Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MmkOptzmIhqzbavw1xKiY-z-sOQ.roa
File: MmkOptzmIhqzbavw1xKiY-z-sOQ.roa (raw, json)
Hash identifier: ksSzqzETFjvEC7E3KMVRW0miFf7lwwhP2CK32mA+NyE=
Subject key identifier: 32:69:0E:A6:DC:E6:22:1A:B3:6D:AB:F0:D7:12:A2:63:EC:FE:B0:E4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AFCD8847111D8D168E49DCF7FF4B8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MmkOptzmIhqzbavw1xKiY-z-sOQ.roa
Signing time: Tue 24 Jan 2023 16:09:51 +0000
ROA not before: Tue 24 Jan 2023 16:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212085
IP address blocks: 2a0e:b107:ea7::/48 maxlen: 48
2a0e:b107:ea4::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:fc:d8:84:71:11:d8:d1:68:e4:9d:cf:7f:f4:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32690ea6dce6221ab36dabf0d712a263ecfeb0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:18:f0:91:25:71:e1:f8:46:38:99:d8:ac:90:
e6:46:e9:c6:ac:36:69:d7:3d:56:07:38:fd:c6:ef:
ac:f7:37:dc:5f:cb:5f:42:65:8e:a4:dc:c9:33:cb:
1b:37:10:2e:82:70:27:59:ca:e4:be:f1:72:f7:9f:
c6:9f:7c:a2:64:69:f0:de:57:c2:67:e2:4f:d6:3b:
7e:c2:bb:df:86:ae:b8:e3:1c:13:89:9d:4f:f4:7b:
db:2d:6a:11:d2:7e:3d:c6:fd:35:95:cc:11:f1:0d:
e4:27:3d:37:5f:69:1b:bc:18:12:2b:82:51:34:38:
14:99:b3:6d:3c:11:41:56:08:c7:af:00:0f:40:5c:
af:de:0e:3c:3f:96:a6:07:c0:e9:58:7e:90:f9:a8:
78:1d:34:68:53:f7:0b:24:1d:ab:91:31:23:57:9f:
58:bf:a0:a8:c2:51:cf:d7:c9:cb:50:d1:15:ac:ea:
b8:60:7b:35:c0:47:d5:fe:42:96:59:91:e1:a6:a8:
91:c9:d9:d0:20:99:77:b6:d8:53:1e:a4:d0:43:1b:
ea:c9:c3:29:28:33:a6:53:50:78:6c:24:c2:1f:62:
c2:d0:36:e0:e4:f9:f4:03:57:7f:82:1d:4d:34:1c:
0a:27:9d:a5:f7:38:52:b8:18:c4:2b:ef:e2:21:43:
c2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:69:0E:A6:DC:E6:22:1A:B3:6D:AB:F0:D7:12:A2:63:EC:FE:B0:E4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MmkOptzmIhqzbavw1xKiY-z-sOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ea4::/48
2a0e:b107:ea7::/48
Signature Algorithm: sha256WithRSAEncryption
ba:cd:d6:32:97:9e:a3:dd:11:a2:7a:17:4d:9b:f1:70:21:de:
86:01:81:0f:fc:61:7b:82:d0:ff:71:3f:cf:ae:55:a3:e7:e1:
51:0c:6d:ef:bf:4b:9d:3e:5a:1e:63:38:97:e8:12:ee:05:c2:
8a:aa:0e:d7:ae:5e:ca:a8:9d:1e:6c:7e:3d:6c:2e:d4:7e:cb:
22:d1:24:5b:36:45:40:63:cf:c3:bc:5d:03:56:d0:67:e4:a8:
cc:f1:8e:be:f5:f8:57:0c:e2:19:99:bb:6f:47:b9:a0:53:f8:
e5:e3:46:22:da:be:4d:dc:ca:ec:32:7c:34:c5:3b:e5:9c:27:
4e:c0:c9:a6:c0:52:ae:00:38:60:7f:7b:66:57:24:07:4f:60:
ea:e6:51:ad:e9:9e:2d:f1:9a:d1:db:24:98:80:09:31:d8:50:
a4:ca:8f:c4:8d:37:ba:2b:58:08:9e:41:7b:58:b7:a4:bd:08:
ff:30:62:c1:1f:e5:ac:eb:9c:a1:da:9b:24:4e:cb:ab:fb:ea:
dc:cf:1e:e6:69:54:a2:f2:c8:e2:2d:06:4d:33:28:23:08:67:
26:3d:79:f3:ec:bb:9e:3c:c3:64:c0:8c:fe:41:8a:89:5f:24:
19:34:bd:34:d9:6b:9a:f7:16:4d:0d:1b:43:5f:b6:3b:5a:f9:
ef:13:98:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXkivzYhHER2NFo5J3Pf/S4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY5MGVhNmRjZTYyMjFhYjM2ZGFiZjBkNzEyYTI2M2VjZmViMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhjwkSVx4fhGOJnYrJDmRunGrDZp
1z1WBzj9xu+s9zfcX8tfQmWOpNzJM8sbNxAugnAnWcrkvvFy95/Gn3yiZGnw3lfC
Z+JP1jt+wrvfhq644xwTiZ1P9HvbLWoR0n49xv01lcwR8Q3kJz03X2kbvBgSK4JR
NDgUmbNtPBFBVgjHrwAPQFyv3g48P5amB8DpWH6Q+ah4HTRoU/cLJB2rkTEjV59Y
v6CowlHP18nLUNEVrOq4YHs1wEfV/kKWWZHhpqiRydnQIJl3tthTHqTQQxvqycMp
KDOmU1B4bCTCH2LC0Dbg5Pn0A1d/gh1NNBwKJ52l9zhSuBjEK+/iIUPC3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDJpDqbc5iIas22r8NcSomPs/rDkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTW1rT3B0em1JaHF6YmF2dzF4S2lZLXotc09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBw6k
AwcAKg6xBw6nMA0GCSqGSIb3DQEBCwUAA4IBAQC6zdYyl56j3RGiehdNm/FwId6G
AYEP/GF7gtD/cT/PrlWj5+FRDG3vv0udPloeYziX6BLuBcKKqg7Xrl7KqJ0ebH49
bC7Ufssi0SRbNkVAY8/DvF0DVtBn5KjM8Y6+9fhXDOIZmbtvR7mgU/jl40Yi2r5N
3MrsMnw0xTvlnCdOwMmmwFKuADhgf3tmVyQHT2Dq5lGt6Z4t8ZrR2ySYgAkx2FCk
yo/EjTe6K1gInkF7WLekvQj/MGLBH+Ws65yh2pskTsur++rczx7maVSi8sjiLQZN
MygjCGcmPXnz7LuePMNkwIz+QYqJXyQZNL002Wua9xZNDRtDX7Y7WvnvE5hS
-----END CERTIFICATE-----
Generated at Thu Jul 20 11:55:45 2023 by rpki-client on console-ams.rpki-client.org