Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/R5Yro5tK3Wz40dQrmLcjA7AiIwU.roa
File: R5Yro5tK3Wz40dQrmLcjA7AiIwU.roa (raw, json)
Hash identifier: RAHy0dTRpVfr0vq77/XqNxxX+lPNRiDuiiP7Pos5W0U=
Subject key identifier: 47:96:2B:A3:9B:4A:DD:6C:F8:D1:D4:2B:98:B7:23:03:B0:22:23:05
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7C115A2DBB0C300318A6277432526
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/R5Yro5tK3Wz40dQrmLcjA7AiIwU.roa
Signing time: Mon 02 Jan 2023 05:15:14 +0000
ROA not before: Mon 02 Jan 2023 05:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204901
IP address blocks: 2a0e:b107:f0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:c1:15:a2:db:b0:c3:00:31:8a:62:77:43:25:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47962ba39b4add6cf8d1d42b98b72303b0222305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b6:df:4d:56:db:e9:e0:bc:da:07:1c:8f:19:
f4:63:69:ba:34:41:a6:3d:9e:84:79:bd:02:1e:95:
b0:61:52:7b:18:4a:c8:06:e7:8b:b5:d6:86:f1:17:
11:e3:dd:01:b7:71:fd:59:3e:ef:20:9a:25:20:af:
d3:4e:4f:2c:e9:db:88:81:c9:94:44:20:59:06:7c:
9d:ef:4c:d0:7b:9a:da:1d:85:84:97:81:77:0c:c3:
90:18:fc:1a:01:b8:e8:49:bd:8a:5b:f7:60:b0:15:
f5:55:6e:5d:05:c6:bd:8d:22:de:3c:12:e1:36:b4:
9d:10:a2:05:a8:d0:1b:1c:b8:1a:25:57:3c:53:65:
ce:b1:c8:03:11:40:67:ba:b0:0c:32:bf:d5:33:55:
95:53:55:7c:cd:af:fd:73:b3:41:80:40:f2:8b:04:
b6:21:22:f3:a8:0c:aa:f8:94:21:5c:2f:3c:f1:a4:
e3:01:d8:19:6b:61:f9:32:27:49:d8:46:37:d0:27:
67:8e:87:86:fa:4d:04:b3:f9:30:d9:6a:21:fb:7e:
7f:38:55:74:15:f6:3f:79:ca:27:5d:63:f0:62:9d:
13:75:e2:9f:62:47:1b:d6:17:11:a1:37:8a:a9:c2:
6f:0d:c2:bf:4d:4c:f4:68:53:dc:b3:ca:8f:5c:4b:
f3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:96:2B:A3:9B:4A:DD:6C:F8:D1:D4:2B:98:B7:23:03:B0:22:23:05
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/R5Yro5tK3Wz40dQrmLcjA7AiIwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f0::/44
Signature Algorithm: sha256WithRSAEncryption
79:27:2f:c2:2e:c8:17:63:80:4d:0b:4a:e5:4f:43:b5:7a:c3:
63:f2:74:e6:b5:3e:0f:a3:14:5e:06:2f:cd:22:fd:92:ee:2b:
0f:3f:2b:17:1b:97:9b:9a:8b:78:ee:97:01:8b:67:77:1e:bf:
5e:a4:ed:ad:9c:2f:85:71:5c:35:33:2c:28:43:22:31:f3:70:
0d:d9:47:cf:88:2d:10:29:e2:4e:35:f5:ab:0f:da:2f:30:81:
eb:5b:18:d1:2f:6b:27:f9:86:4b:09:64:c8:c7:32:a4:6c:e4:
94:f4:6a:0f:01:7e:ee:02:99:9d:f4:72:2c:59:02:db:cd:44:
62:58:bd:af:86:57:fa:cf:cb:38:71:f0:28:f3:90:b2:bd:43:
04:74:1b:9b:1f:93:00:61:16:9b:1a:67:d3:98:b6:7f:f6:c3:
5c:47:8c:0a:8f:1b:32:c8:c5:03:17:3a:30:e1:73:b8:54:2f:
8b:3f:44:f7:4f:cd:f4:a4:dc:f3:d4:ab:cd:08:15:a6:ef:f7:
bc:76:39:78:5e:b7:39:7d:b2:da:88:f7:0f:d6:e5:82:e6:b8:
ae:d4:ab:4a:65:16:9d:28:69:45:58:4e:4c:40:18:b5:83:e3:
c9:b1:c5:32:17:bf:93:c6:34:10:10:ea:f9:3c:22:90:5d:3d:
56:4a:20:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw58EVotuwwwAximJ3QyUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk2MmJhMzliNGFkZDZjZjhkMWQ0MmI5OGI3MjMwM2IwMjIyMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrbfTVbb6eC82gccjxn0Y2m6NEGm
PZ6Eeb0CHpWwYVJ7GErIBueLtdaG8RcR490Bt3H9WT7vIJolIK/TTk8s6duIgcmU
RCBZBnyd70zQe5raHYWEl4F3DMOQGPwaAbjoSb2KW/dgsBX1VW5dBca9jSLePBLh
NrSdEKIFqNAbHLgaJVc8U2XOscgDEUBnurAMMr/VM1WVU1V8za/9c7NBgEDyiwS2
ISLzqAyq+JQhXC888aTjAdgZa2H5MidJ2EY30CdnjoeG+k0Es/kw2Woh+35/OFV0
FfY/econXWPwYp0TdeKfYkcb1hcRoTeKqcJvDcK/TUz0aFPcs8qPXEvz1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEeWK6ObSt1s+NHUK5i3IwOwIiMFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUjVZcm81dEszV3o0MGRRcm1MY2pBN0FpSXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwDw
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Jy/CLsgXY4BNC0rlT0O1esNj8nTmtT4PoxRe
Bi/NIv2S7isPPysXG5ebmot47pcBi2d3Hr9epO2tnC+FcVw1MywoQyIx83AN2UfP
iC0QKeJONfWrD9ovMIHrWxjRL2sn+YZLCWTIxzKkbOSU9GoPAX7uApmd9HIsWQLb
zURiWL2vhlf6z8s4cfAo85CyvUMEdBubH5MAYRabGmfTmLZ/9sNcR4wKjxsyyMUD
Fzow4XO4VC+LP0T3T830pNzz1KvNCBWm7/e8djl4Xrc5fbLaiPcP1uWC5riu1KtK
ZRadKGlFWE5MQBi1g+PJscUyF7+TxjQQEOr5PCKQXT1WSiD6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org