:1c:63:91:23:e1:6c:3b:80:40:71:69:b6:
d0:9d:ea:1e:1a:f1:65:71:92:bf:89:db:84:f7:d2:f6:3a:26:
b9:40:6f:69:6e:ee:bf:75:18:f9:84:77:1a:8b:03:e9:e2:e0:
cc:d9:0b:85:40:08:32:4e:0c:5b:c0:17:98:c6:c5:d2:33:1e:
b6:fb:a3:70:55:ed:19:a0:9d:0f:b5:81:04:a2:57:c5:a7:c9:
ef:4f:e1:48:ad:bf:8a:14:cd:9a:ed:5e:1d:2a:2a:f9:47:c7:
09:68:22:15:cd:4b:7b:bb:a1:cd:69:69:71:10:23:f2:0f:15:
3c:0e:c9:30:ef:29:d9:8d:66:4d:7e:1b:23:26:36:1d:12:c2:
a2:04:b4:2e:01:e9:35:e8:70:b6:e2:45:a8:c4:61:57:7d:25:
92:5b:5d:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYX2r9Tcs2VThV3+cHLDX4GVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI4MDQ0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM5NWQ0NWFlOWJjY2Y2NjE5OWMzMDkzMmMwYjViOGY1N2JlOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrmmosL+dT5eI6Jr/8rLjhtDnmWO
op+7cxGttdJ30Fb33f2YWu7hSr9cJj2oiAxHQEcE6DNKCOyKIANZ5u/qBlQNQl55
EwVK08DWPuEA1ZFBRfvCQzjN0X5kOlJvJm5ud7OvpBb66xrougycKBtvc+IpXDPy
tUrxDjjh2sgbm98fP0QTgT42/X6HtVo5sMGQNAFf5EXuTDS+B8mL0LM1SF6yx6C+
tSXCLYGIBy7JYXGLJA51gA15Eg8Q+WOZPx7LPeLsfl6ogsLQOGgXFx4pNQl9QHoE
+0gkS0vJeLaWa3wU0Ps50WpRWndaJXUoGWIvYp67V/ZVqa0Gfk5oHfnhlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCHJXUWum8z2YZnDCTLAtbj1e+mFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSWNsZFJhNmJ6UFpobWNNSk1zQzF1UFY3NllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBwgA
AwcEKg6xBwkAAwcEKg6xBwuwMA0GCSqGSIb3DQEBCwUAA4IBAQAk4rSVDkMTQU1S
oHmMLyfh8nrJbXWE/aXdWMNNWRviuYymvDc9NmzKYWed0ul20S07pSVGbySM7rV+
CAL7oXnmqaOqjNS83WzRTm/4nEdfPSIgYf1ME9K3DCYJIJnWA8ocY5Ej4Ww7gEBx
abbQneoeGvFlcZK/iduE99L2Oia5QG9pbu6/dRj5hHcaiwPp4uDM2QuFQAgyTgxb
wBeYxsXSMx62+6NwVe0ZoJ0PtYEEolfFp8nvT+FIrb+KFM2a7V4dKir5R8cJaCIV
zUt7u6HNaWlxECPyDxU8Dskw7ynZjWZNfhsjJjYdEsKiBLQuAek16HC24kWoxGFX
fSWSW10K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org