Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KbSrfI7faiarw6kqV2_MuAcaSbE.roa
File: KbSrfI7faiarw6kqV2_MuAcaSbE.roa (raw, json)
Hash identifier: u6pffmKBMNIji0FxoGSw8CA3mDX68f0GbRhZpVKlWuU=
Subject key identifier: 29:B4:AB:7C:8E:DF:6A:26:AB:C3:A9:2A:57:6F:CC:B8:07:1A:49:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B110D2982A9FEEE307D29368A7F7A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KbSrfI7faiarw6kqV2_MuAcaSbE.roa
Signing time: Tue 24 Jan 2023 16:09:57 +0000
ROA not before: Tue 24 Jan 2023 16:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213263
IP address blocks: 2a0e:b107:980::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:11:0d:29:82:a9:fe:ee:30:7d:29:36:8a:7f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b4ab7c8edf6a26abc3a92a576fccb8071a49b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:6d:c8:0d:85:54:f4:2d:10:99:54:8a:eb:
6b:0b:88:f8:15:db:d3:5b:77:30:fb:cc:99:55:fc:
80:ce:0e:a0:be:5b:5b:f2:b5:19:2a:b3:2d:2d:ea:
e5:89:08:bb:b9:06:2b:bf:1d:63:6c:1e:1d:25:6f:
12:0a:5b:51:2b:5b:67:91:64:bb:f8:ac:09:c8:68:
3d:93:79:e6:6e:da:f9:c8:59:87:a4:ed:5b:51:9f:
a0:a8:b0:22:a6:83:f3:ec:ae:7b:9c:9b:f7:80:68:
19:11:8a:6a:1c:a3:4a:09:f3:84:dc:3b:95:21:6d:
b1:38:9f:34:9e:17:97:84:22:02:eb:38:89:36:8e:
9a:74:f8:49:ad:2a:53:16:c8:3c:41:83:55:d8:2a:
e5:a1:57:3e:aa:ec:7b:4a:78:c2:e4:ad:af:3a:18:
c5:6a:4f:93:97:6a:5f:a6:d9:e5:80:b8:c0:68:5a:
8e:eb:50:64:cc:a5:fc:8b:4f:95:24:65:68:c2:90:
21:48:d2:07:41:f7:22:d7:84:4e:34:fe:9b:df:9a:
c1:43:4b:ef:11:ea:bb:4a:63:0e:28:ba:a8:99:71:
65:dc:42:6a:bb:e7:4e:40:82:9f:82:de:84:7f:32:
42:da:63:b7:ca:d3:2f:0e:74:cd:b0:8d:f3:31:9e:
b5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B4:AB:7C:8E:DF:6A:26:AB:C3:A9:2A:57:6F:CC:B8:07:1A:49:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KbSrfI7faiarw6kqV2_MuAcaSbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:980::/44
Signature Algorithm: sha256WithRSAEncryption
25:1d:b2:2a:cd:aa:12:d9:72:e1:b1:c9:3b:00:6d:01:47:a6:
49:12:53:7a:00:3b:6a:74:79:84:2b:6f:a1:e0:cf:d6:a1:2f:
1e:25:e0:3f:24:d0:d5:4d:75:c9:c5:a4:64:f5:d2:04:11:3f:
be:34:60:3b:34:75:9a:c8:db:b9:91:07:19:83:77:26:a5:d7:
98:0d:e2:bd:c0:90:54:02:b7:b4:d8:f1:7e:f4:01:97:c8:b4:
40:d1:d3:22:e8:20:a0:20:a2:36:61:91:56:b5:b5:65:97:79:
e5:5c:15:52:70:f2:5d:e4:d9:fe:66:1f:b3:22:df:98:3f:8b:
ae:72:3e:73:71:cd:fa:f3:4a:15:32:99:1e:6a:47:70:6e:0a:
53:0d:9e:1f:a7:f2:08:65:4b:e0:a7:dd:af:96:c0:53:29:db:
7b:d6:5f:2d:cf:7d:f8:7b:ba:a2:4f:ea:38:62:6c:fb:24:58:
ca:ca:22:72:33:f1:da:f9:d8:95:4b:d9:58:a9:f6:94:6e:a6:
95:73:95:fc:5a:8b:15:7c:60:ce:f3:a8:31:64:64:e4:37:b2:
7a:65:cd:b2:45:eb:4f:1d:39:2d:71:b7:25:5b:18:b9:2e:9a:
15:57:7f:a2:06:92:81:b0:f6:82:8f:17:24:14:49:3f:20:7c:
65:c5:99:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkixENKYKp/u4wfSk2in96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI0YWI3YzhlZGY2YTI2YWJjM2E5MmE1NzZmY2NiODA3MWE0OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJptyA2FVPQtEJlUiutrC4j4FdvT
W3cw+8yZVfyAzg6gvltb8rUZKrMtLerliQi7uQYrvx1jbB4dJW8SCltRK1tnkWS7
+KwJyGg9k3nmbtr5yFmHpO1bUZ+gqLAipoPz7K57nJv3gGgZEYpqHKNKCfOE3DuV
IW2xOJ80nheXhCIC6ziJNo6adPhJrSpTFsg8QYNV2CrloVc+qux7SnjC5K2vOhjF
ak+Tl2pfptnlgLjAaFqO61BkzKX8i0+VJGVowpAhSNIHQfci14RONP6b35rBQ0vv
Eeq7SmMOKLqomXFl3EJqu+dOQIKfgt6EfzJC2mO3ytMvDnTNsI3zMZ61EwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCm0q3yO32omq8OpKldvzLgHGkmxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS2JTcmZJN2ZhaWFydzZrcVYyX011QWNhU2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwmA
MA0GCSqGSIb3DQEBCwUAA4IBAQAlHbIqzaoS2XLhsck7AG0BR6ZJElN6ADtqdHmE
K2+h4M/WoS8eJeA/JNDVTXXJxaRk9dIEET++NGA7NHWayNu5kQcZg3cmpdeYDeK9
wJBUAre02PF+9AGXyLRA0dMi6CCgIKI2YZFWtbVll3nlXBVScPJd5Nn+Zh+zIt+Y
P4uucj5zcc3680oVMpkeakdwbgpTDZ4fp/IIZUvgp92vlsBTKdt71l8tz334e7qi
T+o4Ymz7JFjKyiJyM/Ha+diVS9lYqfaUbqaVc5X8WosVfGDO86gxZGTkN7J6Zc2y
RetPHTktcbclWxi5LpoVV3+iBpKBsPaCjxckFEk/IHxlxZnb
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org