Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MBnHtFApYlVCNeXVaaeIDsq6TT0.roa
File: MBnHtFApYlVCNeXVaaeIDsq6TT0.roa (raw, json)
Hash identifier: yLrVqqq07Gx5wcEi0KGWlOvEidzE8ffpfBdxSEhWMu0=
Subject key identifier: 30:19:C7:B4:50:29:62:55:42:35:E5:D5:69:A7:88:0E:CA:BA:4D:3D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B11669DE1A204734B83756B3FE7ED
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MBnHtFApYlVCNeXVaaeIDsq6TT0.roa
Signing time: Tue 24 Jan 2023 16:09:57 +0000
ROA not before: Tue 24 Jan 2023 16:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213312
IP address blocks: 2a0e:b107:1a40::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:11:66:9d:e1:a2:04:73:4b:83:75:6b:3f:e7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3019c7b4502962554235e5d569a7880ecaba4d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bf:75:48:ab:b6:59:b2:1b:ef:41:3d:ce:08:
43:df:9a:b5:4a:ee:a0:62:bb:30:91:05:9f:44:85:
fd:0d:c2:4c:ab:1c:93:48:5c:dc:53:ef:22:1b:d5:
0d:e2:c8:7a:ac:ad:47:31:b0:13:c4:66:d8:28:08:
b4:18:5f:c6:33:ef:3d:95:c0:0c:d1:5a:f0:ba:95:
50:f1:d5:30:db:96:02:44:8d:ad:8c:98:b5:6e:f1:
aa:10:39:bc:5a:c5:9d:0e:a9:4e:c8:a7:d0:52:42:
51:62:03:8f:d7:25:4d:20:76:46:09:ca:ee:90:e8:
5f:a7:d5:a2:e1:2f:42:ab:e0:36:47:25:c7:b9:c9:
d9:48:c2:52:31:ca:c3:00:06:23:9f:be:b6:d0:34:
66:35:2e:45:1b:9d:8b:a6:54:a4:5f:a1:5f:cf:09:
b3:ef:c6:4c:40:44:9c:a7:9b:a9:3f:28:ca:b9:fe:
04:55:82:8a:06:d8:49:d8:82:6c:db:f5:81:f2:0f:
20:4e:53:0d:ee:27:7d:99:4f:ea:65:52:09:3a:b2:
2c:0b:69:f7:dd:c3:08:9f:ba:c9:95:60:8a:72:70:
5f:da:97:f7:ec:5d:c4:9d:12:4b:a6:bf:b0:cd:d5:
10:e0:5a:61:57:2f:2a:87:0d:b7:4a:82:c2:1e:a3:
ce:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:19:C7:B4:50:29:62:55:42:35:E5:D5:69:A7:88:0E:CA:BA:4D:3D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MBnHtFApYlVCNeXVaaeIDsq6TT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1a40::/44
Signature Algorithm: sha256WithRSAEncryption
78:73:34:28:9a:20:f7:a4:f1:bb:c7:6d:7f:35:f4:73:8f:95:
72:0d:12:4b:37:c0:2e:7e:9e:44:65:77:0f:ba:0d:41:c9:bd:
17:1a:68:03:02:4b:3e:9f:d9:1f:f9:a5:3c:53:93:b6:05:12:
c5:5a:a3:92:b6:3d:1a:9d:9b:93:02:b0:0d:9e:f8:ca:c6:b9:
89:99:35:f1:bb:49:be:a8:ee:b4:30:71:bf:d3:b4:fc:a9:be:
37:14:33:b8:ad:86:8a:9c:d2:31:ca:5b:03:10:5f:9d:6b:21:
3a:c8:ea:32:b9:14:92:76:ad:1f:33:f7:c5:f2:24:62:94:2f:
15:18:ec:c5:d1:93:a5:78:2b:b7:b2:27:3b:79:b5:79:d7:45:
7b:02:46:8a:f0:6f:f1:5b:c4:60:ed:fb:52:a2:4c:b4:78:6f:
16:0b:11:13:47:8d:65:5d:4d:46:51:57:82:9c:86:55:72:ec:
ac:f3:aa:d0:f7:30:10:ea:04:98:78:44:65:92:54:cb:23:cf:
52:b5:62:cb:02:e9:69:2c:d6:07:b4:25:d4:ea:f9:d0:fb:36:
24:ba:79:3f:c9:3b:03:a9:6b:df:c7:55:fc:11:ce:93:a9:19:
6c:6d:ee:44:ec:4f:71:8f:a5:f9:61:a8:45:09:d8:28:a6:4e:
fa:c4:33:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkixFmneGiBHNLg3VrP+ftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE5YzdiNDUwMjk2MjU1NDIzNWU1ZDU2OWE3ODgwZWNhYmE0ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL91SKu2WbIb70E9zghD35q1Su6g
YrswkQWfRIX9DcJMqxyTSFzcU+8iG9UN4sh6rK1HMbATxGbYKAi0GF/GM+89lcAM
0VrwupVQ8dUw25YCRI2tjJi1bvGqEDm8WsWdDqlOyKfQUkJRYgOP1yVNIHZGCcru
kOhfp9Wi4S9Cq+A2RyXHucnZSMJSMcrDAAYjn7620DRmNS5FG52LplSkX6Ffzwmz
78ZMQEScp5upPyjKuf4EVYKKBthJ2IJs2/WB8g8gTlMN7id9mU/qZVIJOrIsC2n3
3cMIn7rJlWCKcnBf2pf37F3EnRJLpr+wzdUQ4FphVy8qhw23SoLCHqPOUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDAZx7RQKWJVQjXl1WmniA7Kuk09MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTUJuSHRGQXBZbFZDTmVYVmFhZUlEc3E2VFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxpA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4czQomiD3pPG7x21/NfRzj5VyDRJLN8Aufp5E
ZXcPug1Byb0XGmgDAks+n9kf+aU8U5O2BRLFWqOStj0anZuTArANnvjKxrmJmTXx
u0m+qO60MHG/07T8qb43FDO4rYaKnNIxylsDEF+dayE6yOoyuRSSdq0fM/fF8iRi
lC8VGOzF0ZOleCu3sic7ebV510V7AkaK8G/xW8Rg7ftSoky0eG8WCxETR41lXU1G
UVeCnIZVcuys86rQ9zAQ6gSYeERlklTLI89StWLLAulpLNYHtCXU6vnQ+zYkunk/
yTsDqWvfx1X8Ec6TqRlsbe5E7E9xj6X5YahFCdgopk76xDO0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org