Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoU9VNeRXvKikOH_cvsEERn7Tks.roa
File: PoU9VNeRXvKikOH_cvsEERn7Tks.roa (raw, json)
Hash identifier: rafl4c9mpKl+08EtDMojh2BYN8O9B8YM7rh9vIai+yQ=
Subject key identifier: 3E:85:3D:54:D7:91:5E:F2:A2:90:E1:FF:72:FB:04:11:19:FB:4E:4B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7BECF92A4A93A6648525CCAB36E08
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoU9VNeRXvKikOH_cvsEERn7Tks.roa
Signing time: Mon 02 Jan 2023 05:15:13 +0000
ROA not before: Mon 02 Jan 2023 05:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204750
IP address blocks: 2a0e:97c0:3d5::/48 maxlen: 48
2a0e:97c0:3d0::/44 maxlen: 48
2a0e:97c0:3d0::/48 maxlen: 48
2a0e:97c0:3d3::/48 maxlen: 48
2a0e:97c0:3d6::/48 maxlen: 48
2a0e:97c0:3d1::/48 maxlen: 48
2a0e:97c0:3d9::/48 maxlen: 48
2a0e:97c0:3d4::/48 maxlen: 48
2a0e:97c0:3df::/48 maxlen: 48
2a0e:97c0:3d7::/48 maxlen: 48
2a0e:97c0:3d2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:be:cf:92:a4:a9:3a:66:48:52:5c:ca:b3:6e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e853d54d7915ef2a290e1ff72fb041119fb4e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:58:a2:d5:73:1b:95:a4:d4:05:6d:45:22:eb:
3f:ae:ad:77:49:fc:b2:55:e5:14:d4:da:b4:df:15:
e4:d3:38:bf:ac:c9:90:96:df:65:89:e1:77:6b:2c:
7b:ea:11:fb:ab:51:4f:c5:f9:f6:2a:9d:22:f1:49:
98:a6:19:7f:19:00:e8:1f:ae:bb:66:d3:f7:99:85:
86:c7:65:35:a1:3b:a7:59:71:ff:66:e5:46:e5:35:
4e:e1:0e:b4:fc:86:68:e5:a0:ec:ff:53:16:09:51:
0a:54:5b:c9:bf:fe:49:d9:62:40:c1:c6:15:19:12:
ed:ae:1e:b8:b1:84:32:3f:29:a9:6e:b2:fd:df:c9:
27:f2:46:81:32:bb:24:e3:73:cc:48:52:cf:48:7b:
f0:9b:4b:0a:56:f8:c4:3d:20:9a:51:03:3f:c1:90:
db:d7:af:64:86:da:4e:fb:cb:bd:10:1b:97:30:4f:
ef:73:98:ae:d6:2b:b3:0a:c9:85:77:3c:fb:28:36:
4a:3c:3a:49:ba:c9:b7:ee:22:71:8d:6a:02:4d:02:
14:ad:a1:a3:36:75:1e:9d:c0:34:cb:2c:c3:32:30:
8b:07:cd:47:9d:0e:22:cd:a1:aa:10:2e:27:99:f7:
04:48:ba:e2:f2:c3:82:70:be:3a:39:ff:4d:a4:52:
2e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:85:3D:54:D7:91:5E:F2:A2:90:E1:FF:72:FB:04:11:19:FB:4E:4B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoU9VNeRXvKikOH_cvsEERn7Tks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3d0::/44
Signature Algorithm: sha256WithRSAEncryption
c6:ca:8a:fb:55:ae:1c:c0:78:ed:d0:a2:84:9d:eb:67:9c:f8:
8b:7a:63:e0:28:69:be:bb:f3:31:39:bb:f2:df:ad:bf:b5:47:
e9:a4:eb:bc:ed:ef:a4:53:03:69:52:51:8d:79:be:03:d1:77:
65:bf:69:aa:a2:06:5d:e8:27:1f:74:2b:63:d3:ff:0b:3e:2d:
3c:26:c2:77:6b:83:ad:b7:cd:06:c4:77:31:35:62:15:f1:a3:
64:dd:85:44:2b:da:14:38:71:4d:a2:ff:33:46:bc:63:fc:3d:
ac:8e:a6:7f:1d:a6:b2:a3:ec:68:60:76:13:ff:d0:0b:7b:29:
dc:c8:eb:8f:15:05:d7:b2:fd:df:19:b7:64:90:14:a8:af:21:
a9:72:39:b9:94:2d:25:e4:e2:32:a0:72:f1:c8:4b:28:a3:73:
af:42:85:5f:2a:2e:81:80:96:ca:a0:61:cf:81:25:42:95:5d:
d5:1a:d5:87:f8:8b:6d:10:55:92:3d:d9:12:bc:a8:a1:00:0a:
da:0a:b3:08:d2:58:e8:ed:16:c5:2e:a9:26:0d:5f:e5:7c:88:
f4:ab:0d:63:2d:24:eb:05:f7:26:22:a4:4d:50:f3:43:f8:be:
ef:90:56:28:ce:54:da:f8:7d:c9:8b:cd:9a:07:34:fb:bb:a0:
5b:72:66:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw577PkqSpOmZIUlzKs24IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg1M2Q1NGQ3OTE1ZWYyYTI5MGUxZmY3MmZiMDQxMTE5ZmI0ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFii1XMblaTUBW1FIus/rq13Sfyy
VeUU1Nq03xXk0zi/rMmQlt9lieF3ayx76hH7q1FPxfn2Kp0i8UmYphl/GQDoH667
ZtP3mYWGx2U1oTunWXH/ZuVG5TVO4Q60/IZo5aDs/1MWCVEKVFvJv/5J2WJAwcYV
GRLtrh64sYQyPympbrL938kn8kaBMrsk43PMSFLPSHvwm0sKVvjEPSCaUQM/wZDb
169khtpO+8u9EBuXME/vc5iu1iuzCsmFdzz7KDZKPDpJusm37iJxjWoCTQIUraGj
NnUencA0yyzDMjCLB81HnQ4izaGqEC4nmfcESLri8sOCcL46Of9NpFIuTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD6FPVTXkV7yopDh/3L7BBEZ+05LMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUG9VOVZOZVJYdktpa09IX2N2c0VFUm43VGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAPQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDGyor7Va4cwHjt0KKEnetnnPiLemPgKGm+u/Mx
Obvy362/tUfppOu87e+kUwNpUlGNeb4D0Xdlv2mqogZd6CcfdCtj0/8LPi08JsJ3
a4Ott80GxHcxNWIV8aNk3YVEK9oUOHFNov8zRrxj/D2sjqZ/Haayo+xoYHYT/9AL
eyncyOuPFQXXsv3fGbdkkBSoryGpcjm5lC0l5OIyoHLxyEsoo3OvQoVfKi6BgJbK
oGHPgSVClV3VGtWH+IttEFWSPdkSvKihAAraCrMI0ljo7RbFLqkmDV/lfIj0qw1j
LSTrBfcmIqRNUPND+L7vkFYozlTa+H3Ji82aBzT7u6BbcmYH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org