Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KXMhcLOcjFjmtd1gPq2ettgFPpA.roa
File: KXMhcLOcjFjmtd1gPq2ettgFPpA.roa (raw, json)
Hash identifier: 6xaSF0ETdavcN6kQegUr+7Bqbj0obhShso3mVGiTu5k=
Subject key identifier: 29:73:21:70:B3:9C:8C:58:E6:B5:DD:60:3E:AD:9E:B6:D8:05:3E:90
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01877B2A4C39E3A78D310E0B5EE948C97394
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KXMhcLOcjFjmtd1gPq2ettgFPpA.roa
Signing time: Thu 13 Apr 2023 15:09:42 +0000
ROA not before: Thu 13 Apr 2023 15:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202929
IP address blocks: 2a0e:97c0:510::/47 maxlen: 48
2a0e:97c0:513::/48 maxlen: 48
2a0e:97c0:514::/47 maxlen: 48
2a0e:97c0:512::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:2a:4c:39:e3:a7:8d:31:0e:0b:5e:e9:48:c9:73:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 13 15:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29732170b39c8c58e6b5dd603ead9eb6d8053e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:37:8d:dc:85:9d:16:0a:c1:98:8c:68:02:8c:
d8:97:33:5a:ff:9a:94:e2:73:12:a9:9a:9f:3c:87:
ef:60:8e:b0:d1:b8:5c:22:62:38:3b:85:8a:91:ed:
d6:76:ff:b1:37:b4:e5:62:45:4d:b6:f3:3b:af:57:
a7:42:88:cc:c3:51:99:34:c8:e0:f9:0d:ac:71:46:
fe:1e:49:3d:bd:20:30:f1:c7:5a:27:d7:c7:8f:69:
3f:15:43:8d:47:08:41:af:27:d0:8b:3b:c8:ac:a4:
d6:89:75:8a:c3:b7:6a:2d:f9:03:0f:52:47:db:c3:
7a:7e:98:90:ce:47:c5:a8:01:d8:11:10:d1:59:19:
50:7c:a1:8c:8f:a5:07:41:a0:34:bd:7b:84:06:4e:
ac:df:8d:66:36:5d:a7:1b:37:a4:59:d6:3b:a5:61:
68:9a:de:bd:fe:1d:58:5a:48:20:73:52:a1:43:ef:
d7:df:9f:f6:3d:e4:2a:6a:61:3b:30:a2:9a:4f:44:
c5:33:d9:74:16:4a:af:1c:97:58:ad:45:b5:72:bc:
fe:93:e8:67:c4:d5:6c:44:1e:f1:f0:e5:75:21:1a:
97:72:1c:84:e2:42:d6:51:f8:33:40:6c:e5:d8:28:
e0:af:d8:4c:5c:e1:f5:60:70:42:cf:c6:e2:f8:93:
75:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:73:21:70:B3:9C:8C:58:E6:B5:DD:60:3E:AD:9E:B6:D8:05:3E:90
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KXMhcLOcjFjmtd1gPq2ettgFPpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:510::-2a0e:97c0:515:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:be:a4:8b:7f:e8:b7:8b:5f:52:a2:62:41:23:dc:5a:6a:0e:
8f:8d:ca:c8:ac:73:3b:f1:2e:65:c8:71:0b:2d:65:18:65:75:
a7:b9:ac:d9:9f:87:84:bf:50:a9:03:ea:70:0d:12:44:ea:25:
4f:c3:57:e6:72:8b:b8:81:56:9f:a5:47:fb:f7:3f:14:61:dd:
85:5c:3d:88:3a:b9:b6:12:69:27:98:18:78:fe:64:d2:e1:94:
2d:3a:ba:74:c2:7a:3f:2e:7d:98:6c:6c:2e:b5:08:55:bc:89:
b8:e5:cd:be:55:48:9f:f1:c4:c9:01:b5:47:d6:69:42:61:a4:
8c:c6:51:1e:51:7a:6e:af:6c:63:d3:68:6a:1f:b5:d6:e7:f2:
e3:f1:05:ca:8a:1f:dd:67:66:1f:55:0d:d5:f6:c0:46:eb:62:
f8:dd:3d:1a:cc:af:b9:39:82:8a:b1:40:bf:08:3a:5b:30:21:
6d:27:39:37:b3:5c:96:4d:04:93:ae:77:82:6e:cc:86:01:56:
6b:96:17:be:57:27:d5:4c:99:37:67:14:b0:ac:7f:17:9d:ca:
87:03:1c:69:66:52:71:54:85:aa:d3:ec:05:3a:1a:46:7e:ff:
df:d5:50:d1:98:a2:f1:56:5c:e0:20:12:52:4b:9c:47:65:c6:
3b:b5:11:7b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYd7Kkw546eNMQ4LXulIyXOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDEzMTUwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTczMjE3MGIzOWM4YzU4ZTZiNWRkNjAzZWFkOWViNmQ4MDUzZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDeN3IWdFgrBmIxoAozYlzNa/5qU
4nMSqZqfPIfvYI6w0bhcImI4O4WKke3Wdv+xN7TlYkVNtvM7r1enQojMw1GZNMjg
+Q2scUb+Hkk9vSAw8cdaJ9fHj2k/FUONRwhBryfQizvIrKTWiXWKw7dqLfkDD1JH
28N6fpiQzkfFqAHYERDRWRlQfKGMj6UHQaA0vXuEBk6s341mNl2nGzekWdY7pWFo
mt69/h1YWkggc1KhQ+/X35/2PeQqamE7MKKaT0TFM9l0FkqvHJdYrUW1crz+k+hn
xNVsRB7x8OV1IRqXchyE4kLWUfgzQGzl2Cjgr9hMXOH1YHBCz8bi+JN1hwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFClzIXCznIxY5rXdYD6tnrbYBT6QMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS1hNaGNMT2NqRmptdGQxZ1BxMmV0dGdGUHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
BRADBwEqDpfABRQwDQYJKoZIhvcNAQELBQADggEBAKW+pIt/6LeLX1KiYkEj3Fpq
Do+NysisczvxLmXIcQstZRhldae5rNmfh4S/UKkD6nANEkTqJU/DV+Zyi7iBVp+l
R/v3PxRh3YVcPYg6ubYSaSeYGHj+ZNLhlC06unTCej8ufZhsbC61CFW8ibjlzb5V
SJ/xxMkBtUfWaUJhpIzGUR5Rem6vbGPTaGoftdbn8uPxBcqKH91nZh9VDdX2wEbr
YvjdPRrMr7k5goqxQL8IOlswIW0nOTezXJZNBJOud4JuzIYBVmuWF75XJ9VMmTdn
FLCsfxedyocDHGlmUnFUharT7AU6GkZ+/9/VUNGYovFWXOAgElJLnEdlxju1EXs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org