Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M90BpwBBXLVFxD7iDZFY7q2YY_I.roa
File: M90BpwBBXLVFxD7iDZFY7q2YY_I.roa (raw, json)
Hash identifier: geOACDKjnoV3RM5/oE5ffAeX+sZHZy14RKjAkcyT5wA=
Subject key identifier: 33:DD:01:A7:00:41:5C:B5:45:C4:3E:E2:0D:91:58:EE:AD:98:63:F2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7A64DFA2F09F598423930BB137CAC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M90BpwBBXLVFxD7iDZFY7q2YY_I.roa
Signing time: Mon 02 Jan 2023 05:15:07 +0000
ROA not before: Mon 02 Jan 2023 05:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202000
IP address blocks: 2a0e:97c0:c50::/44 maxlen: 48
2a0e:b107:1ca0::/44 maxlen: 48
2a0e:b107:1c20::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:a6:4d:fa:2f:09:f5:98:42:39:30:bb:13:7c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33dd01a700415cb545c43ee20d9158eead9863f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d8:c9:ff:5d:38:37:7e:dd:ab:4a:bc:e9:d1:
ff:48:64:7b:b0:41:01:e4:ac:cb:5e:d3:e2:e6:65:
fa:63:2c:fa:ad:20:14:d3:a8:ad:c4:03:8b:ac:98:
5b:31:de:32:df:d7:9c:69:1a:66:db:e6:66:7d:94:
42:44:30:a5:ff:e8:ec:b9:f3:9d:0f:d3:73:af:cc:
1a:8f:e6:52:22:5a:0c:06:6a:f1:8a:0c:f0:b7:c1:
0c:04:ac:7d:4c:f6:d8:d4:90:f0:00:a3:8c:3f:bf:
a6:c3:22:cc:4e:26:91:14:4f:b2:bf:a6:2b:f2:d4:
a4:44:ab:9f:7f:1b:4e:9f:c4:08:df:0a:2a:c4:fd:
e3:cf:f0:99:30:bf:21:e4:fa:0d:0d:eb:78:c2:2e:
e0:30:0e:99:b8:06:34:85:af:6a:f2:d9:71:df:6d:
94:c1:e8:62:fd:d1:fa:e9:e7:db:3c:e2:0f:4c:18:
fb:60:a0:b5:30:10:a6:a9:b6:d5:2a:44:9f:24:89:
d8:c0:a3:fc:91:c3:d2:55:6e:98:ca:ca:b0:fc:2f:
54:a3:22:36:88:94:59:b4:46:f0:ed:3e:0d:7e:3e:
b1:76:f2:07:7a:4b:01:cf:de:6c:f4:7a:d6:ee:42:
43:20:41:1d:0a:cd:2a:e2:2f:25:ca:2c:3a:0d:58:
01:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DD:01:A7:00:41:5C:B5:45:C4:3E:E2:0D:91:58:EE:AD:98:63:F2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M90BpwBBXLVFxD7iDZFY7q2YY_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c50::/44
2a0e:b107:1c20::/44
2a0e:b107:1ca0::/44
Signature Algorithm: sha256WithRSAEncryption
b2:ca:e3:b3:17:32:88:ff:8e:aa:79:64:e1:51:8e:f4:e6:f5:
d6:1e:4b:88:74:11:55:7d:0d:a8:47:a2:bf:64:a7:27:f6:9a:
e3:af:5e:9a:0e:aa:a9:bf:80:5e:25:ed:f6:31:d6:57:3f:1d:
d5:00:27:c4:1a:f4:cd:49:bf:5a:bf:ed:61:0a:2f:0d:33:1e:
62:1c:7a:3a:f1:a7:d5:55:23:a0:8e:83:56:23:06:55:98:92:
c4:d5:ed:75:2e:a5:90:0c:e7:8d:25:d3:1b:d0:b8:c7:db:41:
79:11:ed:14:b0:56:76:a2:96:bd:5b:b9:51:c5:b1:a3:c1:ff:
b5:0b:3f:7e:b4:92:17:bf:29:a0:d5:6b:d1:a5:8a:77:5b:50:
1b:d6:de:93:a4:4d:33:97:49:d9:2d:d1:dd:ae:46:9b:e5:33:
97:e6:d2:5e:bb:93:00:2b:63:ce:2a:3e:2f:68:37:3f:50:53:
9a:45:1d:aa:68:2e:96:4f:24:65:f8:bb:c2:de:47:41:bc:32:
f0:40:9d:4c:25:b4:03:ae:a3:5d:2b:ef:a8:d5:e4:53:3b:b2:
c8:47:d0:b2:16:8a:12:3d:94:9a:e8:a8:1e:d1:a9:5c:25:8e:
89:4f:d3:66:0d:f8:d7:ab:c5:bd:e8:e1:05:9e:dd:0b:5c:39:
7d:de:12:cf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw56ZN+i8J9ZhCOTC7E3ysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RkMDFhNzAwNDE1Y2I1NDVjNDNlZTIwZDkxNThlZWFkOTg2M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdjJ/104N37dq0q86dH/SGR7sEEB
5KzLXtPi5mX6Yyz6rSAU06itxAOLrJhbMd4y39ecaRpm2+ZmfZRCRDCl/+jsufOd
D9Nzr8waj+ZSIloMBmrxigzwt8EMBKx9TPbY1JDwAKOMP7+mwyLMTiaRFE+yv6Yr
8tSkRKuffxtOn8QI3woqxP3jz/CZML8h5PoNDet4wi7gMA6ZuAY0ha9q8tlx322U
wehi/dH66efbPOIPTBj7YKC1MBCmqbbVKkSfJInYwKP8kcPSVW6Yysqw/C9UoyI2
iJRZtEbw7T4Nfj6xdvIHeksBz95s9HrW7kJDIEEdCs0q4i8lyiw6DVgBowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDPdAacAQVy1RcQ+4g2RWO6tmGPyMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTTkwQnB3QkJYTFZGeEQ3aURaRlk3cTJZWV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAxQ
AwcEKg6xBxwgAwcEKg6xBxygMA0GCSqGSIb3DQEBCwUAA4IBAQCyyuOzFzKI/46q
eWThUY705vXWHkuIdBFVfQ2oR6K/ZKcn9prjr16aDqqpv4BeJe32MdZXPx3VACfE
GvTNSb9av+1hCi8NMx5iHHo68afVVSOgjoNWIwZVmJLE1e11LqWQDOeNJdMb0LjH
20F5Ee0UsFZ2opa9W7lRxbGjwf+1Cz9+tJIXvymg1WvRpYp3W1Ab1t6TpE0zl0nZ
LdHdrkab5TOX5tJeu5MAK2POKj4vaDc/UFOaRR2qaC6WTyRl+LvC3kdBvDLwQJ1M
JbQDrqNdK++o1eRTO7LIR9CyFooSPZSa6Kge0alcJY6JT9NmDfjXq8W96OEFnt0L
XDl93hLP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:01 2024 by rpki-client on console-ams.rpki-client.org