Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXMT7hkqpDSzeI3SSY8at3wdYl8.roa
File: PXMT7hkqpDSzeI3SSY8at3wdYl8.roa (raw, json)
Hash identifier: pmNlv+GV/t43aQFKI6ROrxE/lYlXWm+h0cbmpXBZIm4=
Subject key identifier: 3D:73:13:EE:19:2A:A4:34:B3:78:8D:D2:49:8F:1A:B7:7C:1D:62:5F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48ADE777EB0D1558CCD91EA315D077F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXMT7hkqpDSzeI3SSY8at3wdYl8.roa
Signing time: Tue 24 Jan 2023 16:09:44 +0000
ROA not before: Tue 24 Jan 2023 16:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207740
IP address blocks: 2a0e:b107:198::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:de:77:7e:b0:d1:55:8c:cd:91:ea:31:5d:07:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d7313ee192aa434b3788dd2498f1ab77c1d625f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1e:67:84:f9:bf:d1:85:3e:e3:e8:61:eb:28:
a3:77:46:ac:e2:07:41:d6:35:c6:6b:e4:aa:99:e4:
a0:e7:c3:9f:a4:ff:63:92:76:34:fd:e8:21:55:90:
d0:3a:02:a9:20:41:ad:af:61:75:26:7b:1d:45:39:
91:22:c8:8b:33:ba:0c:e1:00:e2:32:10:ca:89:3c:
40:ff:cd:8d:53:48:08:f3:91:b4:20:2b:27:4b:08:
70:92:3f:b1:f0:d7:60:6f:c8:4c:5c:4f:75:3b:14:
cc:4c:4a:24:74:00:7c:f5:83:ca:72:b5:33:ca:c4:
61:68:16:40:1e:09:4c:c0:5c:8b:87:22:b8:bc:43:
45:bf:12:ac:4d:17:02:85:b2:b6:a1:45:72:a9:cf:
bc:7b:b9:5c:c7:db:15:fe:a5:4a:6c:fe:51:31:ba:
02:65:b4:d7:e8:bf:ac:9f:e4:f9:85:c7:b0:c6:d7:
6b:06:5b:03:d1:aa:21:42:df:40:66:9d:4f:8e:36:
56:6d:97:9a:9b:61:6f:08:87:61:28:e9:ec:72:6a:
0a:3b:b7:22:9c:d3:31:f1:dc:ae:3a:0f:65:9f:29:
d1:b9:64:ac:eb:04:4d:a9:c4:91:24:4d:c0:41:02:
fd:ba:e2:24:6c:68:99:32:81:9d:c3:f3:38:ee:31:
e6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:73:13:EE:19:2A:A4:34:B3:78:8D:D2:49:8F:1A:B7:7C:1D:62:5F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PXMT7hkqpDSzeI3SSY8at3wdYl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:198::/48
Signature Algorithm: sha256WithRSAEncryption
35:f0:98:ba:bd:80:72:8f:43:db:de:20:3c:a3:27:a6:a6:d2:
14:6d:19:d0:e1:c7:ab:34:9f:f1:2e:11:25:f0:db:d2:95:28:
48:0e:b4:91:d1:30:67:d0:01:6b:ba:9d:9b:d1:4d:54:ce:c7:
d4:ab:55:c8:7e:2a:6d:f6:fc:65:6e:fd:4c:a4:5b:2b:30:5d:
dd:a2:20:a4:9d:81:de:a6:7b:05:00:0b:e4:aa:ff:df:be:68:
af:33:98:47:10:bd:5d:68:01:b7:6e:c1:4b:72:1d:86:0c:20:
1f:e7:94:97:90:3a:f1:92:90:0c:2c:fe:58:65:07:86:1d:20:
ac:da:96:a8:78:3b:f9:e7:fc:ee:bc:b7:87:c7:94:10:87:9d:
39:5a:56:42:3a:c5:5c:cb:9b:e8:97:1c:a4:f0:c3:09:ec:9d:
7d:c4:10:ed:a1:61:26:e9:b6:94:14:c2:8d:73:36:d2:60:d0:
88:28:82:94:a6:ba:0e:14:07:c8:00:21:39:bd:57:16:65:94:
79:aa:67:44:ee:87:34:a5:5c:c4:0a:1d:46:31:e1:9a:bf:9e:
0f:1f:33:d4:a4:ba:63:73:00:c4:c9:a1:21:90:9e:68:11:53:
0d:08:ef:b8:15:87:b1:bb:4c:21:d6:49:f3:c7:da:16:a5:12:
f2:31:86:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkit53frDRVYzNkeoxXQd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDczMTNlZTE5MmFhNDM0YjM3ODhkZDI0OThmMWFiNzdjMWQ2MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR5nhPm/0YU+4+hh6yijd0as4gdB
1jXGa+SqmeSg58OfpP9jknY0/eghVZDQOgKpIEGtr2F1JnsdRTmRIsiLM7oM4QDi
MhDKiTxA/82NU0gI85G0ICsnSwhwkj+x8Ndgb8hMXE91OxTMTEokdAB89YPKcrUz
ysRhaBZAHglMwFyLhyK4vENFvxKsTRcChbK2oUVyqc+8e7lcx9sV/qVKbP5RMboC
ZbTX6L+sn+T5hcewxtdrBlsD0aohQt9AZp1PjjZWbZeam2FvCIdhKOnscmoKO7ci
nNMx8dyuOg9lnynRuWSs6wRNqcSRJE3AQQL9uuIkbGiZMoGdw/M47jHm8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD1zE+4ZKqQ0s3iN0kmPGrd8HWJfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUFhNVDdoa3FwRFN6ZUkzU1NZOGF0M3dkWWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwGY
MA0GCSqGSIb3DQEBCwUAA4IBAQA18Ji6vYByj0Pb3iA8oyemptIUbRnQ4cerNJ/x
LhEl8NvSlShIDrSR0TBn0AFrup2b0U1UzsfUq1XIfipt9vxlbv1MpFsrMF3doiCk
nYHepnsFAAvkqv/fvmivM5hHEL1daAG3bsFLch2GDCAf55SXkDrxkpAMLP5YZQeG
HSCs2paoeDv55/zuvLeHx5QQh505WlZCOsVcy5volxyk8MMJ7J19xBDtoWEm6baU
FMKNczbSYNCIKIKUproOFAfIACE5vVcWZZR5qmdE7oc0pVzECh1GMeGav54PHzPU
pLpjcwDEyaEhkJ5oEVMNCO+4FYexu0wh1knzx9oWpRLyMYYu
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:31 2024 by rpki-client on console-fra.rpki-client.org