Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JSXsEWR1MogXKwmKlgfzgzG4ES8.roa
File: JSXsEWR1MogXKwmKlgfzgzG4ES8.roa (raw, json)
Hash identifier: R2p6eWKYCFF/vhHh65LSklNIt/ie3vHG8UJcxinkPRQ=
Subject key identifier: 25:25:EC:11:64:75:32:88:17:2B:09:8A:96:07:F3:83:31:B8:11:2F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018843951B80BDEFA4D947F673D84FBFB46A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JSXsEWR1MogXKwmKlgfzgzG4ES8.roa
Signing time: Mon 22 May 2023 13:10:25 +0000
ROA not before: Mon 22 May 2023 13:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202256
IP address blocks: 2a10:ccc7:9000::/40 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a06:de01:800::/38 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:95:1b:80:bd:ef:a4:d9:47:f6:73:d8:4f:bf:b4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 22 13:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2525ec1164753288172b098a9607f38331b8112f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:92:26:0c:f1:96:c6:56:2b:cc:85:5a:31:
40:65:c9:48:c8:b4:87:4b:ee:0b:09:ba:5b:66:5b:
0b:79:60:12:6d:70:7b:b2:1e:c5:0a:5b:a2:31:bb:
1b:ad:ab:c9:f4:3a:43:74:8e:7c:7b:f7:39:f3:82:
8a:02:5d:7c:dc:37:fb:3c:05:6e:03:fd:ce:f4:8f:
fc:7b:85:9f:e8:0f:d4:21:05:f9:9c:1c:c3:42:9a:
93:3e:9b:ff:2a:e2:21:87:72:89:95:ae:03:de:3c:
bd:d3:30:34:9c:ea:3c:81:94:2f:f0:d3:9e:11:ec:
38:bb:c2:71:30:83:5c:d1:87:d9:af:c0:e1:cc:7b:
e9:f7:5e:1a:42:ec:7c:6e:64:4c:0f:dc:ae:dc:c2:
f2:8e:bc:c5:8b:5e:e8:b7:9d:b0:73:c6:53:4d:a7:
1e:eb:a9:75:b1:db:54:f6:63:25:90:01:dc:4e:92:
04:52:b5:3e:ff:46:d9:9b:41:76:f6:c4:6f:a2:22:
bd:75:3b:3d:72:e0:c7:6e:33:4d:44:96:30:2f:76:
6e:5a:d4:50:e2:1e:e9:62:9e:2f:d2:c8:ee:c1:f3:
5b:a4:c2:0a:e9:b7:08:90:68:45:1b:0c:1a:f4:92:
b8:8b:bb:75:90:3b:21:2c:73:13:5a:11:4c:a2:27:
e8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:25:EC:11:64:75:32:88:17:2B:09:8A:96:07:F3:83:31:B8:11:2F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JSXsEWR1MogXKwmKlgfzgzG4ES8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:800::/38
2a0e:97c6:4000::/34
2a10:ccc7:9000::/40
Signature Algorithm: sha256WithRSAEncryption
13:27:f8:6b:48:02:52:0f:eb:aa:f9:d1:af:6b:a9:d9:15:13:
c7:18:52:ba:f5:d0:13:8f:e3:19:c6:38:d1:90:1a:8b:0d:53:
4f:ac:c6:c4:65:b7:0a:c5:3e:5e:e0:31:5d:62:86:83:71:d8:
27:ca:4f:f4:23:25:13:2b:35:60:cb:2e:38:f9:20:62:2b:9f:
59:20:94:c9:18:24:30:2d:37:e8:14:d1:4f:53:aa:b7:c9:93:
8a:1d:51:49:e3:aa:27:44:f9:5c:e9:87:3d:bd:ea:8e:fb:fa:
10:cd:de:b1:6a:1c:f9:90:b4:f2:6a:f9:df:cb:3a:b6:12:a7:
ba:2c:45:ab:08:5f:b2:1e:67:8a:35:d9:4d:e2:d9:ad:84:87:
3c:06:fd:42:32:be:e9:08:b1:bc:c0:81:45:5c:18:20:b1:ce:
5b:94:04:d8:4a:d6:5e:f5:63:26:39:76:a2:0a:fc:83:f7:49:
b9:62:19:89:55:10:a8:e4:c3:61:b1:8b:4f:a6:ba:7a:eb:b2:
8f:f9:dc:ac:52:79:92:51:3c:80:8d:c0:d7:60:8c:aa:44:15:
9a:0f:e8:8e:94:60:27:e2:ef:92:f6:76:c8:f6:02:36:a7:d4:
09:61:20:6e:03:a6:bc:1c:34:89:3b:9d:d0:23:40:bd:6e:42:
f2:86:db:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhDlRuAve+k2Uf2c9hPv7RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTIyMTMxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI1ZWMxMTY0NzUzMjg4MTcyYjA5OGE5NjA3ZjM4MzMxYjgxMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxCSJgzxlsZWK8yFWjFAZclIyLSH
S+4LCbpbZlsLeWASbXB7sh7FCluiMbsbravJ9DpDdI58e/c584KKAl183Df7PAVu
A/3O9I/8e4Wf6A/UIQX5nBzDQpqTPpv/KuIhh3KJla4D3jy90zA0nOo8gZQv8NOe
Eew4u8JxMINc0YfZr8DhzHvp914aQux8bmRMD9yu3MLyjrzFi17ot52wc8ZTTace
66l1sdtU9mMlkAHcTpIEUrU+/0bZm0F29sRvoiK9dTs9cuDHbjNNRJYwL3ZuWtRQ
4h7pYp4v0sjuwfNbpMIK6bcIkGhFGwwa9JK4i7t1kDshLHMTWhFMoifoPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUl7BFkdTKIFysJipYH84MxuBEvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSlNYc0VXUjFNb2dYS3dtS2xnZnpnekc0RVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYCKgbeAQgD
BgYqDpfGQAMGACoQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQATJ/hrSAJSD+uq+dGv
a6nZFRPHGFK69dATj+MZxjjRkBqLDVNPrMbEZbcKxT5e4DFdYoaDcdgnyk/0IyUT
KzVgyy44+SBiK59ZIJTJGCQwLTfoFNFPU6q3yZOKHVFJ46onRPlc6Yc9veqO+/oQ
zd6xahz5kLTyavnfyzq2Eqe6LEWrCF+yHmeKNdlN4tmthIc8Bv1CMr7pCLG8wIFF
XBggsc5blATYStZe9WMmOXaiCvyD90m5YhmJVRCo5MNhsYtPprp667KP+dysUnmS
UTyAjcDXYIyqRBWaD+iOlGAn4u+S9nbI9gI2p9QJYSBuA6a8HDSJO53QI0C9bkLy
htvg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org