Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JiUwX0eBndsCG01SNjAw1u56MnU.roa
File: JiUwX0eBndsCG01SNjAw1u56MnU.roa (raw, json)
Hash identifier: /6p6FG0biwGtKBpIsrT6RXsCLAP3dn8NPg3B9dtEX7U=
Subject key identifier: 26:25:30:5F:47:81:9D:DB:02:1B:4D:52:36:30:30:D6:EE:7A:32:75
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7FEEE612AD540BCACEDAE81A25C95
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JiUwX0eBndsCG01SNjAw1u56MnU.roa
Signing time: Mon 02 Jan 2023 05:15:30 +0000
ROA not before: Mon 02 Jan 2023 05:15:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211275
IP address blocks: 2a0e:97c0:410::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:41c::/48 maxlen: 48
2a0e:97c0:41f::/48 maxlen: 48
2a0e:97c0:412::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:fe:ee:61:2a:d5:40:bc:ac:ed:ae:81:a2:5c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2625305f47819ddb021b4d52363030d6ee7a3275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ed:6d:b8:b1:8e:de:5e:42:40:2d:27:2f:49:
f4:ea:db:e8:e1:91:94:c2:d9:ef:ed:96:d6:36:71:
a2:3e:da:f9:82:0d:6b:53:b7:a7:f5:e4:d0:24:52:
d3:5b:c6:8c:08:96:3c:fc:86:f4:9e:b3:81:04:83:
a2:49:34:61:5f:d2:24:bd:92:e1:0a:cc:8a:f8:b4:
81:d8:d3:fb:4c:1f:7e:c1:7f:46:99:9c:91:a6:21:
0a:d3:a2:a1:7a:bc:6c:42:90:07:6e:ba:71:0f:58:
68:12:77:e7:5a:6d:3b:07:74:24:7b:ed:f8:c3:11:
18:3d:3b:47:32:68:a4:88:aa:c6:3b:ce:37:7b:7a:
f6:20:ad:e3:02:18:d5:b1:9d:ae:3e:94:dd:ea:81:
ef:b3:df:4a:c0:6c:1a:9f:3f:d4:23:03:a7:b2:6b:
73:98:42:65:a8:b8:2d:64:75:02:aa:51:6c:a5:6b:
30:9e:de:7b:22:97:83:bd:2f:de:e4:a4:2c:53:ea:
4f:e2:91:44:68:dc:d5:89:cc:e6:90:89:eb:cf:8f:
d7:e0:1d:8d:bc:df:13:26:fa:7f:ff:d2:4a:92:bc:
13:55:d0:59:9e:13:51:70:c3:21:fb:93:bc:38:3f:
22:6c:56:08:3b:0c:2e:77:47:ae:87:1f:54:bc:95:
6f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:25:30:5F:47:81:9D:DB:02:1B:4D:52:36:30:30:D6:EE:7A:32:75
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JiUwX0eBndsCG01SNjAw1u56MnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:410::-2a0e:97c0:412:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:41c::/48
2a0e:97c0:41f::/48
Signature Algorithm: sha256WithRSAEncryption
35:4a:cd:87:9b:a8:71:bb:ee:2d:96:70:b5:24:0b:5f:be:1b:
a6:25:8a:54:0c:ea:fd:d4:3a:93:6e:e9:ce:6a:ec:f2:16:81:
30:5c:b3:c6:c7:20:31:69:4d:31:9f:21:55:46:28:e2:24:e3:
4d:44:a7:54:15:65:79:c0:94:d9:bf:c6:50:bb:da:0a:99:80:
fe:ce:bc:97:c6:dd:70:1b:14:d9:f8:8f:33:38:f6:30:17:0c:
c2:cd:0d:5b:99:5f:5b:95:99:4f:3b:98:d0:63:1c:33:1b:3e:
7d:80:84:bd:31:4e:db:08:db:e1:a5:28:c8:d1:e2:96:a3:25:
3a:49:c6:ec:b9:d0:bb:6c:1a:9c:15:35:38:d1:a0:55:07:fc:
6d:23:49:a3:d7:88:a5:0c:14:47:31:79:26:fa:a9:26:74:b2:
a5:05:0f:ed:d5:25:ac:b5:8b:6c:b5:a6:6e:b4:b5:06:db:7c:
a8:0e:7c:3b:58:99:b0:65:78:92:e6:f8:46:1d:67:df:88:3e:
ca:18:fd:ee:7f:cf:6e:e7:cf:73:0d:d1:24:92:8c:0e:93:52:
88:3f:54:a8:cb:24:21:2f:90:41:29:2d:f8:5a:ad:98:36:93:
8a:10:80:76:60:1f:38:07:84:4c:bd:c9:75:d2:d1:d7:99:e2:
22:08:10:54
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVw5/7uYSrVQLys7a6BolyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjI1MzA1ZjQ3ODE5ZGRiMDIxYjRkNTIzNjMwMzBkNmVlN2EzMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+1tuLGO3l5CQC0nL0n06tvo4ZGU
wtnv7ZbWNnGiPtr5gg1rU7en9eTQJFLTW8aMCJY8/Ib0nrOBBIOiSTRhX9IkvZLh
CsyK+LSB2NP7TB9+wX9GmZyRpiEK06KherxsQpAHbrpxD1hoEnfnWm07B3Qke+34
wxEYPTtHMmikiKrGO843e3r2IK3jAhjVsZ2uPpTd6oHvs99KwGwanz/UIwOnsmtz
mEJlqLgtZHUCqlFspWswnt57IpeDvS/e5KQsU+pP4pFEaNzViczmkInrz4/X4B2N
vN8TJvp//9JKkrwTVdBZnhNRcMMh+5O8OD8ibFYIOwwud0euhx9UvJVv5QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCYlMF9HgZ3bAhtNUjYwMNbuejJ1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSmlVd1gwZUJuZHNDRzAxU05qQXcxdTU2TW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQqDpfA
BBADBwAqDpfABBIDBwAqDpfABBwDBwAqDpfABB8wDQYJKoZIhvcNAQELBQADggEB
ADVKzYebqHG77i2WcLUkC1++G6YlilQM6v3UOpNu6c5q7PIWgTBcs8bHIDFpTTGf
IVVGKOIk401Ep1QVZXnAlNm/xlC72gqZgP7OvJfG3XAbFNn4jzM49jAXDMLNDVuZ
X1uVmU87mNBjHDMbPn2AhL0xTtsI2+GlKMjR4pajJTpJxuy50LtsGpwVNTjRoFUH
/G0jSaPXiKUMFEcxeSb6qSZ0sqUFD+3VJay1i2y1pm60tQbbfKgOfDtYmbBleJLm
+EYdZ9+IPsoY/e5/z27nz3MN0SSSjA6TUog/VKjLJCEvkEEpLfharZg2k4oQgHZg
HzgHhEy9yXXS0deZ4iIIEFQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org