Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MyPkOtPofX5myPgAaz6E3VHSVaQ.roa
File: MyPkOtPofX5myPgAaz6E3VHSVaQ.roa (raw, json)
Hash identifier: 2cSgpVS+OEQpjii2h26ARUSNRelJMIvWa35O3bT1VMM=
Subject key identifier: 33:23:E4:3A:D3:E8:7D:7E:66:C8:F8:00:6B:3E:84:DD:51:D2:55:A4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AC600AA088DBF050FBC628FBF96DE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MyPkOtPofX5myPgAaz6E3VHSVaQ.roa
Signing time: Tue 24 Jan 2023 16:09:37 +0000
ROA not before: Tue 24 Jan 2023 16:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141445
IP address blocks: 2a0e:b107:12c0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:c6:00:aa:08:8d:bf:05:0f:bc:62:8f:bf:96:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3323e43ad3e87d7e66c8f8006b3e84dd51d255a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b8:fa:3d:a2:6d:31:84:ca:08:fe:35:a0:38:
3b:73:3b:ce:7e:e0:2a:47:3a:13:03:37:ff:68:b1:
0e:94:9b:3c:c0:dd:a0:c7:2c:47:3d:3a:88:0a:6b:
12:2d:dd:e1:e4:49:8d:f2:cc:44:b7:9d:a4:d4:18:
f5:40:ff:63:36:1f:7d:97:c7:ab:26:bd:5f:c7:64:
30:33:3c:c1:b5:b3:ab:06:92:ce:ea:21:5d:ff:c3:
ad:35:59:07:fe:d7:92:c8:70:62:d1:93:4a:56:a5:
e4:03:ca:a4:43:1b:a3:da:53:21:51:56:56:53:3e:
fc:f6:fd:50:d0:7a:4b:3e:fb:b6:4e:bd:3c:1e:37:
bd:e6:2e:83:e5:35:f5:6d:06:b6:5f:10:e2:aa:ec:
88:12:84:df:9d:16:e6:00:4c:a5:13:5a:9c:19:24:
de:d2:01:bb:69:1c:36:7e:16:99:f0:ac:9a:53:cb:
64:ee:64:4e:8c:a8:94:ec:3d:57:78:96:b2:f1:c8:
7d:c8:4d:5e:cf:da:c0:c3:01:07:7c:54:13:2a:89:
fe:ea:ee:7e:66:84:57:46:02:67:42:f5:ee:c2:10:
ad:64:fc:12:20:35:b2:5b:a0:8b:b7:47:c4:d3:9c:
fc:ca:16:04:d9:7c:af:e4:fc:01:10:2c:55:94:25:
57:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:23:E4:3A:D3:E8:7D:7E:66:C8:F8:00:6B:3E:84:DD:51:D2:55:A4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MyPkOtPofX5myPgAaz6E3VHSVaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12c0::/44
Signature Algorithm: sha256WithRSAEncryption
a9:ee:48:d9:43:bb:9a:f3:cd:54:95:8d:fd:3a:8c:ce:67:b3:
1a:5f:38:68:b5:b5:ab:87:85:7e:5d:37:23:71:37:18:b9:25:
2a:8e:7c:e1:fa:c2:b5:91:e3:f7:a4:aa:4d:8a:f6:2f:70:fd:
2d:0c:05:81:c0:95:f3:08:06:3f:2a:a5:40:91:20:81:ee:2f:
aa:21:ba:46:b3:2e:39:10:8a:bd:e5:9d:3b:2e:60:d6:b5:33:
8d:e0:92:c2:d9:a5:a3:95:16:f8:33:99:d8:6c:25:0c:3b:e3:
f3:2f:9b:92:ce:03:59:a7:87:28:28:5b:73:e7:0e:c2:00:da:
28:04:44:a6:a1:b3:36:ba:5a:58:8b:1a:da:82:25:36:ba:13:
a8:b0:6f:18:34:43:e9:97:f2:c0:18:58:1e:32:a3:45:1f:e7:
64:f8:a8:e7:89:ae:3a:09:3a:84:5b:2f:8f:69:c5:df:72:10:
21:0f:b8:45:73:3b:0c:ce:cc:f8:e5:16:8d:17:da:14:20:d0:
52:ed:cf:33:81:6e:dd:e7:77:3d:24:c6:47:5d:21:7b:a2:5a:
7c:05:bb:9e:bb:ef:ea:19:61:e0:fe:9e:8f:d2:1c:c2:4b:7c:
28:58:c9:bc:8c:4b:5f:bf:2f:82:5d:d4:76:d9:41:de:c8:d7:
fc:03:04:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkisYAqgiNvwUPvGKPv5beMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzIzZTQzYWQzZTg3ZDdlNjZjOGY4MDA2YjNlODRkZDUxZDI1NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLj6PaJtMYTKCP41oDg7czvOfuAq
RzoTAzf/aLEOlJs8wN2gxyxHPTqICmsSLd3h5EmN8sxEt52k1Bj1QP9jNh99l8er
Jr1fx2QwMzzBtbOrBpLO6iFd/8OtNVkH/teSyHBi0ZNKVqXkA8qkQxuj2lMhUVZW
Uz789v1Q0HpLPvu2Tr08Hje95i6D5TX1bQa2XxDiquyIEoTfnRbmAEylE1qcGSTe
0gG7aRw2fhaZ8KyaU8tk7mROjKiU7D1XeJay8ch9yE1ez9rAwwEHfFQTKon+6u5+
ZoRXRgJnQvXuwhCtZPwSIDWyW6CLt0fE05z8yhYE2Xyv5PwBECxVlCVXvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDMj5DrT6H1+Zsj4AGs+hN1R0lWkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTXlQa090UG9mWDVteVBnQWF6NkUzVkhTVmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCp7kjZQ7ua881UlY39OozOZ7MaXzhotbWrh4V+
XTcjcTcYuSUqjnzh+sK1keP3pKpNivYvcP0tDAWBwJXzCAY/KqVAkSCB7i+qIbpG
sy45EIq95Z07LmDWtTON4JLC2aWjlRb4M5nYbCUMO+PzL5uSzgNZp4coKFtz5w7C
ANooBESmobM2ulpYixragiU2uhOosG8YNEPpl/LAGFgeMqNFH+dk+Kjnia46CTqE
Wy+PacXfchAhD7hFczsMzsz45RaNF9oUINBS7c8zgW7d53c9JMZHXSF7olp8Bbue
u+/qGWHg/p6P0hzCS3woWMm8jEtfvy+CXdR22UHeyNf8AwSm
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org