Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RUReq2-f13HjU9V64aLkpRMvNYQ.roa
File: RUReq2-f13HjU9V64aLkpRMvNYQ.roa (raw, json)
Hash identifier: NZf5HwR5EPPfgkbf7agvxrk8Dh0QCOPhCJxqamRjCTE=
Subject key identifier: 45:44:5E:AB:6F:9F:D7:71:E3:53:D5:7A:E1:A2:E4:A5:13:2F:35:84
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7F14955EA8122BB7FBD1E0CD29660
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RUReq2-f13HjU9V64aLkpRMvNYQ.roa
Signing time: Mon 02 Jan 2023 05:15:26 +0000
ROA not before: Mon 02 Jan 2023 05:15:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210667
IP address blocks: 2a0e:b107:1788::/48 maxlen: 48
2a0e:97c0:a40::/44 maxlen: 48
2a0e:97c0:a43::/48 maxlen: 48
2a0e:97c0:a41::/48 maxlen: 48
2a0e:97c0:a44::/48 maxlen: 48
2a0e:97c0:a42::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:f1:49:55:ea:81:22:bb:7f:bd:1e:0c:d2:96:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45445eab6f9fd771e353d57ae1a2e4a5132f3584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:fd:26:1e:89:69:c8:f5:79:05:4e:85:5b:
fe:4d:55:91:51:a9:b4:76:c0:29:59:fd:97:40:2e:
75:5b:c7:d5:ba:f6:91:a5:5c:ee:3d:5a:e9:69:10:
72:20:32:81:ba:25:8a:75:e1:d3:5e:8f:95:d5:f0:
91:8f:bf:23:15:10:c4:bc:94:de:cc:d5:b1:1a:d3:
16:19:34:f3:a8:50:30:e5:25:fc:a2:5f:e9:03:76:
7b:d9:c0:0f:53:d2:7d:08:6e:8d:33:a1:e9:60:15:
98:1f:e4:5c:f0:63:71:56:18:72:66:3d:83:be:ae:
00:c2:da:00:0a:87:4c:28:c9:24:a8:d4:d6:0b:0d:
fd:51:15:76:e4:7b:18:e8:84:21:32:3a:3c:2d:93:
02:60:7f:c6:b7:6e:cb:65:7f:60:ff:61:d6:e0:ab:
f9:41:12:f1:cb:c7:46:1f:2a:a3:51:bc:f8:3b:3a:
3f:a9:c2:2c:3e:45:80:dc:3f:09:40:68:5e:09:24:
f1:73:0a:cb:7b:5e:37:ab:f2:a3:46:f8:01:b5:21:
75:f5:bf:fd:f7:ed:1b:33:a9:6a:7d:40:b5:f3:c3:
fc:cc:13:bf:6e:64:32:07:9a:a4:3d:81:a2:96:37:
4e:25:f5:82:fe:56:a4:31:a0:26:ff:08:ea:49:de:
76:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:44:5E:AB:6F:9F:D7:71:E3:53:D5:7A:E1:A2:E4:A5:13:2F:35:84
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RUReq2-f13HjU9V64aLkpRMvNYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:a40::/44
2a0e:b107:1788::/48
Signature Algorithm: sha256WithRSAEncryption
c5:5b:75:f9:c2:27:b8:c2:4b:3c:6c:50:a3:d4:8f:ed:1c:c5:
53:ee:a4:33:7d:c2:fe:5f:d9:69:36:1d:b8:e2:c2:a1:8a:9d:
02:ff:82:f5:b1:b1:b9:66:84:71:b4:a0:22:98:b1:1e:06:b1:
ab:f5:58:c2:c5:a3:8d:fb:9c:ef:e0:8e:0f:89:ba:43:14:2d:
a4:a9:2a:fd:6b:fb:9e:94:9c:4d:4d:86:f2:17:b2:ee:16:20:
58:5f:b9:ff:94:fe:be:9f:53:81:4d:3c:10:06:68:ba:5c:60:
8e:be:02:4d:af:ef:e1:83:48:30:88:f0:34:20:95:01:69:c1:
10:3a:2f:cf:66:40:ab:0a:ec:48:df:34:22:d4:7c:b3:20:d9:
b2:eb:f5:60:2a:e9:e4:bb:9c:4d:ae:64:66:cd:d5:d5:00:f1:
66:a8:6e:0c:98:05:a7:1e:92:91:02:5c:6b:6b:44:c9:c9:e8:
4d:5e:ed:6a:0b:4e:84:c4:ce:c8:c9:54:2e:01:ab:49:5e:89:
6e:4d:43:e4:e5:dc:e8:ea:c2:c8:2e:0c:06:8c:61:29:fd:8c:
6c:dc:23:e1:c7:37:7b:7b:c8:e0:c7:9d:a0:9c:18:30:15:94:
7c:53:45:54:6d:b8:05:ff:d4:0e:af:13:8e:21:0a:50:c7:e8:
9b:da:5f:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw5/FJVeqBIrt/vR4M0pZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ0NWVhYjZmOWZkNzcxZTM1M2Q1N2FlMWEyZTRhNTEzMmYzNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLD9Jh6Jacj1eQVOhVv+TVWRUam0
dsApWf2XQC51W8fVuvaRpVzuPVrpaRByIDKBuiWKdeHTXo+V1fCRj78jFRDEvJTe
zNWxGtMWGTTzqFAw5SX8ol/pA3Z72cAPU9J9CG6NM6HpYBWYH+Rc8GNxVhhyZj2D
vq4AwtoACodMKMkkqNTWCw39URV25HsY6IQhMjo8LZMCYH/Gt27LZX9g/2HW4Kv5
QRLxy8dGHyqjUbz4Ozo/qcIsPkWA3D8JQGheCSTxcwrLe143q/KjRvgBtSF19b/9
9+0bM6lqfUC188P8zBO/bmQyB5qkPYGiljdOJfWC/lakMaAm/wjqSd52OwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEVEXqtvn9dx41PVeuGi5KUTLzWEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUlVSZXEyLWYxM0hqVTlWNjRhTGtwUk12TllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwApA
AwcAKg6xBxeIMA0GCSqGSIb3DQEBCwUAA4IBAQDFW3X5wie4wks8bFCj1I/tHMVT
7qQzfcL+X9lpNh244sKhip0C/4L1sbG5ZoRxtKAimLEeBrGr9VjCxaON+5zv4I4P
ibpDFC2kqSr9a/uelJxNTYbyF7LuFiBYX7n/lP6+n1OBTTwQBmi6XGCOvgJNr+/h
g0gwiPA0IJUBacEQOi/PZkCrCuxI3zQi1HyzINmy6/VgKunku5xNrmRmzdXVAPFm
qG4MmAWnHpKRAlxra0TJyehNXu1qC06ExM7IyVQuAatJXoluTUPk5dzo6sLILgwG
jGEp/Yxs3CPhxzd7e8jgx52gnBgwFZR8U0VUbbgF/9QOrxOOIQpQx+ib2l+B
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:59 2023 by rpki-client on console-ams.rpki-client.org