Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KDURvllZAfIdMpLGyFL2qe9h9d0.roa
File: KDURvllZAfIdMpLGyFL2qe9h9d0.roa (raw, json)
Hash identifier: J+dffrw3GhG6q/NsGwzKcfGfGLSzKQy9KGK/ubYDGWU=
Subject key identifier: 28:35:11:BE:59:59:01:F2:1D:32:92:C6:C8:52:F6:A9:EF:61:F5:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7E206A67D608603669A0ADB7F4D90
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KDURvllZAfIdMpLGyFL2qe9h9d0.roa
Signing time: Mon 02 Jan 2023 05:15:22 +0000
ROA not before: Mon 02 Jan 2023 05:15:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209861
IP address blocks: 2a0e:b107:f0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:e2:06:a6:7d:60:86:03:66:9a:0a:db:7f:4d:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=283511be595901f21d3292c6c852f6a9ef61f5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:ae:90:41:c9:2b:51:f1:a6:b5:ce:9d:57:
7c:e6:db:82:d7:4a:05:98:f3:ba:74:50:54:fc:0e:
c1:dd:ff:af:17:e6:42:4e:cd:8b:3b:b3:3c:54:64:
62:08:2f:f6:40:15:87:bb:1d:ed:1c:b0:8b:f8:24:
d8:fe:29:4b:17:64:15:1b:6e:a6:86:e5:eb:c3:02:
2f:82:a2:e7:ea:3e:c5:40:9a:17:c4:c0:1d:c1:09:
b6:f9:5d:4f:ab:37:ba:dd:be:14:0b:6e:66:5a:e5:
be:5c:ca:66:6b:30:93:2a:d7:7a:22:07:4b:77:97:
35:e0:70:a8:71:da:74:01:cc:56:99:cc:cb:72:b9:
26:f4:69:7c:54:87:4b:e6:39:1d:aa:64:3c:db:3e:
9a:9c:a3:9d:8e:b0:44:c4:a7:13:aa:56:a2:a2:fd:
4d:42:ba:6d:b0:c0:90:3c:1e:de:41:55:d0:e2:d5:
6b:14:a3:92:5f:52:82:97:2a:47:ce:c6:0e:be:b8:
0d:d7:56:d0:3b:e7:f4:dc:b7:7b:a0:0b:57:9a:36:
13:61:87:29:a0:54:8d:60:7d:b4:e1:5b:f2:c7:c6:
ba:fc:12:e7:a0:0d:8c:9c:27:03:63:1c:97:f6:b8:
ad:ce:2c:9d:5c:1f:17:67:49:e5:0f:a1:40:85:c4:
d1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:35:11:BE:59:59:01:F2:1D:32:92:C6:C8:52:F6:A9:EF:61:F5:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KDURvllZAfIdMpLGyFL2qe9h9d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f0::/44
Signature Algorithm: sha256WithRSAEncryption
4e:47:0c:c4:27:d5:11:b4:51:13:45:0d:ce:6f:d1:9a:4a:98:
1b:86:d3:32:d9:bb:12:c0:eb:d4:07:ac:d7:f5:6c:7e:9d:f9:
c4:59:1a:ac:e3:73:2e:5b:15:2a:e1:82:cd:b6:68:90:c1:0a:
83:89:10:05:4d:29:df:90:4e:90:46:53:e0:77:00:24:2a:b6:
54:f2:a0:59:9f:30:76:ef:49:82:e3:77:a5:58:68:a5:7e:23:
ec:df:9e:b1:4d:51:82:d3:79:e7:5c:af:17:10:0f:aa:e1:23:
0f:ae:67:f8:e8:32:65:61:56:86:95:8b:c8:2b:95:64:70:dc:
ae:03:33:30:c5:c4:e0:38:a3:46:7b:92:2a:42:74:2f:47:6d:
77:2d:73:24:a4:e9:81:c2:3a:ab:a0:00:82:91:15:4b:e0:2b:
25:02:57:69:f1:6f:8f:42:ee:ca:2e:42:47:87:ad:58:22:30:
6a:ed:b2:2c:0c:10:ac:25:30:1f:a5:81:a0:5f:c3:11:63:cb:
15:65:5f:93:96:72:31:b6:ca:47:fe:74:26:fb:a7:96:1d:a9:
67:26:a2:1b:18:55:9e:17:46:20:0a:cf:b1:0b:ea:5e:14:d6:
48:9f:c1:02:1b:02:8a:33:4d:85:2c:b4:b6:41:30:1f:ad:35:
22:b0:b0:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw5+IGpn1ghgNmmgrbf02QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM1MTFiZTU5NTkwMWYyMWQzMjkyYzZjODUyZjZhOWVmNjFmNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtaukEHJK1HxprXOnVd85tuC10oF
mPO6dFBU/A7B3f+vF+ZCTs2LO7M8VGRiCC/2QBWHux3tHLCL+CTY/ilLF2QVG26m
huXrwwIvgqLn6j7FQJoXxMAdwQm2+V1Pqze63b4UC25mWuW+XMpmazCTKtd6IgdL
d5c14HCocdp0AcxWmczLcrkm9Gl8VIdL5jkdqmQ82z6anKOdjrBExKcTqlaiov1N
QrptsMCQPB7eQVXQ4tVrFKOSX1KClypHzsYOvrgN11bQO+f03Ld7oAtXmjYTYYcp
oFSNYH204Vvyx8a6/BLnoA2MnCcDYxyX9ritziydXB8XZ0nlD6FAhcTR5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCg1Eb5ZWQHyHTKSxshS9qnvYfXdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS0RVUnZsbFpBZklkTXBMR3lGTDJxZTloOWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwDw
MA0GCSqGSIb3DQEBCwUAA4IBAQBORwzEJ9URtFETRQ3Ob9GaSpgbhtMy2bsSwOvU
B6zX9Wx+nfnEWRqs43MuWxUq4YLNtmiQwQqDiRAFTSnfkE6QRlPgdwAkKrZU8qBZ
nzB270mC43elWGilfiPs356xTVGC03nnXK8XEA+q4SMPrmf46DJlYVaGlYvIK5Vk
cNyuAzMwxcTgOKNGe5IqQnQvR213LXMkpOmBwjqroACCkRVL4CslAldp8W+PQu7K
LkJHh61YIjBq7bIsDBCsJTAfpYGgX8MRY8sVZV+TlnIxtspH/nQm+6eWHalnJqIb
GFWeF0YgCs+xC+peFNZIn8ECGwKKM02FLLS2QTAfrTUisLDj
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org