Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LhfIuqoVYcJkoVf2F_UBc1Nq7X8.roa
File: LhfIuqoVYcJkoVf2F_UBc1Nq7X8.roa (raw, json)
Hash identifier: xvmKj+fie45Wj6weaOipsxeCKdq7Jdwl+Bhg15oeR0Y=
Subject key identifier: 2E:17:C8:BA:AA:15:61:C2:64:A1:57:F6:17:F5:01:73:53:6A:ED:7F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A84D93AF168BE2AB8295D770122D64B37
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LhfIuqoVYcJkoVf2F_UBc1Nq7X8.roa
Signing time: Mon 11 Sep 2023 15:25:43 +0000
ROA not before: Mon 11 Sep 2023 15:25:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a0e:b107:1870::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a10:ccc3:ccc2::/48 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:b107:5d0::/44 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:97c0:76f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:d9:3a:f1:68:be:2a:b8:29:5d:77:01:22:d6:4b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 11 15:25:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e17c8baaa1561c264a157f617f50173536aed7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a4:5d:75:bc:b0:d4:e3:12:cc:d1:3e:73:d2:
8d:68:6e:8a:1a:fe:86:8e:56:c0:2e:47:e1:68:eb:
79:60:ef:1b:cb:25:16:2d:54:a7:78:97:f6:c8:ec:
b6:d6:6f:45:ff:ea:83:18:9a:15:ca:b3:5b:32:28:
1d:d3:da:82:31:28:5e:5f:29:f3:af:c3:42:68:49:
3a:7b:91:67:b6:93:df:f3:1d:80:df:1c:af:70:c9:
be:7f:a7:4e:f2:27:83:8d:ed:aa:a3:e3:b9:3e:bf:
12:59:e4:a8:94:ac:cc:12:b0:90:0e:d7:01:6c:5d:
aa:2c:f2:a4:aa:52:3f:d0:43:9b:d9:ad:49:fe:8b:
cb:fe:1e:99:73:93:b5:e4:40:ad:ea:81:13:05:1a:
d8:96:e5:2d:dc:22:f6:05:e8:0a:8f:62:7b:23:d3:
fd:85:26:e2:e1:d7:f5:24:cc:fe:ba:ad:24:bd:7e:
ea:99:03:37:b4:f2:e7:f6:37:a1:d4:83:a1:cb:e8:
b9:c1:2f:f2:91:af:fe:70:1e:c7:80:04:3e:d7:6b:
8d:59:1f:eb:b0:f9:56:6e:b9:3f:2c:cd:fc:8b:73:
d8:43:ed:cb:be:51:dc:e7:9b:14:a6:51:97:3d:9a:
14:56:cb:d7:3b:71:64:d7:5b:2f:03:40:cf:69:ed:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:C8:BA:AA:15:61:C2:64:A1:57:F6:17:F5:01:73:53:6A:ED:7F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LhfIuqoVYcJkoVf2F_UBc1Nq7X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:76f::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:5d0::/44
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a10:ccc3:ccc2::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
90:da:e5:7f:6c:9a:3a:a0:12:71:a0:26:89:ab:81:21:86:df:
53:17:e8:02:31:5e:cb:93:2c:59:f7:79:d9:10:a2:55:04:83:
b2:cb:52:84:02:23:5f:a8:8b:26:e4:59:b8:1f:db:32:ad:65:
19:dc:b7:71:a2:ca:bf:b0:6a:b9:27:60:e0:ea:ff:98:4d:ac:
08:b1:b5:43:82:fb:1e:61:e3:e2:aa:00:1e:88:ac:10:4e:93:
31:73:f2:d0:e3:be:7d:a3:df:12:d7:2b:bd:06:7e:69:86:43:
c0:a2:1d:87:cf:a0:ac:56:df:7e:4f:54:53:9b:1a:49:0f:3a:
a6:03:cb:47:b1:e2:56:84:4c:ec:5e:17:28:14:ca:db:8c:9e:
39:a3:ef:f2:08:0e:e4:d1:af:20:fa:2e:1d:c0:cf:90:f4:b2:
96:08:07:db:24:5d:81:a4:8e:d4:63:1c:e6:3e:ea:c5:64:7c:
66:a2:f1:83:66:13:86:b2:0b:0d:d2:5a:c9:b6:1b:9b:23:bf:
42:12:b7:90:ca:bd:c9:48:70:3f:65:27:ce:19:6f:3b:29:b7:
54:1a:e1:4a:78:9c:c2:a3:fa:4d:1c:9e:51:02:1b:6a:a9:d9:
3e:89:da:3a:9a:9c:92:bc:1d:fd:fc:14:43:2c:83:b4:c4:fa:
ff:f1:74:1d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYqE2TrxaL4quClddwEi1ks3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTExMTUyNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE3YzhiYWFhMTU2MWMyNjRhMTU3ZjYxN2Y1MDE3MzUzNmFlZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6Rddbyw1OMSzNE+c9KNaG6KGv6G
jlbALkfhaOt5YO8byyUWLVSneJf2yOy21m9F/+qDGJoVyrNbMigd09qCMSheXynz
r8NCaEk6e5FntpPf8x2A3xyvcMm+f6dO8ieDje2qo+O5Pr8SWeSolKzMErCQDtcB
bF2qLPKkqlI/0EOb2a1J/ovL/h6Zc5O15ECt6oETBRrYluUt3CL2BegKj2J7I9P9
hSbi4df1JMz+uq0kvX7qmQM3tPLn9jeh1IOhy+i5wS/yka/+cB7HgAQ+12uNWR/r
sPlWbrk/LM38i3PYQ+3LvlHc55sUplGXPZoUVsvXO3Fk11svA0DPae3wJwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFC4XyLqqFWHCZKFX9hf1AXNTau1/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTGhmSXVxb1ZZY0prb1ZmMkZfVUJjMU5xN1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQCAAIwfQMGACoM
O4f/AwcAKg6XwAdQAwcAKg6XwAdvMBIDBwAqDpfAB5EDBwAqDpfAB5IDBgIqDpfE
rAMHBCoOsQcF0AMHACoOsQcJ9AMHACoOsQcJ9gMHACoOsQcN8gMHACoOsQcYcAMH
ACoOsQcbngMHACoQzMPMwgMGAioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQCQ2uV/
bJo6oBJxoCaJq4Ehht9TF+gCMV7LkyxZ93nZEKJVBIOyy1KEAiNfqIsm5Fm4H9sy
rWUZ3Ldxosq/sGq5J2Dg6v+YTawIsbVDgvseYePiqgAeiKwQTpMxc/LQ4759o98S
1yu9Bn5phkPAoh2Hz6CsVt9+T1RTmxpJDzqmA8tHseJWhEzsXhcoFMrbjJ45o+/y
CA7k0a8g+i4dwM+Q9LKWCAfbJF2BpI7UYxzmPurFZHxmovGDZhOGsgsN0lrJthub
I79CEreQyr3JSHA/ZSfOGW87KbdUGuFKeJzCo/pNHJ5RAhtqqdk+ido6mpySvB39
/BRDLIO0xPr/8XQd
-----END CERTIFICATE-----
Generated at Thu Sep 21 18:11:57 2023 by rpki-client on console-ams.rpki-client.org