Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ONOJJmWX8Vg9UHvxt5OjjIVQCbQ.roa
File: ONOJJmWX8Vg9UHvxt5OjjIVQCbQ.roa (raw, json)
Hash identifier: POpHmC8ex9z2qQ5a/q2IQLpOeKUMJrqwl0pL6Lp+beI=
Subject key identifier: 38:D3:89:26:65:97:F1:58:3D:50:7B:F1:B7:93:A3:8C:85:50:09:B4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E82E0F89E1149883469F648185F2F8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ONOJJmWX8Vg9UHvxt5OjjIVQCbQ.roa
Signing time: Mon 02 Jan 2023 05:15:42 +0000
ROA not before: Mon 02 Jan 2023 05:15:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399741
IP address blocks: 2a0e:b107:5c8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e8:2e:0f:89:e1:14:98:83:46:9f:64:81:85:f2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38d389266597f1583d507bf1b793a38c855009b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:bd:be:a1:42:7a:1c:bd:72:5a:70:80:51:
fc:fe:84:b9:54:91:71:42:e5:e9:27:d0:31:51:c7:
df:c8:fe:92:1c:63:bb:dd:a1:bf:47:65:ec:49:22:
d7:fe:e5:70:28:b7:3b:0a:a8:57:43:bb:09:b5:02:
f5:77:41:8a:30:b5:e4:c1:04:72:f1:58:75:0f:80:
a6:d8:65:a6:2e:2c:30:97:d2:4c:73:2b:c8:70:b1:
00:4c:33:fd:ba:89:f7:22:da:c5:d1:a2:30:16:07:
1e:95:36:ad:f3:31:8f:95:77:a4:2d:6b:16:e2:91:
9c:b8:aa:20:4b:18:76:39:39:2a:6b:da:58:8c:81:
58:49:52:50:57:a0:bc:e2:18:a9:cf:df:6a:ff:7f:
1c:da:8f:fd:43:5e:cb:f0:2c:69:5f:24:4a:3d:1b:
b5:3d:41:04:49:95:96:3c:56:7b:ea:a5:fb:49:54:
8b:d8:6c:02:8e:17:e2:1a:c9:ff:76:06:6b:17:34:
6a:66:46:d7:88:62:30:69:09:97:26:d5:09:6a:9c:
a6:64:6c:e5:8e:ca:a4:49:42:90:e5:4f:46:ce:62:
57:26:84:6b:88:74:51:44:0c:8b:3a:f9:73:37:8f:
47:f5:45:7e:ed:3c:1f:27:2a:fe:3d:0e:2a:74:a5:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D3:89:26:65:97:F1:58:3D:50:7B:F1:B7:93:A3:8C:85:50:09:B4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ONOJJmWX8Vg9UHvxt5OjjIVQCbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5c8::/48
Signature Algorithm: sha256WithRSAEncryption
81:cf:25:71:1e:7d:05:47:95:c3:d1:f9:b5:02:47:26:b5:2a:
70:6b:b5:16:aa:fd:91:52:a3:0c:17:8f:2f:69:01:be:49:84:
0d:6d:ae:0c:69:84:14:4a:8e:3c:b1:48:30:2b:aa:27:13:b6:
a6:55:67:e4:59:c6:d9:b1:be:e7:18:c5:c7:db:99:3b:9a:91:
bf:e3:75:d1:81:53:5b:54:dd:0a:f2:0a:ff:c3:e4:79:c5:fb:
9f:34:55:65:e8:c4:b6:5c:65:ba:42:8f:47:33:70:87:41:b4:
f3:d6:7f:08:22:5b:65:28:49:d0:e2:e7:71:06:58:3b:ec:ec:
72:f1:21:fd:2e:30:02:69:4c:b5:4f:5a:a8:fa:a2:1c:c2:aa:
49:09:97:6a:ba:57:46:c5:03:da:34:c6:0c:db:af:f3:99:0f:
14:57:ca:95:28:20:57:29:50:7c:aa:f1:4b:dd:f9:14:01:d8:
9d:c7:5a:91:6c:c2:e1:44:e8:31:d0:02:7e:2e:18:95:91:c5:
dc:c8:ac:8e:65:1a:05:a9:ce:a3:ef:d6:f8:69:a6:82:ba:69:
a5:9b:fa:7f:f8:e7:75:8d:27:b6:b8:a9:41:5a:38:b7:f7:c2:
ea:00:69:6e:be:8a:fc:85:50:dc:a0:eb:84:0d:f4:1a:6f:79:
09:29:fa:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw6C4PieEUmINGn2SBhfL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQzODkyNjY1OTdmMTU4M2Q1MDdiZjFiNzkzYTM4Yzg1NTAwOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6C9vqFCehy9clpwgFH8/oS5VJFx
QuXpJ9AxUcffyP6SHGO73aG/R2XsSSLX/uVwKLc7CqhXQ7sJtQL1d0GKMLXkwQRy
8Vh1D4Cm2GWmLiwwl9JMcyvIcLEATDP9uon3ItrF0aIwFgcelTat8zGPlXekLWsW
4pGcuKogSxh2OTkqa9pYjIFYSVJQV6C84hipz99q/38c2o/9Q17L8CxpXyRKPRu1
PUEESZWWPFZ76qX7SVSL2GwCjhfiGsn/dgZrFzRqZkbXiGIwaQmXJtUJapymZGzl
jsqkSUKQ5U9GzmJXJoRriHRRRAyLOvlzN49H9UV+7TwfJyr+PQ4qdKVpEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDjTiSZll/FYPVB78beTo4yFUAm0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT05PSkptV1g4Vmc5VUh2eHQ1T2pqSVZRQ2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwXI
MA0GCSqGSIb3DQEBCwUAA4IBAQCBzyVxHn0FR5XD0fm1AkcmtSpwa7UWqv2RUqMM
F48vaQG+SYQNba4MaYQUSo48sUgwK6onE7amVWfkWcbZsb7nGMXH25k7mpG/43XR
gVNbVN0K8gr/w+R5xfufNFVl6MS2XGW6Qo9HM3CHQbTz1n8IIltlKEnQ4udxBlg7
7Oxy8SH9LjACaUy1T1qo+qIcwqpJCZdquldGxQPaNMYM26/zmQ8UV8qVKCBXKVB8
qvFL3fkUAdidx1qRbMLhROgx0AJ+LhiVkcXcyKyOZRoFqc6j79b4aaaCummlm/p/
+Od1jSe2uKlBWji398LqAGluvor8hVDcoOuEDfQab3kJKfpb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org